actions/ai-inference
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
295 Commits 1 Branch 25 Tags
v2.0.7
Commit Graph

295 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stephanie Giang
e09e659817 Merge pull request #173 from GitPaulo/main 
Support passing max_tokens and max_completion_tokens
v2 v2.0.7 		2026-02-24 10:40:15 -05:00
Paulo Santos
e608d2ba8a update dist 2026-02-15 00:26:15 +00:00
Paulo Santos
27965bc3a4 updated docs for missing prompt.yml model parameters 2026-02-15 00:23:47 +00:00
Paulo Santos
a8bddad5e5 update dist 2026-02-13 12:41:36 +00:00
Paulo Santos
672ba8a3ac missed comment 2026-02-13 12:38:48 +00:00
Paulo Santos
3a80d137e1 update comments 2026-02-13 12:36:47 +00:00
Paulo Santos
074e8b294d copilot review: add test for coverage of no params passed 2026-02-13 12:31:45 +00:00
Paulo Santos
f1ca66fc66 build dist 2026-02-13 12:16:03 +00:00
Paulo Santos
6360e0db9b implement passing two action input properties to cover all model scenarios 2026-02-13 12:15:12 +00:00
Stephanie Giang
a380166897 Merge pull request #170 from GitPaulo/gitpaulo/update-deprecated-max-tokens 
Update deprecated max_tokens to max_completion_tokens
v2.0.6 		2026-02-06 11:09:51 -05:00
Paulo Santos
b07a08c5eb generate dist 2026-02-04 21:30:14 +00:00
Paulo Santos
725fb1c850 update max_tokens to max_completion_tokens 2026-02-04 21:29:53 +00:00
Stephanie Giang
95f4a27227 Merge pull request #160 from actions/dependabot/npm_and_yarn/rollup/rollup-linux-x64-gnu-4.55.1 
chore(deps): bump @rollup/rollup-linux-x64-gnu from 4.52.5 to 4.55.1
 2026-02-04 16:04:14 -05:00
dependabot[bot]
b9877e2b39 chore(deps): bump @rollup/rollup-linux-x64-gnu from 4.52.5 to 4.55.1 
Bumps [@rollup/rollup-linux-x64-gnu](https://github.com/rollup/rollup) from 4.52.5 to 4.55.1.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.52.5...v4.55.1)

---
updated-dependencies:
- dependency-name: "@rollup/rollup-linux-x64-gnu"
  dependency-version: 4.55.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-04 21:00:34 +00:00
Stephanie Giang
29ac79522a Merge pull request #164 from actions/dependabot/npm_and_yarn/lodash-4.17.23 
chore(deps): bump lodash from 4.17.21 to 4.17.23
 2026-02-04 15:59:45 -05:00
Stephanie Giang
4ae036562a Merge branch 'main' into dependabot/npm_and_yarn/lodash-4.17.23 2026-02-04 15:59:12 -05:00
Stephanie Giang
268593b9a6 Merge pull request #168 from GitPaulo/gitpaulo/fork-add-temperature-topp-params 
Add model parameters temperature and topP to action inputs
 2026-02-04 15:58:13 -05:00
Paulo Santos
1171309110 refactor temperature/top-p parsing for clarity 2026-02-04 12:20:53 +00:00
Paulo Santos
71c69d42b5 document temperature and top-p inputs in readme 2026-02-04 12:12:24 +00:00
Paulo Santos
d51321a7a6 rebuild dist bundle 2026-02-04 12:12:19 +00:00
Paulo Santos
5b62ecd0dd add temperature and top-p input parameters 2026-02-04 12:12:14 +00:00
dependabot[bot]
eff4de28e3 chore(deps): bump lodash from 4.17.21 to 4.17.23 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.17.23)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-23 17:09:22 +00:00
Sean Goedecke
a6101c89c6 Merge pull request #163 from yg1996/add-custom-headers-support 
Add custom headers support for API Management integration
v2.0.5 		2026-01-19 17:28:08 +11:00
Yonatan Golick
15ae50ae2f Add CRLF injection protection for header values 
Implement security validation to prevent HTTP header injection attacks:
- Reject header values containing \r or \n characters
- Add comprehensive test coverage for CRLF protection
- Replace multiline YAML test with proper rejection test

Security improvements:
- Validates header values to prevent header injection
- Clear warning messages when values are rejected
- Four new test cases covering LF, CR, CRLF, and multiline scenarios

This addresses a critical security concern where malicious headers
could be injected via newline characters in header values.

All 84 tests passing.
 2026-01-18 12:19:43 +02:00
Yonatan Golick
f77380037b Update src/helpers.ts 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-01-18 11:59:12 +02:00
Yonatan Golick
6402ff8f9a Update README.md 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-01-18 11:58:58 +02:00
Yonatan Golick
c760995fbc Remove redundant feature documentation file 
Delete CUSTOM_HEADERS_FEATURE.md as the README.md already contains
comprehensive documentation for the custom headers feature. This
reduces documentation duplication and follows standard practice
of keeping feature docs in the README.
 2026-01-18 11:43:39 +02:00
Yonatan Golick
ce720b3d0c Fix header validation per RFC 7230 and add null check 
Address Copilot AI feedback:
- Remove underscore support from header names (RFC 7230 compliance)
- Add explicit null check for JSON parsing
- Update validation regex to /^[A-Za-z0-9-]+$/
- Add test case for null value handling
- Update documentation to clarify header name requirements

Changes:
- Header names now only accept alphanumeric characters and hyphens
- Improved error messages for invalid headers
- Added test for null JSON input
- Updated APIM example tests

All 81 tests passing.
 2026-01-18 11:35:18 +02:00
Yonatan Golick
6d144ac474 Add custom headers support for API Management integration 
This change adds support for custom HTTP headers in AI inference requests,
enabling integration with API Management platforms (Azure APIM, AWS API
Gateway, Kong, etc.) and custom request routing/tracking.

Features:
- New 'custom-headers' input supporting both YAML and JSON formats
- Auto-detection of input format for better UX
- Header name validation (alphanumeric, hyphens, underscores)
- Automatic masking of sensitive headers in logs
- Full backward compatibility (optional parameter)

Changes:
- Added parseCustomHeaders() function in helpers.ts
- Updated InferenceRequest interface with optional customHeaders field
- Modified simpleInference() and mcpInference() to pass headers to OpenAI client
- Added 18 comprehensive test cases
- Updated documentation with examples and use cases

All 80 tests passing. Zero breaking changes.
 2026-01-18 11:24:13 +02:00
Sarah Vessels
63993128d7 Merge pull request #51 from KyFaSt/patch-1 
Add Missing Languages to CodeQL Advanced Configuration
 2026-01-07 11:27:48 -06:00
Sarah Vessels
3dfda414c6 Merge branch 'main' into patch-1 2026-01-07 11:21:35 -06:00
Sarah Vessels
b99f473284 Merge pull request #152 from actions/dependabot/npm_and_yarn/express-5.2.1 
chore(deps): bump express from 5.1.0 to 5.2.1
 2026-01-07 11:11:33 -06:00
Sarah Vessels
acb23a78e0 Merge branch 'main' into dependabot/npm_and_yarn/express-5.2.1 2026-01-07 11:10:57 -06:00
Sarah Vessels
de9f3a655a Merge pull request #158 from actions/dependabot/npm_and_yarn/modelcontextprotocol/sdk-1.25.2 
chore(deps): bump @modelcontextprotocol/sdk from 1.24.0 to 1.25.2
 2026-01-07 11:09:33 -06:00
Sarah Vessels
38e68a8ffc licensed cache 2026-01-07 11:01:16 -06:00
Sarah Vessels
7012ba221f Merge branch 'main' into dependabot/npm_and_yarn/express-5.2.1 2026-01-07 11:00:24 -06:00
Sarah Vessels
185fd7e675 licensed cache 2026-01-07 10:57:30 -06:00
Sarah Vessels
d89080af40 npm run bundle 2026-01-07 10:57:20 -06:00
dependabot[bot]
6f1b0370bb chore(deps): bump @modelcontextprotocol/sdk from 1.24.0 to 1.25.2 
Bumps [@modelcontextprotocol/sdk](https://github.com/modelcontextprotocol/typescript-sdk) from 1.24.0 to 1.25.2.
- [Release notes](https://github.com/modelcontextprotocol/typescript-sdk/releases)
- [Commits](https://github.com/modelcontextprotocol/typescript-sdk/compare/1.24.0...v1.25.2)

---
updated-dependencies:
- dependency-name: "@modelcontextprotocol/sdk"
  dependency-version: 1.25.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-07 16:51:03 +00:00
Sarah Vessels
0a593b0c24 Merge pull request #149 from actions/dependabot/npm_and_yarn/body-parser-2.2.1 
chore(deps): bump body-parser from 2.2.0 to 2.2.1
 2026-01-06 14:12:53 -06:00
Sarah Vessels
214f0b0a68 Merge branch 'main' into dependabot/npm_and_yarn/body-parser-2.2.1 2026-01-06 14:12:17 -06:00
Sarah Vessels
812f8bb844 Merge pull request #144 from actions/dependabot/npm_and_yarn/js-yaml-4.1.1 
chore(deps): bump js-yaml from 4.1.0 to 4.1.1
 2026-01-06 14:11:41 -06:00
Sarah Vessels
de36aa9302 npm run bundle 2026-01-06 14:02:26 -06:00
Sarah Vessels
b99132354c Merge branch 'main' into dependabot/npm_and_yarn/js-yaml-4.1.1 2026-01-06 14:01:47 -06:00
Sarah Vessels
ad4351a3a2 npm run bundle 2026-01-06 13:57:11 -06:00
Sarah Vessels
146434d459 Merge pull request #153 from actions/dependabot/npm_and_yarn/modelcontextprotocol/sdk-1.24.0 
chore(deps): bump @modelcontextprotocol/sdk from 1.15.1 to 1.24.0
 2026-01-06 13:56:25 -06:00
Sarah Vessels
ce17fb5d9d licensed cache 2026-01-06 13:53:13 -06:00
Sarah Vessels
2ef8c2618e Merge branch 'main' into dependabot/npm_and_yarn/js-yaml-4.1.1 2026-01-06 13:52:50 -06:00
Sarah Vessels
eeef9fe1ab Merge branch 'main' into dependabot/npm_and_yarn/modelcontextprotocol/sdk-1.24.0 2026-01-06 13:51:06 -06:00
Sarah Vessels
82e525eb0f licensed cache 2026-01-06 13:47:43 -06:00