mirror: actions/deploy-pages@v3 (upstream 13b55b33dd)

Filtered minimal mirror — see /usr/local/bin/mol-mirror-action.sh. Provenance: https://github.com/actions/deploy-pages.git@13b55b33dd8996121833dbc1db458c793a334630
2026-05-10 07:07:21 -07:00
7 changed files with 10068 additions and 119560 deletions
@@ -1 +1 @@
-https://github.com/actions/deploy-pages.git@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128@2026-05-10T14:07:14Z
+https://github.com/actions/deploy-pages.git@13b55b33dd8996121833dbc1db458c793a334630@2026-05-10T14:07:14Z
@@ -6,11 +6,11 @@ This action is used to deploy [Actions artifacts][artifacts] to [GitHub Pages](h

 ## Usage

-See [action.yml](action.yml) for the various `inputs` this action supports (or [below](#inputs-📥)).
+See [action.yml](action.yml) for the various `inputs` this action supports.

 For examples that make use of this action, check out our [starter-workflows][starter-workflows] in a variety of frameworks.

-This action deploys a Pages site previously uploaded as an artifact (e.g. using [`actions/upload-pages-artifact`][upload-pages-artifact]).
+This action expects an artifact named `github-pages` to have been created prior to execution. This is done automatically when using [`actions/upload-pages-artifact`][upload-pages-artifact].

 We recommend this action to be used in a dedicated job:

@@ -41,7 +41,7 @@ jobs:
    steps:
      - name: Deploy to GitHub Pages
        id: deployment
-        uses: actions/deploy-pages@v4 # or specific "vX.X.X" version tag for this action
+        uses: actions/deploy-pages@v3 # or specific "vX.X.X" version tag for this action
 ```

 ### Inputs 📥
@@ -71,7 +71,7 @@ jobs:

 There are a few important considerations to be aware of:

-1. The artifact being deployed must have been uploaded in a previous step, either in the same job or a separate job that doesn't execute until the upload is complete. See [`actions/upload-pages-artifact`][upload-pages-artifact] for more information about the format of the artifact we expect.
+1. The artifact being deployed must have been uploaded in a previous step, either in the same job or a separate job that doesn't execute until the upload is complete.

 2. The job that executes the deployment must at minimum have the following permissions:
   - `pages: write`
@@ -83,19 +83,12 @@ There are a few important considerations to be aware of:

 5. If your Pages site is using GitHub Actions as the source, while not required we highly recommend you also [protect your environment][environment-protection] (we will configure it by default for you).

-## OIDC
-When we invoke a job using GitHub Actions the job requests an OIDC token from GitHub's OIDC provider which responds with a JSON web token (JWT). Each token is unique to each workflow job [learn more about OIDC tokens](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#understanding-the-oidc-token).
-
-OIDC tokens are minted within the context of a single job, and are used to form a trust relationship which validates properties of the workflow run against a third-party (e.g. cloud providers such as AWS or Azure). In the context of GitHub Pages, this is most relevant to ensure a workflow respects branch protection settings. To do this, the OIDC token includes a claim about which branch/ref is executing the workflow. The token is passed to the pages deployment API as part of the request payload, where it's decoded internally to validate the claims and verify if that workflow is allowed to deploy to pages.
-A common question regarding OIDC tokens is the need to use both `pages:write` and `id-token:write`. The pages permission relates to the `GITHUB_TOKEN` by giving it the permissions to create pages deployments when calling the GitHub API. The id-token permission is necessary to request the OIDC JWT token. For more information on the id-token, check the docs on [adding permissions settings](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers#adding-permissions-settings).
-
 ## Compatibility

 This action is primarily designed for use with GitHub.com's Actions workflows and Pages deployments. However, certain releases should also be compatible with GitHub Enterprise Server (GHES) `3.7` and above.

 | Release | GHES Compatibility |
 |:---|:---|
-| [`v4`](https://github.com/actions/deploy-pages/releases/tag/v4) | :warning: Incompatible at this time |
 | [`v3`](https://github.com/actions/deploy-pages/releases/tag/v3) | `>= 3.9` |
 | `v3.x.x` | `>= 3.9` |
 | [`v2`](https://github.com/actions/deploy-pages/releases/tag/v2) | `>= 3.9` |
@@ -2,7 +2,7 @@ name: 'Deploy GitHub Pages site'
 description: 'A GitHub Action to deploy an artifact as a GitHub Pages site'
 author: 'GitHub'
 runs:
-  using: 'node24'
+  using: 'node20'
  main: 'dist/index.js'
 inputs:
  token:
@@ -4,22 +4,22 @@
  "description": "Deploy an actions artifact to GitHub Pages",
  "main": "./dist/index.js",
  "dependencies": {
-    "@actions/artifact": "^2.1.8",
    "@actions/core": "^1.10.1",
    "@actions/github": "^6.0.0",
+    "@actions/http-client": "^2.2.0",
    "@octokit/request-error": "^5.0.1",
    "http-status-messages": "^1.1.0"
  },
  "devDependencies": {
    "@vercel/ncc": "^0.38.1",
-    "eslint": "^8.57.0",
+    "eslint": "^8.55.0",
    "eslint-config-prettier": "^9.1.0",
-    "eslint-plugin-github": "^4.10.2",
+    "eslint-plugin-github": "^4.10.1",
    "jest": "^29.7.0",
    "make-coverage-badge": "^1.2.0",
-    "nock": "^13.5.4",
-    "prettier": "^3.3.3",
-    "undici": "^6.19.2"
+    "nock": "^13.4.0",
+    "prettier": "^3.1.0",
+    "undici": "^6.0.0"
  },
  "scripts": {
    "all": "npm run format && npm run lint && npm run prepare && npm run test && npm run coverage-badge",