Projects willing to keep the token alive after the end of the job can pass revoke: false as an input.
v2.0.0
BREAKING: replaces the installation_id and repository inputs with installation_retrieval_mode and installation_retrieval_payload to also support organization and user installation.
switches to node20.
adds a repositories input to scope the created token to a subset of repositories.
revokes the created token at the end of the job with a post script.
From now on, the changed output will always be either 'true' or 'false', and never undefined.
v1.6.0
You can now use the ::before tag in private repos (PR #27)
v1.5.0
You can now use ::before as the file-url parameter: it will resolve to the file from the commit before the push event that triggered the workflow run.
Also, this repo now follows the All Contributors specifications ✨
v1.4.0
This version adds three new options: file-url, assume-same-version and static-checking.
Please see the README to find out how to use them.
As always, if you find any bugs please let me know by opening a new issue in this repo.
v1.3.0
This version adds two features:
The action can now be used with PRs
The action now has a commit output, from which you can grab the sha of the commit where the version change has been detected
v1.2.2
This makes the action automatically build with @zeit/ncc. No significant changes should be noticed by the end user, if not a slight improvement in performance.
v1.2.1
This patch fixes issue #11: the action wasn't detecting versions with a more complex format, like 1.2.3-alpha.10.beta.0+build.unicorn.rainbow, because it was stopping at the patch number (1.2.3). This should now be fixed
v1.2.0
This release adds the version output: it's a string with the new version, and can be used to, for example, create a new release with the version name.
v1.1.1
This release is just to add the major version tag v1, which can be used to keep the action updated while avoiding breaking changes.
v1.1.0
This version adds support for private repositories, you just need to pass the bearer GitHub token as an input. You can find more info about that on the action page.
v1.0.1
This adds a useful example if you want to use this action to publish your package to both NPM and GitHub Package Registry.
In scope of this release, the filter was removed within the cache-save step by @dmitry-shibanov in actions/setup-node#831. It is filtered and checked in the toolkit/cache library.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the all-dependencies group with 5 updates:
241.8.02.1.012346.2.07.0.1Updates
actions/checkoutfrom 2 to 4Release notes
Sourced from actions/checkout's releases.
... (truncated)
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
692973ePrepare 4.1.7 release (#1775)6ccd57fPin actions/checkout's own workflows to a known, good, stable version. (#1776)b17fe1eHandle hidden refs (#1774)b80ff79Bump actions/checkout from 3 to 4 (#1697)b1ec302Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1739)a5ac7e5Update for 4.1.6 release (#1733)24ed1a3Check platform for extension (#1732)44c2b7aREADME: Suggestuser.emailto be `41898282+github-actions[bot]@users.norepl...8459bc0Bump actions/upload-artifact from 2 to 4 (#1695)3f603f6Bump actions/setup-node from 1 to 4 (#1696)Updates
tibdex/github-app-tokenfrom 1.8.0 to 2.1.0Release notes
Sourced from tibdex/github-app-token's releases.
Commits
3beb63frelease v2.1.03eb77c7Add option to not revoke token (#95)9571738Add support for organization and user installation retrieval and repository s...3a5af6bUpdate dependencies and simplify project (#83)10e2a63Revert Node.js update (#82)388799afeat: upgrade to node 20 (#81)c2055a0Make the integration test optional (#67)Updates
EndBug/version-checkfrom 1 to 2Release notes
Sourced from EndBug/version-check's releases.
Commits
36ff30f2.1.597ae26bchore: npm audit fixdcf13c4docs: add khurrambilalaurecon as a contributor for bug (#309)8f78867docs: add christulin as a contributor for code (#308)2b5fe0b[auto] build: update compiled versione613878fix: check if packageFileURL is github host to conditionally send token (#283)c68c291[auto] build: update compiled versiona2b4bedchore(deps-dev): bump@vercel/nccfrom 0.38.1 to 0.38.2 (#305)7a0aa5dchore(deps-dev): bump husky from 9.1.5 to 9.1.6 (#307)27a5a13chore: delete .github/dependabot.ymlUpdates
actions/setup-nodefrom 3 to 4Release notes
Sourced from actions/setup-node's releases.
... (truncated)
Commits
0a44ba7Correct version string (#1124)97ca147Merge pull request #1125 from actions/add-is-release-workflowaa363deCreate publish-immutable-action.yml1c7b2dbFix: windows arm64 setup (#1126)26961cfDocumentation update in the README file (#1106)1e60f62Bump braces from 3.0.2 to 3.0.3 (#1087)eff380dFix macos latest check failures (#1041)c2ac33fBump undici from 5.26.5 to 5.28.3 (#965)25b062cUpdate README.md to update default Node version to 20 (#949)60edb5dAdd support for arm64 Windows (#927)Updates
actions/github-scriptfrom 6.2.0 to 7.0.1Release notes
Sourced from actions/github-script's releases.
... (truncated)
Commits
60a0d83Merge pull request #440 from actions/joshmgross/v7.0.1b7fb200Update version to 7.0.112e22edMerge pull request #439 from actions/joshmgross/avoid-setting-base-urld319f8fAvoid settingbaseUrlto undefined when input is not providede69ef54Merge pull request #425 from actions/joshmgross/node-20ee0914bUpdate licensesd6fc56fUse@types/nodefor Node 20384d6cfFix quotations in tests8472492Only validate GraphQLpreviews84903f5Removenode-fetchfrom typeDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show