actions/create-github-app-token
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: actions:v2.0.1
Branches Tags
actions:main
actions:v3.1.1 actions:v3 actions:v3.1.0 actions:v3.0.0 actions:v3.0.0-beta.6 actions:v2.2.2 actions:v2 actions:v3.0.0-beta.5 actions:v3.0.0-beta.4 actions:v3.0.0-beta.3 actions:v2.2.1 actions:v2.2.0 actions:v2.1.4 actions:v2.1.3 actions:v2.1.2 actions:v3.0.0-beta.2 actions:v3.0.0-beta.1 actions:v2.1.1 actions:v2.1.0 actions:v2.0.6 actions:v2.0.5 actions:v2.0.4 actions:v2.0.3 actions:v2.0.2 actions:v2.0.1 actions:v2.0.0 actions:v1.12.0 actions:v1 actions:v1.11.7 actions:v1.11.6 actions:v1.11.5 actions:v1.11.4 actions:v1.11.3 actions:v1.11.2 actions:v1.11.1 actions:v1.11.0 actions:v1.10.4 actions:v1.10.3 actions:v1.10.2 actions:v1.10.1 actions:v1.10.0 actions:v1.9.3 actions:v1.9.2 actions:v1.9.1 actions:v1.9.0 actions:v1.8.2 actions:v1.8.1 actions:v1.8.0 actions:v1.7.0 actions:v1.6.4 actions:v1.6.3 actions:v1.6.2 actions:v1.6.1 actions:v1.6.0 actions:v1.5.1 actions:v1.5.0 actions:v1.4.0 actions:v1.3.0 actions:v1.2.2 actions:v1.2.1 actions:v1.2.0 actions:v1.1.5 actions:v1.1.4 actions:v1.1.3 actions:v1.1.2 actions:v1.1.1 actions:v1.1.0 actions:v1.0.5 actions:v1.0.4 actions:v1.0.3 actions:v1.0.2 actions:v1.0.1 actions:v1.0.0
..
compare: actions:v2.0.5
Branches Tags
actions:main
actions:v3.1.1 actions:v3 actions:v3.1.0 actions:v3.0.0 actions:v3.0.0-beta.6 actions:v2.2.2 actions:v2 actions:v3.0.0-beta.5 actions:v3.0.0-beta.4 actions:v3.0.0-beta.3 actions:v2.2.1 actions:v2.2.0 actions:v2.1.4 actions:v2.1.3 actions:v2.1.2 actions:v3.0.0-beta.2 actions:v3.0.0-beta.1 actions:v2.1.1 actions:v2.1.0 actions:v2.0.6 actions:v2.0.5 actions:v2.0.4 actions:v2.0.3 actions:v2.0.2 actions:v2.0.1 actions:v2.0.0 actions:v1.12.0 actions:v1 actions:v1.11.7 actions:v1.11.6 actions:v1.11.5 actions:v1.11.4 actions:v1.11.3 actions:v1.11.2 actions:v1.11.1 actions:v1.11.0 actions:v1.10.4 actions:v1.10.3 actions:v1.10.2 actions:v1.10.1 actions:v1.10.0 actions:v1.9.3 actions:v1.9.2 actions:v1.9.1 actions:v1.9.0 actions:v1.8.2 actions:v1.8.1 actions:v1.8.0 actions:v1.7.0 actions:v1.6.4 actions:v1.6.3 actions:v1.6.2 actions:v1.6.1 actions:v1.6.0 actions:v1.5.1 actions:v1.5.0 actions:v1.4.0 actions:v1.3.0 actions:v1.2.2 actions:v1.2.1 actions:v1.2.0 actions:v1.1.5 actions:v1.1.4 actions:v1.1.3 actions:v1.1.2 actions:v1.1.1 actions:v1.1.0 actions:v1.0.5 actions:v1.0.4 actions:v1.0.3 actions:v1.0.2 actions:v1.0.1 actions:v1.0.0

13 Commits
v2.0.1 ... v2.0.5

Author SHA1 Message Date
semantic-release-bot
db3cdf4098 build(release): 2.0.5 [skip ci] 
## [2.0.5](https://github.com/actions/create-github-app-token/compare/v2.0.4...v2.0.5) (2025-05-02)

### Bug Fixes

* **deps:** bump the production-dependencies group with 3 updates ([#240](https://github.com/actions/create-github-app-token/issues/240)) ([d64d7d7](d64d7d7355))
 2025-05-02 19:17:49 +00:00
dependabot[bot]
d64d7d7355 fix(deps): bump the production-dependencies group with 3 updates (#240) 
Bumps the production-dependencies group with 3 updates:
[@octokit/auth-app](https://github.com/octokit/auth-app.js),
[@octokit/request](https://github.com/octokit/request.js) and
[undici](https://github.com/nodejs/undici).

Updates `@octokit/auth-app` from 7.2.0 to 7.2.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/octokit/auth-app.js/releases"><code>@​octokit/auth-app</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v7.2.1</h2>
<h2><a
href="https://github.com/octokit/auth-app.js/compare/v7.2.0...v7.2.1">7.2.1</a>
(2025-04-10)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> update dependency
<code>@​octokit/types</code> to v14 (<a
href="https://redirect.github.com/octokit/auth-app.js/issues/694">#694</a>)
(<a
href="9c2e714154">9c2e714</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9c2e714154"><code>9c2e714</code></a>
fix(deps): update dependency <code>@​octokit/types</code> to v14 (<a
href="https://redirect.github.com/octokit/auth-app.js/issues/694">#694</a>)</li>
<li><a
href="834b994238"><code>834b994</code></a>
build(deps-dev): bump vite from 6.2.2 to 6.2.5 (<a
href="https://redirect.github.com/octokit/auth-app.js/issues/693">#693</a>)</li>
<li><a
href="04a0ad40fb"><code>04a0ad4</code></a>
build(deps): lock file maintenance (<a
href="https://redirect.github.com/octokit/auth-app.js/issues/690">#690</a>)</li>
<li>See full diff in <a
href="https://github.com/octokit/auth-app.js/compare/v7.2.0...v7.2.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `@octokit/request` from 9.2.2 to 9.2.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/octokit/request.js/releases"><code>@​octokit/request</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v9.2.3</h2>
<h2><a
href="https://github.com/octokit/request.js/compare/v9.2.2...v9.2.3">9.2.3</a>
(2025-04-10)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> update dependency
<code>@​octokit/types</code> to v14 (<a
href="https://redirect.github.com/octokit/request.js/issues/753">#753</a>)
(<a
href="7d576b003a">7d576b0</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7d576b003a"><code>7d576b0</code></a>
fix(deps): update dependency <code>@​octokit/types</code> to v14 (<a
href="https://redirect.github.com/octokit/request.js/issues/753">#753</a>)</li>
<li><a
href="c9bfc379fd"><code>c9bfc37</code></a>
build(deps): bump vite from 6.1.0 to 6.2.5 (<a
href="https://redirect.github.com/octokit/request.js/issues/750">#750</a>)</li>
<li><a
href="f7b961620b"><code>f7b9616</code></a>
ci(prettier): use Node LTS instead of Node 16 (<a
href="https://redirect.github.com/octokit/request.js/issues/748">#748</a>)</li>
<li><a
href="1955847202"><code>1955847</code></a>
chore(deps): update dependency prettier to v3.5.3 (<a
href="https://redirect.github.com/octokit/request.js/issues/745">#745</a>)</li>
<li><a
href="b71107bc50"><code>b71107b</code></a>
chore(deps): update dependency
semantic-release-plugin-update-version-in-file...</li>
<li><a
href="c8559437d1"><code>c855943</code></a>
chore(deps): update dependency prettier to v3.5.2 (<a
href="https://redirect.github.com/octokit/request.js/issues/743">#743</a>)</li>
<li>See full diff in <a
href="https://github.com/octokit/request.js/compare/v9.2.2...v9.2.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `undici` from 7.7.0 to 7.8.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nodejs/undici/releases">undici's
releases</a>.</em></p>
<blockquote>
<h2>v7.8.0</h2>
<h2>What's Changed</h2>
<ul>
<li>cache: more efficient sqlite indices by <a
href="https://github.com/ronag"><code>@​ronag</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4142">nodejs/undici#4142</a></li>
<li>skip now failing wpts by <a
href="https://github.com/mcollina"><code>@​mcollina</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4145">nodejs/undici#4145</a></li>
<li>apply some sqlite pragma optimizations by <a
href="https://github.com/ronag"><code>@​ronag</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4147">nodejs/undici#4147</a></li>
<li>types(websocket): Import from stream/web by <a
href="https://github.com/Jiralite"><code>@​Jiralite</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4038">nodejs/undici#4038</a></li>
<li>cache: don't check size if not necessary by <a
href="https://github.com/ronag"><code>@​ronag</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4140">nodejs/undici#4140</a></li>
<li>docs: fix inteceptors typo by <a
href="https://github.com/dario-piotrowicz"><code>@​dario-piotrowicz</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/4151">nodejs/undici#4151</a></li>
<li>Update WPT by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/4141">nodejs/undici#4141</a></li>
<li>build(deps-dev): bump esbuild from 0.24.2 to 0.25.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/4130">nodejs/undici#4130</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Jiralite"><code>@​Jiralite</code></a>
made their first contribution in <a
href="https://redirect.github.com/nodejs/undici/pull/4038">nodejs/undici#4038</a></li>
<li><a
href="https://github.com/dario-piotrowicz"><code>@​dario-piotrowicz</code></a>
made their first contribution in <a
href="https://redirect.github.com/nodejs/undici/pull/4151">nodejs/undici#4151</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v7.7.0...v7.8.0">https://github.com/nodejs/undici/compare/v7.7.0...v7.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6ea61af38a"><code>6ea61af</code></a>
Bumped v7.8.0 (<a
href="https://redirect.github.com/nodejs/undici/issues/4154">#4154</a>)</li>
<li><a
href="c29be3b627"><code>c29be3b</code></a>
build(deps-dev): bump esbuild from 0.24.2 to 0.25.2 (<a
href="https://redirect.github.com/nodejs/undici/issues/4130">#4130</a>)</li>
<li><a
href="a113b90344"><code>a113b90</code></a>
chore: update WPT (<a
href="https://redirect.github.com/nodejs/undici/issues/4141">#4141</a>)</li>
<li><a
href="9dd11b8c61"><code>9dd11b8</code></a>
docs: fix inteceptors typo (<a
href="https://redirect.github.com/nodejs/undici/issues/4151">#4151</a>)</li>
<li><a
href="03c497c565"><code>03c497c</code></a>
cache: don't check size if not necessary (<a
href="https://redirect.github.com/nodejs/undici/issues/4140">#4140</a>)</li>
<li><a
href="d2be897cc1"><code>d2be897</code></a>
types(websocket): Import from stream/web (<a
href="https://redirect.github.com/nodejs/undici/issues/4038">#4038</a>)</li>
<li><a
href="c8acc814ed"><code>c8acc81</code></a>
apply some sqlite pragma optimizations (<a
href="https://redirect.github.com/nodejs/undici/issues/4147">#4147</a>)</li>
<li><a
href="e0058a7240"><code>e0058a7</code></a>
skip now failing tests (<a
href="https://redirect.github.com/nodejs/undici/issues/4145">#4145</a>)</li>
<li><a
href="8a5de7cdad"><code>8a5de7c</code></a>
cache: more efficient sqlite indices (<a
href="https://redirect.github.com/nodejs/undici/issues/4142">#4142</a>)</li>
<li>See full diff in <a
href="https://github.com/nodejs/undici/compare/v7.7.0...v7.8.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-02 12:17:17 -07:00
dependabot[bot]
1b6f53e48e build(deps-dev): bump the development-dependencies group across 1 directory with 3 updates (#244) 
Bumps the development-dependencies group with 3 updates in the /
directory: [ava](https://github.com/avajs/ava),
[dotenv](https://github.com/motdotla/dotenv) and
[esbuild](https://github.com/evanw/esbuild).

Updates `ava` from 6.2.0 to 6.3.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/avajs/ava/releases">ava's
releases</a>.</em></p>
<blockquote>
<h2>v6.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update dependencies, addressing <code>npm audit</code> warnings by
<a
href="https://github.com/novemberborn"><code>@​novemberborn</code></a>
in <a
href="https://redirect.github.com/avajs/ava/pull/3377">avajs/ava#3377</a></li>
<li>Do not count writes to stdout/stderr as non-idling activity for
timeouts by <a
href="https://github.com/mdouglass"><code>@​mdouglass</code></a> in <a
href="https://redirect.github.com/avajs/ava/pull/3374">avajs/ava#3374</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mdouglass"><code>@​mdouglass</code></a>
made their first contribution in <a
href="https://redirect.github.com/avajs/ava/pull/3374">avajs/ava#3374</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/avajs/ava/compare/v6.2.0...v6.3.0">https://github.com/avajs/ava/compare/v6.2.0...v6.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ca4240db7f"><code>ca4240d</code></a>
6.3.0</li>
<li><a
href="f243cab3b3"><code>f243cab</code></a>
Do not count writes to stdout/stderr as non-idling activity for
timeouts</li>
<li><a
href="4abb780b5b"><code>4abb780</code></a>
Update dependencies</li>
<li>See full diff in <a
href="https://github.com/avajs/ava/compare/v6.2.0...v6.3.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `dotenv` from 16.4.7 to 16.5.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md">dotenv's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/motdotla/dotenv/compare/v16.4.7...v16.5.0">16.5.0</a>
(2025-04-07)</h2>
<h3>Added</h3>
<ul>
<li>🎉 Added new sponsor <a
href="https://graphite.dev/?utm_source=github&amp;utm_medium=repo&amp;utm_campaign=dotenv">Graphite</a>
- <em>the AI developer productivity platform helping teams on GitHub
ship higher quality software, faster</em>.</li>
</ul>
<blockquote>
<p>[!TIP]
<strong><a href="https://github.com/sponsors/motdotla">Become a
sponsor</a></strong></p>
<p>The dotenvx README is viewed thousands of times DAILY on GitHub and
NPM.
Sponsoring dotenv is a great way to get in front of developers and give
back to the developer community at the same time.</p>
</blockquote>
<h3>Changed</h3>
<ul>
<li>Remove <code>_log</code> method. Use <code>_debug</code> <a
href="https://redirect.github.com/motdotla/dotenv/pull/862">#862</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d39cc9a94e"><code>d39cc9a</code></a>
16.5.0</li>
<li><a
href="2f4e407c73"><code>2f4e407</code></a>
Merge pull request <a
href="https://redirect.github.com/motdotla/dotenv/issues/863">#863</a>
from Fdawgs/patch-1</li>
<li><a
href="a1eef11a70"><code>a1eef11</code></a>
chore(package): add homepage url</li>
<li><a
href="fb7e407892"><code>fb7e407</code></a>
README update</li>
<li><a
href="bf9113fad6"><code>bf9113f</code></a>
README update</li>
<li><a
href="9326f05f95"><code>9326f05</code></a>
changelog 🪵</li>
<li><a
href="2e8da3018a"><code>2e8da30</code></a>
changelog 🪵</li>
<li><a
href="3257b3adaf"><code>3257b3a</code></a>
changelog 🪵</li>
<li><a
href="c0ca62c841"><code>c0ca62c</code></a>
changelog 🪵</li>
<li><a
href="797c5e9d6e"><code>797c5e9</code></a>
changelog 🪵</li>
<li>Additional commits viewable in <a
href="https://github.com/motdotla/dotenv/compare/v16.4.7...v16.5.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `esbuild` from 0.25.2 to 0.25.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/releases">esbuild's
releases</a>.</em></p>
<blockquote>
<h2>v0.25.3</h2>
<ul>
<li>
<p>Fix lowered <code>async</code> arrow functions before
<code>super()</code> (<a
href="https://redirect.github.com/evanw/esbuild/issues/4141">#4141</a>,
<a
href="https://redirect.github.com/evanw/esbuild/pull/4142">#4142</a>)</p>
<p>This change makes it possible to call an <code>async</code> arrow
function in a constructor before calling <code>super()</code> when
targeting environments without <code>async</code> support, as long as
the function body doesn't reference <code>this</code>. Here's an example
(notice the change from <code>this</code> to <code>null</code>):</p>
<pre lang="js"><code>// Original code
class Foo extends Object {
  constructor() {
    (async () =&gt; await foo())()
    super()
  }
}
<p>// Old output (with --target=es2016)<br />
class Foo extends Object {<br />
constructor() {<br />
(() =&gt; __async(this, null, function* () {<br />
return yield foo();<br />
}))();<br />
super();<br />
}<br />
}</p>
<p>// New output (with --target=es2016)<br />
class Foo extends Object {<br />
constructor() {<br />
(() =&gt; __async(null, null, function* () {<br />
return yield foo();<br />
}))();<br />
super();<br />
}<br />
}<br />
</code></pre></p>
<p>Some background: Arrow functions with the <code>async</code> keyword
are transformed into generator functions for older language targets such
as <code>--target=es2016</code>. Since arrow functions capture
<code>this</code>, the generated code forwards <code>this</code> into
the body of the generator function. However, JavaScript class syntax
forbids using <code>this</code> in a constructor before calling
<code>super()</code>, and this forwarding was problematic since
previously happened even when the function body doesn't use
<code>this</code>. Starting with this release, esbuild will now only
forward <code>this</code> if it's used within the function body.</p>
<p>This fix was contributed by <a
href="https://github.com/magic-akari"><code>@​magic-akari</code></a>.</p>
</li>
<li>
<p>Fix memory leak with <code>--watch=true</code> (<a
href="https://redirect.github.com/evanw/esbuild/issues/4131">#4131</a>,
<a
href="https://redirect.github.com/evanw/esbuild/pull/4132">#4132</a>)</p>
<p>This release fixes a memory leak with esbuild when
<code>--watch=true</code> is used instead of <code>--watch</code>.
Previously using <code>--watch=true</code> caused esbuild to continue to
use more and more memory for every rebuild, but
<code>--watch=true</code> should now behave like <code>--watch</code>
and not leak memory.</p>
<p>This bug happened because esbuild disables the garbage collector when
it's not run as a long-lived process for extra speed, but esbuild's
checks for which arguments cause esbuild to be a long-lived process
weren't updated for the new <code>--watch=true</code> style of boolean
command-line flags. This has been an issue since this boolean flag
syntax was added in version 0.14.24 in 2022. These checks are
unfortunately separate from the regular argument parser because of how
esbuild's internals are organized (the command-line interface is exposed
as a separate <a
href="https://pkg.go.dev/github.com/evanw/esbuild/pkg/cli">Go API</a> so
you can build your own custom esbuild CLI).</p>
<p>This fix was contributed by <a
href="https://github.com/mxschmitt"><code>@​mxschmitt</code></a>.</p>
</li>
<li>
<p>More concise output for repeated legal comments (<a
href="https://redirect.github.com/evanw/esbuild/issues/4139">#4139</a>)</p>
<p>Some libraries have many files and also use the same legal comment
text in all files. Previously esbuild would copy each legal comment to
the output file. Starting with this release, legal comments duplicated
across separate files will now be grouped in the output file by unique
comment content.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/evanw/esbuild/blob/main/CHANGELOG.md">esbuild's
changelog</a>.</em></p>
<blockquote>
<h2>0.25.3</h2>
<ul>
<li>
<p>Fix lowered <code>async</code> arrow functions before
<code>super()</code> (<a
href="https://redirect.github.com/evanw/esbuild/issues/4141">#4141</a>,
<a
href="https://redirect.github.com/evanw/esbuild/pull/4142">#4142</a>)</p>
<p>This change makes it possible to call an <code>async</code> arrow
function in a constructor before calling <code>super()</code> when
targeting environments without <code>async</code> support, as long as
the function body doesn't reference <code>this</code>. Here's an example
(notice the change from <code>this</code> to <code>null</code>):</p>
<pre lang="js"><code>// Original code
class Foo extends Object {
  constructor() {
    (async () =&gt; await foo())()
    super()
  }
}
<p>// Old output (with --target=es2016)<br />
class Foo extends Object {<br />
constructor() {<br />
(() =&gt; __async(this, null, function* () {<br />
return yield foo();<br />
}))();<br />
super();<br />
}<br />
}</p>
<p>// New output (with --target=es2016)<br />
class Foo extends Object {<br />
constructor() {<br />
(() =&gt; __async(null, null, function* () {<br />
return yield foo();<br />
}))();<br />
super();<br />
}<br />
}<br />
</code></pre></p>
<p>Some background: Arrow functions with the <code>async</code> keyword
are transformed into generator functions for older language targets such
as <code>--target=es2016</code>. Since arrow functions capture
<code>this</code>, the generated code forwards <code>this</code> into
the body of the generator function. However, JavaScript class syntax
forbids using <code>this</code> in a constructor before calling
<code>super()</code>, and this forwarding was problematic since
previously happened even when the function body doesn't use
<code>this</code>. Starting with this release, esbuild will now only
forward <code>this</code> if it's used within the function body.</p>
<p>This fix was contributed by <a
href="https://github.com/magic-akari"><code>@​magic-akari</code></a>.</p>
</li>
<li>
<p>Fix memory leak with <code>--watch=true</code> (<a
href="https://redirect.github.com/evanw/esbuild/issues/4131">#4131</a>,
<a
href="https://redirect.github.com/evanw/esbuild/pull/4132">#4132</a>)</p>
<p>This release fixes a memory leak with esbuild when
<code>--watch=true</code> is used instead of <code>--watch</code>.
Previously using <code>--watch=true</code> caused esbuild to continue to
use more and more memory for every rebuild, but
<code>--watch=true</code> should now behave like <code>--watch</code>
and not leak memory.</p>
<p>This bug happened because esbuild disables the garbage collector when
it's not run as a long-lived process for extra speed, but esbuild's
checks for which arguments cause esbuild to be a long-lived process
weren't updated for the new <code>--watch=true</code> style of boolean
command-line flags. This has been an issue since this boolean flag
syntax was added in version 0.14.24 in 2022. These checks are
unfortunately separate from the regular argument parser because of how
esbuild's internals are organized (the command-line interface is exposed
as a separate <a
href="https://pkg.go.dev/github.com/evanw/esbuild/pkg/cli">Go API</a> so
you can build your own custom esbuild CLI).</p>
<p>This fix was contributed by <a
href="https://github.com/mxschmitt"><code>@​mxschmitt</code></a>.</p>
</li>
<li>
<p>More concise output for repeated legal comments (<a
href="https://redirect.github.com/evanw/esbuild/issues/4139">#4139</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="677910b073"><code>677910b</code></a>
publish 0.25.3 to npm</li>
<li><a
href="a41040efdb"><code>a41040e</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/4110">#4110</a>:
support custom non-IP <code>host</code> values</li>
<li><a
href="dfe0e1c632"><code>dfe0e1c</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/4114">#4114</a>:
add a limit to css nesting expansion</li>
<li><a
href="a54916b92c"><code>a54916b</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/4139">#4139</a>:
deduplicate repeated legal comments</li>
<li><a
href="dc60e6025d"><code>dc60e60</code></a>
run <code>make update-compat-table</code></li>
<li><a
href="d917038c97"><code>d917038</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/4144">#4144</a>:
node path resolution edge case</li>
<li><a
href="7ed168403b"><code>7ed1684</code></a>
fix <a
href="https://redirect.github.com/evanw/esbuild/issues/4141">#4141</a>:
Avoid redundant <code>this</code> access during async function lowering
(<a
href="https://redirect.github.com/evanw/esbuild/issues/4142">#4142</a>)</li>
<li><a
href="edc3a23438"><code>edc3a23</code></a>
docs(dev): update alias command for <code>make test-go</code> (<a
href="https://redirect.github.com/evanw/esbuild/issues/4113">#4113</a>)</li>
<li><a
href="1ee8b6717e"><code>1ee8b67</code></a>
workaround <code>process.exit()</code> not exiting in node</li>
<li><a
href="5c56e0737c"><code>5c56e07</code></a>
changelog note with credit for the fix</li>
<li>Additional commits viewable in <a
href="https://github.com/evanw/esbuild/compare/v0.25.2...v0.25.3">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-02 12:10:06 -07:00
dependabot[bot]
061a84d5f5 build(deps-dev): bump @octokit/openapi from 18.2.0 to 19.0.0 (#242) 
Bumps [@octokit/openapi](https://github.com/octokit/openapi) from 18.2.0
to 19.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/octokit/openapi/releases"><code>@​octokit/openapi</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v19.0.0</h2>
<h1><a
href="https://github.com/octokit/openapi/compare/v18.2.0...v19.0.0">19.0.0</a>
(2025-04-09)</h1>
<h3>Features</h3>
<ul>
<li>new <code>/orgs/{org}/campaigns</code>,
<code>/orgs/{org}/campaigns/{campaign_number}</code> endpoints, remove
Copilot usage endpoints, description updates, remove GHES 3.12 (<a
href="https://redirect.github.com/octokit/openapi/issues/491">#491</a>)
(<a
href="709a8f01d5">709a8f0</a>)</li>
</ul>
<h3>BREAKING CHANGES</h3>
<ul>
<li>Drop GHES 3.12</li>
<li>Remove Copilot usage endpoints</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="709a8f01d5"><code>709a8f0</code></a>
feat: new <code>/orgs/{org}/campaigns</code>,
<code>/orgs/{org}/campaigns/{campaign_number}</code> ...</li>
<li><a
href="329c7ebe37"><code>329c7eb</code></a>
ci(action): update actions/create-github-app-token action to v2 (<a
href="https://redirect.github.com/octokit/openapi/issues/490">#490</a>)</li>
<li><a
href="e2e9e6ede2"><code>e2e9e6e</code></a>
ci: replace <code>OCTOKITBOT_PROJECT_ACTION_TOKEN</code> and
<code>OCTOKITBOT_PAT</code> with a tok...</li>
<li><a
href="d59338c42c"><code>d59338c</code></a>
build(deps): lock file maintenance (<a
href="https://redirect.github.com/octokit/openapi/issues/488">#488</a>)</li>
<li>See full diff in <a
href="https://github.com/octokit/openapi/compare/v18.2.0...v19.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@octokit/openapi&package-manager=npm_and_yarn&previous-version=18.2.0&new-version=19.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-02 12:07:09 -07:00
dependabot[bot]
c8f34a61a8 build(deps): bump stefanzweifel/git-auto-commit-action from 5.1.0 to 5.2.0 in the github-actions group (#239) 
Bumps the github-actions group with 1 update:
[stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action).

Updates `stefanzweifel/git-auto-commit-action` from 5.1.0 to 5.2.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stefanzweifel/git-auto-commit-action/releases">stefanzweifel/git-auto-commit-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.2.0</h2>
<h2>Added</h2>
<ul>
<li>Add <code>create_git_tag_only</code> option to skip commiting and
always create a git-tag. (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/364">#364</a>)
<a href="https://github.com/@zMynxx"><code>@​zMynxx</code></a></li>
<li>Add Test for <code>create_git_tag_only</code> feature (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/367">#367</a>)
<a
href="https://github.com/@stefanzweifel"><code>@​stefanzweifel</code></a></li>
</ul>
<h2>Fixed</h2>
<ul>
<li>docs: Update README.md per <a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/issues/354">#354</a>
(<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/361">#361</a>)
<a href="https://github.com/@rasa"><code>@​rasa</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md">stefanzweifel/git-auto-commit-action's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a
href="http://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>
and this project adheres to <a
href="http://semver.org/spec/v2.0.0.html">Semantic Versioning</a>.</p>
<h2><a
href="https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.2.0...HEAD">Unreleased</a></h2>
<blockquote>
<p>TBD</p>
</blockquote>
<h2><a
href="https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.1.0...v5.2.0">v5.2.0</a>
- 2025-04-19</h2>
<h3>Added</h3>
<ul>
<li>Add <code>create_git_tag_only</code> option to skip commiting and
always create a git-tag. (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/364">#364</a>)
<a href="https://github.com/@zMynxx"><code>@​zMynxx</code></a></li>
<li>Add Test for <code>create_git_tag_only</code> feature (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/367">#367</a>)
<a
href="https://github.com/@stefanzweifel"><code>@​stefanzweifel</code></a></li>
</ul>
<h3>Fixed</h3>
<ul>
<li>docs: Update README.md per <a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/issues/354">#354</a>
(<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/361">#361</a>)
<a href="https://github.com/@rasa"><code>@​rasa</code></a></li>
</ul>
<h2><a
href="https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.1...v5.1.0">v5.1.0</a>
- 2025-01-11</h2>
<h3>Changed</h3>
<ul>
<li>Include <code>github.actor_id</code> in default
<code>commit_author</code> (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/354">#354</a>)
<a
href="https://github.com/@parkerbxyz"><code>@​parkerbxyz</code></a></li>
</ul>
<h3>Fixed</h3>
<ul>
<li>docs(README): fix broken protected branch docs link (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/346">#346</a>)
<a href="https://github.com/@scarf005"><code>@​scarf005</code></a></li>
<li>Update README.md (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/343">#343</a>)
<a href="https://github.com/@Kludex"><code>@​Kludex</code></a></li>
</ul>
<h3>Dependency Updates</h3>
<ul>
<li>Bump bats from 1.11.0 to 1.11.1 (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/353">#353</a>)
<a
href="https://github.com/@dependabot"><code>@​dependabot</code></a></li>
<li>Bump github/super-linter from 6 to 7 (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/342">#342</a>)
<a
href="https://github.com/@dependabot"><code>@​dependabot</code></a></li>
<li>Bump github/super-linter from 5 to 6 (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/335">#335</a>)
<a
href="https://github.com/@dependabot"><code>@​dependabot</code></a></li>
</ul>
<h2><a
href="https://github.com/stefanzweifel/git-auto-commit-action/compare/v5.0.0...v5.0.1">v5.0.1</a>
- 2024-04-12</h2>
<h3>Fixed</h3>
<ul>
<li>Fail if attempting to execute git commands in a directory that is
not a git-repo. (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/326">#326</a>)
<a
href="https://github.com/@ccomendant"><code>@​ccomendant</code></a></li>
</ul>
<h3>Dependency Updates</h3>
<ul>
<li>Bump bats from 1.10.0 to 1.11.0 (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/325">#325</a>)
<a
href="https://github.com/@dependabot"><code>@​dependabot</code></a></li>
<li>Bump release-drafter/release-drafter from 5 to 6 (<a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/pull/319">#319</a>)
<a
href="https://github.com/@dependabot"><code>@​dependabot</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b863ae1933"><code>b863ae1</code></a>
Merge pull request <a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/issues/367">#367</a>
from stefanzweifel/stefanzweifel/git_tag_only_changes</li>
<li><a
href="adb37b5a29"><code>adb37b5</code></a>
Update README</li>
<li><a
href="8480c68cbb"><code>8480c68</code></a>
Add Tests</li>
<li><a
href="4f8f3ad16e"><code>4f8f3ad</code></a>
Rename Input and add output</li>
<li><a
href="11a6e5f38f"><code>11a6e5f</code></a>
Merge pull request <a
href="https://redirect.github.com/stefanzweifel/git-auto-commit-action/issues/364">#364</a>
from zmynx/master</li>
<li><a
href="35d037abf5"><code>35d037a</code></a>
Update README.md</li>
<li><a
href="bf425dc136"><code>bf425dc</code></a>
Merge branch 'master' into master</li>
<li><a
href="cfd6ac4a3b"><code>cfd6ac4</code></a>
Update git-auto-commit.bats</li>
<li><a
href="19379b46c9"><code>19379b4</code></a>
Update git-auto-commit.bats</li>
<li><a
href="12e100dacb"><code>12e100d</code></a>
Update entrypoint.sh</li>
<li>Additional commits viewable in <a
href="e348103e90...b863ae1933">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=stefanzweifel/git-auto-commit-action&package-manager=github_actions&previous-version=5.1.0&new-version=5.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-02 12:05:44 -07:00
semantic-release-bot
4821f52fa7 build(release): 2.0.4 [skip ci] 
## [2.0.4](https://github.com/actions/create-github-app-token/compare/v2.0.3...v2.0.4) (2025-05-02)

### Bug Fixes

* permission input handling ([#243](https://github.com/actions/create-github-app-token/issues/243)) ([2950cbc](2950cbc446))
 2025-05-02 18:44:32 +00:00
Parker Brown
2950cbc446 fix: permission input handling (#243) 
This pull request fixes the handling of permissions inputs.

- Updated `getPermissionsFromInputs` in
`lib/get-permissions-from-inputs.js` to use hyphens
(`INPUT_PERMISSION-`) instead of underscores (`INPUT_PERMISSION_`) in
input keys, added a check to skip empty values, and clarified behavior
when no permissions are set.
- Added a `shouldRetry` function to retry requests when server errors
(HTTP status 500 or higher) occur in the `main` function in
`lib/main.js` to prevent unnecessary retries.
- Updated test cases in `tests/main-token-permissions-set.test.js` to
match the new input key format with hyphens.
- Added a default empty string for unset inputs (e.g.,
`INPUT_PERMISSION-ADMINISTRATION`) in `tests/main.js` to simulate the
behavior of the Actions runner.
- Updated snapshots in `tests/snapshots/index.js.md` to reflect the
updated hyphenated input keys in permissions.

---------

Co-authored-by: Gregor Martynus <39992+gr2m@users.noreply.github.com>
 2025-05-02 11:44:01 -07:00
semantic-release-bot
30bf6253fa build(release): 2.0.3 [skip ci] 
## [2.0.3](https://github.com/actions/create-github-app-token/compare/v2.0.2...v2.0.3) (2025-05-01)

### Bug Fixes

* **README:** use `v2` in examples ([#234](https://github.com/actions/create-github-app-token/issues/234)) ([9ba274d](9ba274d954)), closes [#232](https://github.com/actions/create-github-app-token/issues/232)
* use `core.getBooleanInput()` to retrieve boolean input values ([#223](https://github.com/actions/create-github-app-token/issues/223)) ([c3c17c7](c3c17c79cc))
 2025-05-01 15:34:52 +00:00
Yuta Kasai
c3c17c79cc fix: use core.getBooleanInput() to retrieve boolean input values (#223) 
This PR switches from evaluating values passed to `skip-token-revoke` as
true if they are truthy in JavaScript, to using `getBooleanInput`. This
change ensures that only proper YAML boolean values are recognized,
preventing unintended evaluations to true.
- The definition of `getBooleanInput` is here: definition of
`core#getBooealnInput` is here:
930c890727/packages/core/src/core.ts (L188-L208)

The documentation states, `"If truthy, the token will not be revoked
when the current job is complete"`, so this change could be considered a
breaking change. This means that if there are users who rely on `truthy`
and expect values like whitespace or `"false"` to be evaluated as true
(though this is likely rare), it would be a breaking change.
- `Boolean(" ")` and `Boolean("false")` are both evaluated as true.

Alternatively, it can simply be considered a fix. How to handle this is
up to the maintainer.

Resolves https://github.com/actions/create-github-app-token/issues/216
 2025-04-25 11:59:34 -07:00
CarolMebiom
9ba274d954 fix(README): use v2 in examples (#234) 
Fixes #232
 2025-04-25 11:32:06 -07:00
nakatani-yo
a3c826a204 docs: fix typo in CONTRIBUTING.md (#233) 2025-04-10 11:39:20 -07:00
semantic-release-bot
3ff1caaa28 build(release): 2.0.2 [skip ci] 
## [2.0.2](https://github.com/actions/create-github-app-token/compare/v2.0.1...v2.0.2) (2025-04-03)

### Bug Fixes

* improve log messages for token creation ([#226](https://github.com/actions/create-github-app-token/issues/226)) ([eaef294](eaef29498f))
 2025-04-03 22:54:20 +00:00
Parker Brown
eaef29498f fix: improve log messages for token creation (#226) 
Updated log messages to provide clearer and more consistent information.
 2025-04-03 15:53:46 -07:00
20 changed files with 500 additions and 561 deletions
Expand all files Collapse all files

2
.github/workflows/update-permission-inputs.yml vendored
View File

@@ -28,6 +28,6 @@ jobs:
- name: Run permission inputs update script - name: Run permission inputs update script
run: node scripts/update-permission-inputs.js run: node scripts/update-permission-inputs.js
- name: Commit changes - name: Commit changes
uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403 # v5.2.0
with: with:
commit_message: 'feat: update permission inputs' commit_message: 'feat: update permission inputs'

2
CONTRIBUTING.md
View File

@@ -12,4 +12,4 @@ Run tests locally
npm test npm test
``` ```
Learn more about how the tests work in [test/README.md](test/README.md). Learn more about how the tests work in [tests/README.md](tests/README.md).

26
README.md
View File

@@ -28,7 +28,7 @@ jobs:
hello-world: hello-world:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/create-github-app-token@v1 - uses: actions/create-github-app-token@v2
id: app-token id: app-token
with: with:
app-id: ${{ vars.APP_ID }} app-id: ${{ vars.APP_ID }}
@@ -47,7 +47,7 @@ jobs:
auto-format: auto-format:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/create-github-app-token@v1 - uses: actions/create-github-app-token@v2
id: app-token id: app-token
with: with:
# required # required
@@ -73,7 +73,7 @@ jobs:
auto-format: auto-format:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/create-github-app-token@v1 - uses: actions/create-github-app-token@v2
id: app-token id: app-token
with: with:
# required # required
@@ -98,7 +98,7 @@ jobs:
auto-format: auto-format:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/create-github-app-token@v1 - uses: actions/create-github-app-token@v2
id: app-token id: app-token
with: with:
# required # required
@@ -135,7 +135,7 @@ jobs:
hello-world: hello-world:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/create-github-app-token@v1 - uses: actions/create-github-app-token@v2
id: app-token id: app-token
with: with:
app-id: ${{ vars.APP_ID }} app-id: ${{ vars.APP_ID }}
@@ -157,7 +157,7 @@ jobs:
hello-world: hello-world:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/create-github-app-token@v1 - uses: actions/create-github-app-token@v2
id: app-token id: app-token
with: with:
app-id: ${{ vars.APP_ID }} app-id: ${{ vars.APP_ID }}
@@ -182,7 +182,7 @@ jobs:
hello-world: hello-world:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/create-github-app-token@v1 - uses: actions/create-github-app-token@v2
id: app-token id: app-token
with: with:
app-id: ${{ vars.APP_ID }} app-id: ${{ vars.APP_ID }}
@@ -207,7 +207,7 @@ jobs:
hello-world: hello-world:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/create-github-app-token@v1 - uses: actions/create-github-app-token@v2
id: app-token id: app-token
with: with:
app-id: ${{ vars.APP_ID }} app-id: ${{ vars.APP_ID }}
@@ -249,7 +249,7 @@ jobs:
owners-and-repos: ${{ fromJson(needs.set-matrix.outputs.matrix) }} owners-and-repos: ${{ fromJson(needs.set-matrix.outputs.matrix) }}
steps: steps:
- uses: actions/create-github-app-token@v1 - uses: actions/create-github-app-token@v2
id: app-token id: app-token
with: with:
app-id: ${{ vars.APP_ID }} app-id: ${{ vars.APP_ID }}
@@ -279,7 +279,7 @@ jobs:
steps: steps:
- name: Create GitHub App token - name: Create GitHub App token
id: create_token id: create_token
uses: actions/create-github-app-token@v1 uses: actions/create-github-app-token@v2
with: with:
app-id: ${{ vars.GHES_APP_ID }} app-id: ${{ vars.GHES_APP_ID }}
private-key: ${{ secrets.GHES_APP_PRIVATE_KEY }} private-key: ${{ secrets.GHES_APP_PRIVATE_KEY }}
@@ -318,7 +318,7 @@ steps:
echo "private-key=$private_key" >> "$GITHUB_OUTPUT" echo "private-key=$private_key" >> "$GITHUB_OUTPUT"
- name: Generate GitHub App Token - name: Generate GitHub App Token
id: app-token id: app-token
uses: actions/create-github-app-token@v1 uses: actions/create-github-app-token@v2
with: with:
app-id: ${{ vars.APP_ID }} app-id: ${{ vars.APP_ID }}
private-key: ${{ steps.decode.outputs.private-key }} private-key: ${{ steps.decode.outputs.private-key }}
@@ -343,7 +343,7 @@ The reason we define one `permision-<permission name>` input per permission is t
### `skip-token-revoke` ### `skip-token-revoke`
**Optional:** If truthy, the token will not be revoked when the current job is complete. **Optional:** If true, the token will not be revoked when the current job is complete.
### `github-api-url` ### `github-api-url`
@@ -370,7 +370,7 @@ The action creates an installation access token using [the `POST /app/installati
1. The token is scoped to the current repository or `repositories` if set. 1. The token is scoped to the current repository or `repositories` if set.
2. The token inherits all the installation's permissions. 2. The token inherits all the installation's permissions.
3. The token is set as output `token` which can be used in subsequent steps. 3. The token is set as output `token` which can be used in subsequent steps.
4. Unless the `skip-token-revoke` input is set to a truthy value, the token is revoked in the `post` step of the action, which means it cannot be passed to another job. 4. Unless the `skip-token-revoke` input is set to true, the token is revoked in the `post` step of the action, which means it cannot be passed to another job.
5. The token is masked, it cannot be logged accidentally. 5. The token is masked, it cannot be logged accidentally.
> [!NOTE] > [!NOTE]

3
action.yml
View File

@@ -18,8 +18,9 @@ inputs:
description: "Comma or newline-separated list of repositories to install the GitHub App on (defaults to current repository if owner is unset)" description: "Comma or newline-separated list of repositories to install the GitHub App on (defaults to current repository if owner is unset)"
required: false required: false
skip-token-revoke: skip-token-revoke:
description: "If truthy, the token will not be revoked when the current job is complete" description: "If true, the token will not be revoked when the current job is complete"
required: false required: false
default: "false"
# Make GitHub API configurable to support non-GitHub Cloud use cases # Make GitHub API configurable to support non-GitHub Cloud use cases
# see https://github.com/actions/create-github-app-token/issues/77 # see https://github.com/actions/create-github-app-token/issues/77
github-api-url: github-api-url:

45
dist/main.cjs vendored
View File

@@ -33638,6 +33638,11 @@ var require_sqlite_cache_store = __commonJS({
} }
this.#db = new DatabaseSync(opts?.location ?? ":memory:"); this.#db = new DatabaseSync(opts?.location ?? ":memory:");
this.#db.exec(` this.#db.exec(`
PRAGMA journal_mode = WAL;
PRAGMA synchronous = NORMAL;
PRAGMA temp_store = memory;
PRAGMA optimize;
CREATE TABLE IF NOT EXISTS cacheInterceptorV${VERSION7} ( CREATE TABLE IF NOT EXISTS cacheInterceptorV${VERSION7} (
-- Data specific to us -- Data specific to us
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
@@ -33657,9 +33662,8 @@ var require_sqlite_cache_store = __commonJS({
staleAt INTEGER NOT NULL staleAt INTEGER NOT NULL
); );
CREATE INDEX IF NOT EXISTS idx_cacheInterceptorV${VERSION7}_url ON cacheInterceptorV${VERSION7}(url); CREATE INDEX IF NOT EXISTS idx_cacheInterceptorV${VERSION7}_getValuesQuery ON cacheInterceptorV${VERSION7}(url, method, deleteAt);
CREATE INDEX IF NOT EXISTS idx_cacheInterceptorV${VERSION7}_method ON cacheInterceptorV${VERSION7}(method); CREATE INDEX IF NOT EXISTS idx_cacheInterceptorV${VERSION7}_deleteByUrlQuery ON cacheInterceptorV${VERSION7}(deleteAt);
CREATE INDEX IF NOT EXISTS idx_cacheInterceptorV${VERSION7}_deleteAt ON cacheInterceptorV${VERSION7}(deleteAt);
`); `);
this.#getValuesQuery = this.#db.prepare(` this.#getValuesQuery = this.#db.prepare(`
SELECT SELECT
@@ -33836,7 +33840,7 @@ var require_sqlite_cache_store = __commonJS({
this.#deleteByUrlQuery.run(this.#makeValueUrl(key)); this.#deleteByUrlQuery.run(this.#makeValueUrl(key));
} }
#prune() { #prune() {
if (this.size <= this.#maxCount) { if (Number.isFinite(this.#maxCount) && this.size <= this.#maxCount) {
return 0; return 0;
} }
{ {
@@ -41375,7 +41379,7 @@ async function waitForAccessToken(request2, clientId, clientType, verification)
return waitForAccessToken(request2, clientId, clientType, verification); return waitForAccessToken(request2, clientId, clientType, verification);
} }
if (errorType === "slow_down") { if (errorType === "slow_down") {
await wait(verification.interval + 5); await wait(verification.interval + 7);
return waitForAccessToken(request2, clientId, clientType, verification); return waitForAccessToken(request2, clientId, clientType, verification);
} }
throw error; throw error;
@@ -42345,7 +42349,7 @@ async function sendRequestWithRetries(state, request2, options, createdAt, retri
return sendRequestWithRetries(state, request2, options, createdAt, retries); return sendRequestWithRetries(state, request2, options, createdAt, retries);
} }
} }
var VERSION6 = "7.2.0"; var VERSION6 = "7.2.1";
function createAppAuth(options) { function createAppAuth(options) {
if (!options.appId) { if (!options.appId) {
throw new Error("[@octokit/auth-app] appId option is required"); throw new Error("[@octokit/auth-app] appId option is required");
@@ -42394,8 +42398,9 @@ function createAppAuth(options) {
// lib/get-permissions-from-inputs.js // lib/get-permissions-from-inputs.js
function getPermissionsFromInputs(env) { function getPermissionsFromInputs(env) {
return Object.entries(env).reduce((permissions2, [key, value]) => { return Object.entries(env).reduce((permissions2, [key, value]) => {
if (!key.startsWith("INPUT_PERMISSION_")) return permissions2; if (!key.startsWith("INPUT_PERMISSION-")) return permissions2;
const permission = key.slice("INPUT_PERMISSION_".length).toLowerCase(); if (!value) return permissions2;
const permission = key.slice("INPUT_PERMISSION-".length).toLowerCase();
if (permissions2 === void 0) { if (permissions2 === void 0) {
return { [permission]: value }; return { [permission]: value };
} }
@@ -42526,31 +42531,30 @@ async function main(appId2, privateKey2, owner2, repositories2, permissions2, co
parsedOwner = owner3; parsedOwner = owner3;
parsedRepositoryNames = [repo]; parsedRepositoryNames = [repo];
core3.info( core3.info(
`owner and repositories not set, creating token for the current repository ("${repo}")` `Inputs 'owner' and 'repositories' are not set. Creating token for this repository (${owner3}/${repo}).`
); );
} }
if (owner2 && repositories2.length === 0) { if (owner2 && repositories2.length === 0) {
parsedOwner = owner2; parsedOwner = owner2;
core3.info( core3.info(
`repositories not set, creating token for all repositories for given owner "${owner2}"` `Input 'repositories' is not set. Creating token for all repositories owned by ${owner2}.`
); );
} }
if (!owner2 && repositories2.length > 0) { if (!owner2 && repositories2.length > 0) {
parsedOwner = String(process.env.GITHUB_REPOSITORY_OWNER); parsedOwner = String(process.env.GITHUB_REPOSITORY_OWNER);
parsedRepositoryNames = repositories2; parsedRepositoryNames = repositories2;
core3.info( core3.info(
`owner not set, creating owner for given repositories "${repositories2.join( `No 'owner' input provided. Using default owner '${parsedOwner}' to create token for the following repositories:${repositories2.map((repo) => `
"," - ${parsedOwner}/${repo}`).join("")}`
)}" in current owner ("${parsedOwner}")`
); );
} }
if (owner2 && repositories2.length > 0) { if (owner2 && repositories2.length > 0) {
parsedOwner = owner2; parsedOwner = owner2;
parsedRepositoryNames = repositories2; parsedRepositoryNames = repositories2;
core3.info( core3.info(
`owner and repositories set, creating token for repositories "${repositories2.join( `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
"," ${repositories2.map((repo) => `
)}" owned by "${owner2}"` - ${parsedOwner}/${repo}`).join("")}`
); );
} }
const auth5 = createAppAuth2({ const auth5 = createAppAuth2({
@@ -42569,6 +42573,7 @@ async function main(appId2, privateKey2, owner2, repositories2, permissions2, co
permissions2 permissions2
), ),
{ {
shouldRetry: (error) => error.status >= 500,
onFailedAttempt: (error) => { onFailedAttempt: (error) => {
core3.info( core3.info(
`Failed to create token for "${parsedRepositoryNames.join( `Failed to create token for "${parsedRepositoryNames.join(
@@ -42674,7 +42679,7 @@ var appId = import_core2.default.getInput("app-id");
var privateKey = import_core2.default.getInput("private-key"); var privateKey = import_core2.default.getInput("private-key");
var owner = import_core2.default.getInput("owner"); var owner = import_core2.default.getInput("owner");
var repositories = import_core2.default.getInput("repositories").split(/[\n,]+/).map((s) => s.trim()).filter((x) => x !== ""); var repositories = import_core2.default.getInput("repositories").split(/[\n,]+/).map((s) => s.trim()).filter((x) => x !== "");
var skipTokenRevoke = Boolean(import_core2.default.getInput("skip-token-revoke")); var skipTokenRevoke = import_core2.default.getBooleanInput("skip-token-revoke");
var permissions = getPermissionsFromInputs(process.env); var permissions = getPermissionsFromInputs(process.env);
var main_default = main( var main_default = main(
appId, appId,
@@ -42693,14 +42698,10 @@ var main_default = main(
/*! Bundled license information: /*! Bundled license information:
undici/lib/fetch/body.js: undici/lib/fetch/body.js:
(*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> *)
undici/lib/websocket/frame.js:
(*! ws. MIT License. Einar Otto Stangvik <einaros@gmail.com> *)
undici/lib/web/fetch/body.js: undici/lib/web/fetch/body.js:
(*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> *) (*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> *)
undici/lib/websocket/frame.js:
undici/lib/web/websocket/frame.js: undici/lib/web/websocket/frame.js:
(*! ws. MIT License. Einar Otto Stangvik <einaros@gmail.com> *) (*! ws. MIT License. Einar Otto Stangvik <einaros@gmail.com> *)

20
dist/post.cjs vendored
View File

@@ -33404,6 +33404,11 @@ var require_sqlite_cache_store = __commonJS({
} }
this.#db = new DatabaseSync(opts?.location ?? ":memory:"); this.#db = new DatabaseSync(opts?.location ?? ":memory:");
this.#db.exec(` this.#db.exec(`
PRAGMA journal_mode = WAL;
PRAGMA synchronous = NORMAL;
PRAGMA temp_store = memory;
PRAGMA optimize;
CREATE TABLE IF NOT EXISTS cacheInterceptorV${VERSION3} ( CREATE TABLE IF NOT EXISTS cacheInterceptorV${VERSION3} (
-- Data specific to us -- Data specific to us
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
@@ -33423,9 +33428,8 @@ var require_sqlite_cache_store = __commonJS({
staleAt INTEGER NOT NULL staleAt INTEGER NOT NULL
); );
CREATE INDEX IF NOT EXISTS idx_cacheInterceptorV${VERSION3}_url ON cacheInterceptorV${VERSION3}(url); CREATE INDEX IF NOT EXISTS idx_cacheInterceptorV${VERSION3}_getValuesQuery ON cacheInterceptorV${VERSION3}(url, method, deleteAt);
CREATE INDEX IF NOT EXISTS idx_cacheInterceptorV${VERSION3}_method ON cacheInterceptorV${VERSION3}(method); CREATE INDEX IF NOT EXISTS idx_cacheInterceptorV${VERSION3}_deleteByUrlQuery ON cacheInterceptorV${VERSION3}(deleteAt);
CREATE INDEX IF NOT EXISTS idx_cacheInterceptorV${VERSION3}_deleteAt ON cacheInterceptorV${VERSION3}(deleteAt);
`); `);
this.#getValuesQuery = this.#db.prepare(` this.#getValuesQuery = this.#db.prepare(`
SELECT SELECT
@@ -33602,7 +33606,7 @@ var require_sqlite_cache_store = __commonJS({
this.#deleteByUrlQuery.run(this.#makeValueUrl(key)); this.#deleteByUrlQuery.run(this.#makeValueUrl(key));
} }
#prune() { #prune() {
if (this.size <= this.#maxCount) { if (Number.isFinite(this.#maxCount) && this.size <= this.#maxCount) {
return 0; return 0;
} }
{ {
@@ -40308,7 +40312,7 @@ var import_core2 = __toESM(require_core(), 1);
// lib/post.js // lib/post.js
async function post(core3, request2) { async function post(core3, request2) {
const skipTokenRevoke = Boolean(core3.getInput("skip-token-revoke")); const skipTokenRevoke = core3.getBooleanInput("skip-token-revoke");
if (skipTokenRevoke) { if (skipTokenRevoke) {
core3.info("Token revocation was skipped"); core3.info("Token revocation was skipped");
return; return;
@@ -40917,14 +40921,10 @@ post(import_core2.default, request_default).catch((error) => {
/*! Bundled license information: /*! Bundled license information:
undici/lib/fetch/body.js: undici/lib/fetch/body.js:
(*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> *)
undici/lib/websocket/frame.js:
(*! ws. MIT License. Einar Otto Stangvik <einaros@gmail.com> *)
undici/lib/web/fetch/body.js: undici/lib/web/fetch/body.js:
(*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> *) (*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> *)
undici/lib/websocket/frame.js:
undici/lib/web/websocket/frame.js: undici/lib/web/websocket/frame.js:
(*! ws. MIT License. Einar Otto Stangvik <einaros@gmail.com> *) (*! ws. MIT License. Einar Otto Stangvik <einaros@gmail.com> *)
*/ */

7
lib/get-permissions-from-inputs.js
View File

@@ -7,9 +7,12 @@
*/ */
export function getPermissionsFromInputs(env) { export function getPermissionsFromInputs(env) {
return Object.entries(env).reduce((permissions, [key, value]) => { return Object.entries(env).reduce((permissions, [key, value]) => {
if (!key.startsWith("INPUT_PERMISSION_")) return permissions; if (!key.startsWith("INPUT_PERMISSION-")) return permissions;
if (!value) return permissions;
const permission = key.slice("INPUT_PERMISSION_".length).toLowerCase(); const permission = key.slice("INPUT_PERMISSION-".length).toLowerCase();
// Inherit app permissions if no permissions inputs are set
if (permissions === undefined) { if (permissions === undefined) {
return { [permission]: value }; return { [permission]: value };
} }

32
lib/main.js
View File

@@ -21,7 +21,7 @@ export async function main(
core, core,
createAppAuth, createAppAuth,
request, request,
skipTokenRevoke, skipTokenRevoke
) { ) {
let parsedOwner = ""; let parsedOwner = "";
let parsedRepositoryNames = []; let parsedRepositoryNames = [];
@@ -33,7 +33,7 @@ export async function main(
parsedRepositoryNames = [repo]; parsedRepositoryNames = [repo];
core.info( core.info(
`owner and repositories not set, creating token for the current repository ("${repo}")`, `Inputs 'owner' and 'repositories' are not set. Creating token for this repository (${owner}/${repo}).`
); );
} }
@@ -42,7 +42,7 @@ export async function main(
parsedOwner = owner; parsedOwner = owner;
core.info( core.info(
`repositories not set, creating token for all repositories for given owner "${owner}"`, `Input 'repositories' is not set. Creating token for all repositories owned by ${owner}.`
); );
} }
@@ -52,9 +52,9 @@ export async function main(
parsedRepositoryNames = repositories; parsedRepositoryNames = repositories;
core.info( core.info(
`owner not set, creating owner for given repositories "${repositories.join( `No 'owner' input provided. Using default owner '${parsedOwner}' to create token for the following repositories:${repositories
",", .map((repo) => `\n- ${parsedOwner}/${repo}`)
)}" in current owner ("${parsedOwner}")`, .join("")}`
); );
} }
@@ -64,9 +64,8 @@ export async function main(
parsedRepositoryNames = repositories; parsedRepositoryNames = repositories;
core.info( core.info(
`owner and repositories set, creating token for repositories "${repositories.join( `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
",", ${repositories.map((repo) => `\n- ${parsedOwner}/${repo}`).join("")}`
)}" owned by "${owner}"`,
); );
} }
@@ -87,18 +86,19 @@ export async function main(
auth, auth,
parsedOwner, parsedOwner,
parsedRepositoryNames, parsedRepositoryNames,
permissions, permissions
), ),
{ {
shouldRetry: (error) => error.status >= 500,
onFailedAttempt: (error) => { onFailedAttempt: (error) => {
core.info( core.info(
`Failed to create token for "${parsedRepositoryNames.join( `Failed to create token for "${parsedRepositoryNames.join(
",", ","
)}" (attempt ${error.attemptNumber}): ${error.message}`, )}" (attempt ${error.attemptNumber}): ${error.message}`
); );
}, },
retries: 3, retries: 3,
}, }
)); ));
} else { } else {
// Otherwise get the installation for the owner, which can either be an organization or a user account // Otherwise get the installation for the owner, which can either be an organization or a user account
@@ -107,11 +107,11 @@ export async function main(
{ {
onFailedAttempt: (error) => { onFailedAttempt: (error) => {
core.info( core.info(
`Failed to create token for "${parsedOwner}" (attempt ${error.attemptNumber}): ${error.message}`, `Failed to create token for "${parsedOwner}" (attempt ${error.attemptNumber}): ${error.message}`
); );
}, },
retries: 3, retries: 3,
}, }
)); ));
} }
@@ -157,7 +157,7 @@ async function getTokenFromRepository(
auth, auth,
parsedOwner, parsedOwner,
parsedRepositoryNames, parsedRepositoryNames,
permissions, permissions
) { ) {
// https://docs.github.com/rest/apps/apps?apiVersion=2022-11-28#get-a-repository-installation-for-the-authenticated-app // https://docs.github.com/rest/apps/apps?apiVersion=2022-11-28#get-a-repository-installation-for-the-authenticated-app
const response = await request("GET /repos/{owner}/{repo}/installation", { const response = await request("GET /repos/{owner}/{repo}/installation", {

2
lib/post.js
View File

@@ -5,7 +5,7 @@
* @param {import("@octokit/request").request} request * @param {import("@octokit/request").request} request
*/ */
export async function post(core, request) { export async function post(core, request) {
const skipTokenRevoke = Boolean(core.getInput("skip-token-revoke")); const skipTokenRevoke = core.getBooleanInput("skip-token-revoke");
if (skipTokenRevoke) { if (skipTokenRevoke) {
core.info("Token revocation was skipped"); core.info("Token revocation was skipped");

2
main.js
View File

@@ -24,7 +24,7 @@ const repositories = core
.map((s) => s.trim()) .map((s) => s.trim())
.filter((x) => x !== ""); .filter((x) => x !== "");
const skipTokenRevoke = Boolean(core.getInput("skip-token-revoke")); const skipTokenRevoke = core.getBooleanInput("skip-token-revoke");
const permissions = getPermissionsFromInputs(process.env); const permissions = getPermissionsFromInputs(process.env);

840
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

14
package.json
View File

@@ -2,7 +2,7 @@
"name": "create-github-app-token", "name": "create-github-app-token",
"private": true, "private": true,
"type": "module", "type": "module",
"version": "2.0.1", "version": "2.0.5",
"description": "GitHub Action for creating a GitHub App Installation Access Token", "description": "GitHub Action for creating a GitHub App Installation Access Token",
"scripts": { "scripts": {
"build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --target=node20.0.0 --packages=bundle", "build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --target=node20.0.0 --packages=bundle",
@@ -13,18 +13,18 @@
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"@actions/core": "^1.11.1", "@actions/core": "^1.11.1",
"@octokit/auth-app": "^7.2.0", "@octokit/auth-app": "^7.2.1",
"@octokit/request": "^9.2.2", "@octokit/request": "^9.2.2",
"p-retry": "^6.2.1", "p-retry": "^6.2.1",
"undici": "^7.7.0" "undici": "^7.8.0"
}, },
"devDependencies": { "devDependencies": {
"@octokit/openapi": "^18.2.0", "@octokit/openapi": "^19.0.0",
"@sinonjs/fake-timers": "^14.0.0", "@sinonjs/fake-timers": "^14.0.0",
"ava": "^6.2.0", "ava": "^6.3.0",
"c8": "^10.1.3", "c8": "^10.1.3",
"dotenv": "^16.4.7", "dotenv": "^16.5.0",
"esbuild": "^0.25.2", "esbuild": "^0.25.3",
"execa": "^9.5.2", "execa": "^9.5.2",
"open-cli": "^8.0.0", "open-cli": "^8.0.0",
"yaml": "^2.7.1" "yaml": "^2.7.1"

4
tests/main-token-permissions-set.test.js
View File

@@ -2,6 +2,6 @@ import { test } from "./main.js";
// Verify `main` successfully sets permissions // Verify `main` successfully sets permissions
await test(() => { await test(() => {
process.env.INPUT_PERMISSION_ISSUES = `write`; process.env["INPUT_PERMISSION-ISSUES"] = `write`;
process.env.INPUT_PERMISSION_PULL_REQUESTS = `read`; process.env["INPUT_PERMISSION-PULL-REQUESTS"] = `read`;
}); });

9
tests/main.js
View File

@@ -8,6 +8,7 @@ export const DEFAULT_ENV = {
// inputs are set as environment variables with the prefix INPUT_ // inputs are set as environment variables with the prefix INPUT_
// https://docs.github.com/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs // https://docs.github.com/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs
"INPUT_GITHUB-API-URL": "https://api.github.com", "INPUT_GITHUB-API-URL": "https://api.github.com",
"INPUT_SKIP-TOKEN-REVOKE": "false",
"INPUT_APP-ID": "123456", "INPUT_APP-ID": "123456",
// This key is invalidated. Its from https://github.com/octokit/auth-app.js/issues/465#issuecomment-1564998327. // This key is invalidated. Its from https://github.com/octokit/auth-app.js/issues/465#issuecomment-1564998327.
"INPUT_PRIVATE-KEY": `-----BEGIN RSA PRIVATE KEY----- "INPUT_PRIVATE-KEY": `-----BEGIN RSA PRIVATE KEY-----
@@ -37,6 +38,8 @@ so0tiQKBgGQXZaxaXhYUcxYHuCkQ3V4Vsj3ezlM92xXlP32SGFm3KgFhYy9kATxw
Cax1ytZzvlrKLQyQFVK1COs2rHt7W4cJ7op7C8zXfsigXCiejnS664oAuX8sQZID Cax1ytZzvlrKLQyQFVK1COs2rHt7W4cJ7op7C8zXfsigXCiejnS664oAuX8sQZID
x3WQZRiXlWejSMUAHuMwXrhGlltF3lw83+xAjnqsVp75kGS6OH61 x3WQZRiXlWejSMUAHuMwXrhGlltF3lw83+xAjnqsVp75kGS6OH61
-----END RSA PRIVATE KEY-----`, -----END RSA PRIVATE KEY-----`,
// The Actions runner sets all inputs to empty strings if not set.
"INPUT_PERMISSION-ADMINISTRATION": "",
}; };
export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) { export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
@@ -60,7 +63,7 @@ export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
const owner = env.INPUT_OWNER ?? env.GITHUB_REPOSITORY_OWNER; const owner = env.INPUT_OWNER ?? env.GITHUB_REPOSITORY_OWNER;
const currentRepoName = env.GITHUB_REPOSITORY.split("/")[1]; const currentRepoName = env.GITHUB_REPOSITORY.split("/")[1];
const repo = encodeURIComponent( const repo = encodeURIComponent(
(env.INPUT_REPOSITORIES ?? currentRepoName).split(",")[0], (env.INPUT_REPOSITORIES ?? currentRepoName).split(",")[0]
); );
mockPool mockPool
@@ -76,7 +79,7 @@ export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
.reply( .reply(
200, 200,
{ id: mockInstallationId, app_slug: mockAppSlug }, { id: mockInstallationId, app_slug: mockAppSlug },
{ headers: { "content-type": "application/json" } }, { headers: { "content-type": "application/json" } }
); );
// Mock installation access token request // Mock installation access token request
@@ -97,7 +100,7 @@ export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
.reply( .reply(
201, 201,
{ token: mockInstallationAccessToken, expires_at: mockExpiresAt }, { token: mockInstallationAccessToken, expires_at: mockExpiresAt },
{ headers: { "content-type": "application/json" } }, { headers: { "content-type": "application/json" } }
); );
// Run the callback // Run the callback

1
tests/post-revoke-token-fail-response.test.js
View File

@@ -7,6 +7,7 @@ process.env.STATE_token = "secret123";
// inputs are set as environment variables with the prefix INPUT_ // inputs are set as environment variables with the prefix INPUT_
// https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs // https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs
process.env["INPUT_GITHUB-API-URL"] = "https://api.github.com"; process.env["INPUT_GITHUB-API-URL"] = "https://api.github.com";
process.env["INPUT_SKIP-TOKEN-REVOKE"] = "false";
// 1 hour in the future, not expired // 1 hour in the future, not expired
process.env.STATE_expiresAt = new Date( process.env.STATE_expiresAt = new Date(

4
tests/post-token-expired.test.js
View File

@@ -7,6 +7,10 @@ process.env.STATE_token = "secret123";
// 1 hour in the past, expired // 1 hour in the past, expired
process.env.STATE_expiresAt = new Date(Date.now() - 1000 * 60 * 60).toISOString(); process.env.STATE_expiresAt = new Date(Date.now() - 1000 * 60 * 60).toISOString();
// inputs are set as environment variables with the prefix INPUT_
// https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs
process.env["INPUT_SKIP-TOKEN-REVOKE"] = "false";
const mockAgent = new MockAgent(); const mockAgent = new MockAgent();
setGlobalDispatcher(mockAgent); setGlobalDispatcher(mockAgent);

1
tests/post-token-set.test.js
View File

@@ -7,6 +7,7 @@ process.env.STATE_token = "secret123";
// inputs are set as environment variables with the prefix INPUT_ // inputs are set as environment variables with the prefix INPUT_
// https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs // https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs
process.env["INPUT_GITHUB-API-URL"] = "https://api.github.com"; process.env["INPUT_GITHUB-API-URL"] = "https://api.github.com";
process.env["INPUT_SKIP-TOKEN-REVOKE"] = "false";
// 1 hour in the future, not expired // 1 hour in the future, not expired
process.env.STATE_expiresAt = new Date(Date.now() + 1000 * 60 * 60).toISOString(); process.env.STATE_expiresAt = new Date(Date.now() + 1000 * 60 * 60).toISOString();

4
tests/post-token-unset.test.js
View File

@@ -2,4 +2,8 @@
// https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#sending-values-to-the-pre-and-post-actions // https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#sending-values-to-the-pre-and-post-actions
delete process.env.STATE_token; delete process.env.STATE_token;
// inputs are set as environment variables with the prefix INPUT_
// https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#example-specifying-inputs
process.env["INPUT_SKIP-TOKEN-REVOKE"] = "false";
await import("../post.js"); await import("../post.js");

43
tests/snapshots/index.js.md
View File

@@ -22,7 +22,9 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`owner and repositories set, creating token for repositories "create-github-app-token" owned by "actions" `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/create-github-app-token␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -65,7 +67,7 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`owner and repositories not set, creating token for the current repository ("create-github-app-token")␊ `Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -89,7 +91,9 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`owner and repositories set, creating token for repositories "failed-repo" owned by "actions" `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/failed-repo␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -113,7 +117,7 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`repositories not set, creating token for all repositories for given owner "smockle" `Input 'repositories' is not set. Creating token for all repositories owned by smockle.
Failed to create token for "smockle" (attempt 1): GitHub API not available␊ Failed to create token for "smockle" (attempt 1): GitHub API not available␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -138,7 +142,9 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`owner and repositories set, creating token for repositories "failed-repo" owned by "actions" `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/failed-repo␊
Failed to create token for "failed-repo" (attempt 1): GitHub API not available␊ Failed to create token for "failed-repo" (attempt 1): GitHub API not available␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -163,7 +169,11 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`owner and repositories set, creating token for repositories "create-github-app-token,toolkit,checkout" owned by "actions" `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/create-github-app-token␊
- actions/toolkit␊
- actions/checkout␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -186,7 +196,11 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`owner and repositories set, creating token for repositories "create-github-app-token,toolkit,checkout" owned by "actions" `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/create-github-app-token␊
- actions/toolkit␊
- actions/checkout␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -209,7 +223,9 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`owner and repositories set, creating token for repositories "create-github-app-token" owned by "actions" `Inputs 'owner' and 'repositories' are set. Creating token for the following repositories:
- actions/create-github-app-token␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -232,7 +248,7 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`repositories not set, creating token for all repositories for given owner "actions" `Input 'repositories' is not set. Creating token for all repositories owned by actions.
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -255,7 +271,8 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`owner not set, creating owner for given repositories "create-github-app-token" in current owner ("actions") `No 'owner' input provided. Using default owner 'actions' to create token for the following repositories:
- actions/create-github-app-token␊
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -278,7 +295,7 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`owner and repositories not set, creating token for the current repository ("create-github-app-token")␊ `Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -301,7 +318,7 @@ Generated by [AVA](https://avajs.dev).
> stdout > stdout
`owner and repositories not set, creating token for the current repository ("create-github-app-token")␊ `Inputs 'owner' and 'repositories' are not set. Creating token for this repository (actions/create-github-app-token).
::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::add-mask::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊ ::set-output name=token::ghs_16C7e42F292c6912E7710c838347Ae178B4a␊
@@ -314,7 +331,7 @@ Generated by [AVA](https://avajs.dev).
--- REQUESTS ---␊ --- REQUESTS ---␊
GET /repos/actions/create-github-app-token/installation␊ GET /repos/actions/create-github-app-token/installation␊
POST /app/installations/123456/access_tokens␊ POST /app/installations/123456/access_tokens␊
{"repositories":["create-github-app-token"],"permissions":{"issues":"write","pull_requests":"read"}}` {"repositories":["create-github-app-token"],"permissions":{"issues":"write","pull-requests":"read"}}`
## post-revoke-token-fail-response.test.js ## post-revoke-token-fail-response.test.js

BIN
tests/snapshots/index.js.snap
View File

Binary file not shown.