When I tried to cut a release, this was generating a JSON parsing error:
SyntaxError: Unexpected token 'd', "dependabot"... is not valid JSON
at JSON.parse (<anonymous>)
at parseOptions (file:///home/runner/work/_actions/tibdex/github-app-token/3beb63f4bd073e61482598c45c71c1019b59b73a/dist/main/index.js:9:88540)
at file:///home/runner/work/_actions/tibdex/github-app-token/3beb63f4bd073e6[14](https://github.com/dependabot/fetch-metadata/actions/runs/8369699804/job/22915871426#step:2:15)82598c45c71c1019b59b73a/dist/main/index.js:9:87507
at run (file:///home/runner/work/_actions/tibdex/github-app-token/3beb63f4bd073e61482598c45c71c1019b59b73a/dist/main/index.js:9:88817)
at file:///home/runner/work/_actions/tibdex/github-app-token/3beb63f4bd073e61482598c45c71c1019b59b73a/dist/main/index.js:9:87480
at __nccwpck_require__.a (file:///home/runner/work/_actions/tibdex/github-app-token/3beb63f4bd073e61482598c45c71c1019b59b73a/dist/main/index.js:9:368729)
at 399 (file:///home/runner/work/_actions/tibdex/github-app-token/3beb63f4bd073e61482598c45c71c1019b59b73a/dist/main/index.js:9:87363)
at __nccwpck_require__ (file:///home/runner/work/_actions/tibdex/github-app-token/3beb63f4bd073e61482598c45c71c1019b59b73a/dist/main/index.js:9:367817)
at file:///home/runner/work/_actions/tibdex/github-app-token/3beb63f4bd073e61482598c45c71c1019b59b73a/dist/main/index.js:9:3696[15](https://github.com/dependabot/fetch-metadata/actions/runs/8369699804/job/22915871426#step:2:16)
at ModuleJob.run (node:internal/modules/esm/module_job:2[17](https://github.com/dependabot/fetch-metadata/actions/runs/8369699804/job/22915871426#step:2:18):25)
It's probably something stupid simple that I overlooked, but I happened to see there's now an official GitHub action that we should probably be using instead as explained by @gr2m for security reasons.
So let's revert this to get releases working, and then I'll file a ticket to track migrating to the new action as a separate follow-on item. We'll need to do this migration in https://github.com/dependabot/dependabot-core/ as well.
Reverts dependabot/fetch-metadata#501
When I tried to cut a release, this was generating a JSON parsing error:
It's probably something stupid simple that I overlooked, but I happened to see there's now an official GitHub action that we should probably be using instead as explained by @gr2m for security reasons.
So let's revert this to get releases working, and then I'll file a ticket to track migrating to the new action as a separate follow-on item. We'll need to do this migration in https://github.com/dependabot/dependabot-core/ as well.