Deprecated API authentication via URL query

[ash0x0]

Using the current version of this action in download mode is deprecated for personal access token authorization, this is in the case of downloading assets from another repository or in general replacing the scoped github.token with a personal access token. The following email is delivered to the associated account when the request is made:

[GitHub API] Deprecation notice for authentication via URL query parameters

On *** at *** (UTC) your personal access token (***) using node-fetch/1.0 (+https://github.com/bitinn/node-fetch) was used as part of a query parameter to access an endpoint through the GitHub API:

https://api.github.com/repositories/***/releases/assets/***

Please use the Authorization HTTP header instead, as using the `access_token` query parameter is deprecated. If this token is being used by an app you don't have control over, be aware that it may stop working as a result of this deprecation.

Depending on your API usage, we'll be sending you this email reminder on a monthly basis for each token and User-Agent used in API calls made on your behalf.
Just one URL that was accessed with a token and User-Agent combination will be listed in the email reminder, not all.

Visit https://developer.github.com/changes/2020-02-10-deprecating-auth-through-query-param for more information about suggested workarounds and removal dates.

Thanks,
The GitHub Team

This is due to the use of node-fetch call in these lines.

I believe the workaround is simple enough and will fork, test and PR once I arrive at a fix. Making sure this issues is tracked here including all work that may currently be going into a solution.

[Xotl]

Hi @ash0x0, thanks a lot for your contribution. 😄

I will take a look at your PR later this day.

[Xotl]

PR #14 got merged! 🥳

[Xotl]

Reopening the issue because it will not deploy the latest version until i upgrade the @actions/core package.

I will try to fix it once i got some spare time.

[Xotl]

Dependencies got updated, now closing.