build(release): 2.0.4 [skip ci]

## [2.0.4](https://github.com/actions/create-github-app-token/compare/v2.0.3...v2.0.4) (2025-05-02) ### Bug Fixes * permission input handling ([#243](https://github.com/actions/create-github-app-token/issues/243)) ([2950cbc](2950cbc446))
fix: permission input handling (#243 )
2025-05-02 18:44:32 +00:00 · 2025-05-02 11:44:01 -07:00
9 changed files with 21 additions and 13 deletions
--- a/dist/main.cjs
+++ b/dist/main.cjs
@@ -42394,8 +42394,9 @@ function createAppAuth(options) {
 // lib/get-permissions-from-inputs.js
 function getPermissionsFromInputs(env) {
  return Object.entries(env).reduce((permissions2, [key, value]) => {
-    if (!key.startsWith("INPUT_PERMISSION_")) return permissions2;
+    if (!key.startsWith("INPUT_PERMISSION-")) return permissions2;
-    const permission = key.slice("INPUT_PERMISSION_".length).toLowerCase();
+    if (!value) return permissions2;
    const permission = key.slice("INPUT_PERMISSION-".length).toLowerCase();
    if (permissions2 === void 0) {
      return { [permission]: value };
    }
@@ -42568,6 +42569,7 @@ async function main(appId2, privateKey2, owner2, repositories2, permissions2, co
        permissions2
      ),
      {
        shouldRetry: (error) => error.status >= 500,
        onFailedAttempt: (error) => {
          core3.info(
            `Failed to create token for "${parsedRepositoryNames.join(
--- a/lib/get-permissions-from-inputs.js
+++ b/lib/get-permissions-from-inputs.js
@@ -7,9 +7,12 @@
 */
 export function getPermissionsFromInputs(env) {
  return Object.entries(env).reduce((permissions, [key, value]) => {
-    if (!key.startsWith("INPUT_PERMISSION_")) return permissions;
+    if (!key.startsWith("INPUT_PERMISSION-")) return permissions;
    if (!value) return permissions;
-    const permission = key.slice("INPUT_PERMISSION_".length).toLowerCase();
+    const permission = key.slice("INPUT_PERMISSION-".length).toLowerCase();
    // Inherit app permissions if no permissions inputs are set
    if (permissions === undefined) {
      return { [permission]: value };
    }
--- a/lib/main.js
+++ b/lib/main.js
@@ -89,6 +89,7 @@ export async function main(
          permissions
        ),
      {
        shouldRetry: (error) => error.status >= 500,
        onFailedAttempt: (error) => {
          core.info(
            `Failed to create token for "${parsedRepositoryNames.join(
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
  "name": "create-github-app-token",
-  "version": "2.0.3",
+  "version": "2.0.4",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "create-github-app-token",
-      "version": "2.0.3",
+      "version": "2.0.4",
      "license": "MIT",
      "dependencies": {
        "@actions/core": "^1.11.1",
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
  "name": "create-github-app-token",
  "private": true,
  "type": "module",
-  "version": "2.0.3",
+  "version": "2.0.4",
  "description": "GitHub Action for creating a GitHub App Installation Access Token",
  "scripts": {
    "build": "esbuild main.js post.js --bundle --outdir=dist --out-extension:.js=.cjs --platform=node --target=node20.0.0 --packages=bundle",
--- a/tests/main-token-permissions-set.test.js
+++ b/tests/main-token-permissions-set.test.js
@@ -2,6 +2,6 @@ import { test } from "./main.js";
 // Verify `main` successfully sets permissions
 await test(() => {
-  process.env.INPUT_PERMISSION_ISSUES = `write`;
+  process.env["INPUT_PERMISSION-ISSUES"] = `write`;
-  process.env.INPUT_PERMISSION_PULL_REQUESTS = `read`;
+  process.env["INPUT_PERMISSION-PULL-REQUESTS"] = `read`;
 });
--- a/tests/main.js
+++ b/tests/main.js
@@ -38,6 +38,8 @@ so0tiQKBgGQXZaxaXhYUcxYHuCkQ3V4Vsj3ezlM92xXlP32SGFm3KgFhYy9kATxw
 Cax1ytZzvlrKLQyQFVK1COs2rHt7W4cJ7op7C8zXfsigXCiejnS664oAuX8sQZID
 x3WQZRiXlWejSMUAHuMwXrhGlltF3lw83+xAjnqsVp75kGS6OH61
 -----END RSA PRIVATE KEY-----`,
  // The Actions runner sets all inputs to empty strings if not set.
  "INPUT_PERMISSION-ADMINISTRATION": "",
 };
 export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
@@ -61,7 +63,7 @@ export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
  const owner = env.INPUT_OWNER ?? env.GITHUB_REPOSITORY_OWNER;
  const currentRepoName = env.GITHUB_REPOSITORY.split("/")[1];
  const repo = encodeURIComponent(
-    (env.INPUT_REPOSITORIES ?? currentRepoName).split(",")[0],
+    (env.INPUT_REPOSITORIES ?? currentRepoName).split(",")[0]
  );
  mockPool
@@ -77,7 +79,7 @@ export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
    .reply(
      200,
      { id: mockInstallationId, app_slug: mockAppSlug },
-      { headers: { "content-type": "application/json" } },
+      { headers: { "content-type": "application/json" } }
    );
  // Mock installation access token request
@@ -98,7 +100,7 @@ export async function test(cb = (_mockPool) => {}, env = DEFAULT_ENV) {
    .reply(
      201,
      { token: mockInstallationAccessToken, expires_at: mockExpiresAt },
-      { headers: { "content-type": "application/json" } },
+      { headers: { "content-type": "application/json" } }
    );
  // Run the callback
--- a/tests/snapshots/index.js.md
+++ b/tests/snapshots/index.js.md
@@ -331,7 +331,7 @@ Generated by [AVA](https://avajs.dev).
    --- REQUESTS ---␊
    GET /repos/actions/create-github-app-token/installation␊
    POST /app/installations/123456/access_tokens␊
-    {"repositories":["create-github-app-token"],"permissions":{"issues":"write","pull_requests":"read"}}`
+    {"repositories":["create-github-app-token"],"permissions":{"issues":"write","pull-requests":"read"}}`
 ## post-revoke-token-fail-response.test.js
--- a/tests/snapshots/index.js.snap
+++ b/tests/snapshots/index.js.snap