Merge pull request #352 from actions/rentziass/4.2.0

Prepare release v4.2.0
2026-04-30 18:50:11 +00:00 · 2023-03-13 13:10:02 +00:00 · 2023-03-13 10:20:37 +00:00 · 2023-03-10 17:24:40 +00:00 · 2023-03-10 17:01:55 +00:00
73 changed files with 18891 additions and 69932 deletions
@@ -5,12 +5,9 @@ extends:
  - eslint:recommended
  - plugin:@typescript-eslint/eslint-recommended
  - plugin:@typescript-eslint/recommended
-  - prettier
-parserOptions:
-  project: ['tsconfig.eslint.json']
+  - prettier/@typescript-eslint
 rules:
  # '@typescript-eslint/explicit-function-return-type': 0
  '@typescript-eslint/no-use-before-define':
    - 2
    - functions: false
-  '@typescript-eslint/no-unnecessary-condition': error
@@ -1,8 +0,0 @@
-blank_issues_enabled: true
-contact_links:
-  - name: Ask a question or provide feedback about using this action
-    about: For general Q&A and feedback, see the Discussions tab.
-    url: https://github.com/actions/github-script/discussions
-  - name: Ask a question or provide feedback about GitHub Actions
-    about: Please check out the GitHub community forum for discussions about GitHub Actions
-    url: https://github.com/orgs/community/discussions/categories/actions
@@ -1,12 +0,0 @@
-name: 'Install dependencies'
-description: 'Set up node and install dependencies'
-runs:
-  using: 'composite'
-  steps:
-    - uses: actions/setup-node@v4
-      with:
-        node-version: '24.x'
-        cache: npm
-
-    - run: npm ci
-      shell: bash
@@ -1,16 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: 'github-actions'
-    directory: '/'
-    schedule:
-      interval: 'weekly'
-
-  - package-ecosystem: 'github-actions'
-    directory: '/.github/actions/install-dependencies'
-    schedule:
-      interval: 'weekly'
-
-  - package-ecosystem: 'npm'
-    directory: '/'
-    schedule:
-      interval: 'weekly'
@@ -10,20 +10,27 @@ on:
  push:
    branches:
      - main
+    paths-ignore:
+      - '**.md'
  pull_request:
+    paths-ignore:
+      - '**.md'
  workflow_dispatch:

-permissions:
-  contents: read
-
 jobs:
  check-dist:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v2

-      - uses: ./.github/actions/install-dependencies
+      - name: Set Node.js 12.x
+        uses: actions/setup-node@v1
+        with:
+          node-version: 12.x
+
+      - name: Install dependencies
+        run: npm ci

      - name: Rebuild the dist/ directory
        run: npm run build
@@ -38,7 +45,7 @@ jobs:
        id: diff

      # If index.js was different than expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v2
        if: ${{ failure() && steps.diff.conclusion == 'failure' }}
        with:
          name: dist
@@ -6,14 +6,15 @@ on:
  pull_request:
    branches: [main]

-permissions:
-  contents: read
-
 jobs:
  ci:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - uses: ./.github/actions/install-dependencies
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: 12
+          cache: npm
+      - run: npm ci
      - run: npm run style:check
      - run: npm test
@@ -1,72 +0,0 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
-name: "CodeQL"
-
-on:
-  push:
-    branches: [ "main" ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ "main" ]
-  schedule:
-    - cron: '32 12 * * 3'
-
-jobs:
-  analyze:
-    name: Analyze
-    runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
-
-    strategy:
-      fail-fast: false
-      matrix:
-        language: [ 'javascript' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        
-        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-        # queries: security-extended,security-and-quality
-
-        
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
-
-    #   If the Autobuild fails above, remove it and uncomment the following three lines. 
-    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
-
-    # - run: |
-    #   echo "Run, Build Application using script"
-    #   ./location_of_script_within_repo/buildscript.sh
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
@@ -6,15 +6,11 @@ on:
  pull_request:
    branches: [main]

-permissions:
-  contents: read
-
 jobs:
  test-return:
-    name: 'Integration test: return'
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v2
      - id: output-set
        uses: ./
        with:
@@ -22,342 +18,42 @@ jobs:
          result-encoding: string
          input-value: output
      - run: |
-          echo "- Validating output is produced"
-          expected="output"
-          if [[ "${{steps.output-set.outputs.result}}" != "$expected" ]]; then
-            echo $'::error::\u274C' "Expected '$expected', got ${{steps.output-set.outputs.result}}"
+          if [[ "${{steps.output-set.outputs.result}}" != "output" ]]; then
            exit 1
          fi
-          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY

  test-relative-require:
-    name: 'Integration test: relative-path require'
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - id: relative-require
+      - uses: actions/checkout@v2
+      - id: output-set
        uses: ./
        with:
          script: return require('./package.json').name
          result-encoding: string
+          input-value: output
      - run: |
-          echo "- Validating relative require output"
-          expected="@actions/github-script"
-          if [[ "${{steps.relative-require.outputs.result}}" != "$expected" ]]; then
-            echo $'::error::\u274C' "Expected '$expected', got ${{steps.relative-require.outputs.result}}"
+          if [[ "${{steps.output-set.outputs.result}}" != "github-script" ]]; then
            exit 1
          fi
-          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY

  test-npm-require:
-    name: 'Integration test: npm package require'
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - uses: ./.github/actions/install-dependencies
-      - id: npm-require
+      - uses: actions/checkout@v2
+      - uses: actions/cache@v2
+        with:
+          path: ~/.npm
+          key: ${{runner.os}}-npm-${{hashFiles('**/package-lock.json')}}
+          restore-keys: ${{runner.os}}-npm-
+      - run: npm ci
+      - id: output-set
        uses: ./
        with:
          script: return require('@actions/core/package.json').name
          result-encoding: string
+          input-value: output
      - run: |
-          echo "- Validating npm require output"
-          expected="@actions/core"
-          if [[ "${{steps.npm-require.outputs.result}}" != "$expected" ]]; then
-            echo $'::error::\u274C' "Expected '$expected', got ${{steps.npm-require.outputs.result}}"
-            exit 1
-          fi
-          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
-
-  test-previews:
-    name: 'Integration test: GraphQL previews option'
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: ./.github/actions/install-dependencies
-      - id: previews-default
-        name: Default previews not set
-        uses: ./
-        with:
-          script: |
-            const endpoint = github.request.endpoint
-            return endpoint({url: "/graphql"}).headers.accept
-          result-encoding: string
-      - id: previews-set-single
-        name: Previews set to a single value
-        uses: ./
-        with:
-          previews: foo
-          script: |
-            const endpoint = github.request.endpoint
-            return endpoint({url: "/graphql"}).headers.accept
-          result-encoding: string
-      - id: previews-set-multiple
-        name: Previews set to comma-separated list
-        uses: ./
-        with:
-          previews: foo,bar,baz
-          script: |
-            const endpoint = github.request.endpoint
-            return endpoint({url: "/graphql"}).headers.accept
-          result-encoding: string
-      - run: |
-          echo "- Validating previews default"
-          expected="application/vnd.github.v3+json"
-          if [[ "${{steps.previews-default.outputs.result}}" != $expected ]]; then
-            echo $'::error::\u274C' "Expected '$expected', got ${{steps.previews-default.outputs.result}}"
-            exit 1
-          fi
-          echo "- Validating previews set to a single value"
-          expected="application/vnd.github.foo-preview+json"
-          if [[ "${{steps.previews-set-single.outputs.result}}" != $expected ]]; then
-            echo $'::error::\u274C' "Expected '$expected', got ${{steps.previews-set-single.outputs.result}}"
-            exit 1
-          fi
-          echo "- Validating previews set to multiple values"
-          expected="application/vnd.github.foo-preview+json,application/vnd.github.bar-preview+json,application/vnd.github.baz-preview+json"
-          if [[ "${{steps.previews-set-multiple.outputs.result}}" != $expected ]]; then
-            echo $'::error::\u274C' "Expected '$expected', got ${{steps.previews-set-multiple.outputs.result}}"
-            exit 1
-          fi
-          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
-
-  test-user-agent:
-    name: 'Integration test: user-agent option'
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: ./.github/actions/install-dependencies
-      - id: user-agent-default
-        name: Default user-agent not set
-        uses: ./
-        with:
-          script: |
-            const endpoint = github.request.endpoint
-            return endpoint({}).headers['user-agent']
-          result-encoding: string
-      - id: user-agent-set
-        name: User-agent set
-        uses: ./
-        with:
-          user-agent: foobar
-          script: |
-            const endpoint = github.request.endpoint
-            return endpoint({}).headers['user-agent']
-          result-encoding: string
-      - id: user-agent-empty
-        name: User-agent set to an empty string
-        uses: ./
-        with:
-          user-agent: ''
-          script: |
-            const endpoint = github.request.endpoint
-            return endpoint({}).headers['user-agent']
-          result-encoding: string
-      - run: |
-          # User-agent format: <prefix> [actions_orchestration_id/<id>] octokit-core.js/<version> ...
-          # When ACTIONS_ORCHESTRATION_ID is set, the orchestration ID is inserted after the prefix
-          echo "- Validating user-agent default"
-          ua="${{steps.user-agent-default.outputs.result}}"
-          if [[ "$ua" != "actions/github-script"* ]] || [[ "$ua" != *"octokit-core.js/"* ]]; then
-            echo $'::error::\u274C' "Expected user-agent to start with 'actions/github-script' and contain 'octokit-core.js/', got $ua"
-            exit 1
-          fi
-          echo "- Validating user-agent set to a value"
-          ua="${{steps.user-agent-set.outputs.result}}"
-          if [[ "$ua" != "foobar"* ]] || [[ "$ua" != *"octokit-core.js/"* ]]; then
-            echo $'::error::\u274C' "Expected user-agent to start with 'foobar' and contain 'octokit-core.js/', got $ua"
-            exit 1
-          fi
-          echo "- Validating user-agent set to an empty string"
-          ua="${{steps.user-agent-empty.outputs.result}}"
-          if [[ "$ua" != "actions/github-script"* ]] || [[ "$ua" != *"octokit-core.js/"* ]]; then
-            echo $'::error::\u274C' "Expected user-agent to start with 'actions/github-script' and contain 'octokit-core.js/', got $ua"
-            exit 1
-          fi
-          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
-
-  test-get-octokit:
-    name: 'Integration test: getOctokit with token'
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: ./.github/actions/install-dependencies
-      - id: secondary-client
-        name: Create a second client with getOctokit
-        uses: ./
-        env:
-          APP_TOKEN: ${{ github.token }}
-        with:
-          script: |
-            const appOctokit = getOctokit(process.env.APP_TOKEN)
-            const {data} = await appOctokit.rest.repos.get({
-              owner: context.repo.owner,
-              repo: context.repo.repo
-            })
-
-            return `${appOctokit !== github}:${data.full_name}`
-          result-encoding: string
-      - run: |
-          echo "- Validating secondary client output"
-          expected="true:${{ github.repository }}"
-          if [[ "${{steps.secondary-client.outputs.result}}" != "$expected" ]]; then
-            echo $'::error::\u274C' "Expected '$expected', got ${{steps.secondary-client.outputs.result}}"
-            exit 1
-          fi
-          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
-
-  test-debug:
-    strategy:
-      matrix:
-        environment: ['', 'debug-integration-test']
-    environment:
-      name: ${{ matrix.environment }}
-      deployment: false
-    name: "Integration test: debug option (runner.debug mode ${{ matrix.environment && 'enabled' || 'disabled' }})"
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: ./.github/actions/install-dependencies
-      - id: debug-default
-        name: Default debug not set
-        uses: ./
-        with:
-          script: |
-            const log = github.log
-            return {
-              runnerDebugMode: core.isDebug(),
-              debug: log.debug === console.debug,
-              info: log.info === console.info
-            }
-      - id: debug-true
-        name: Debug set to true
-        uses: ./
-        with:
-          debug: true
-          script: |
-            const log = github.log
-            return {
-              runnerDebugMode: core.isDebug(),
-              debug: log.debug === console.debug,
-              info: log.info === console.info
-            }
-      - id: debug-false
-        name: Debug set to false
-        uses: ./
-        with:
-          debug: false
-          script: |
-            const log = github.log
-            return {
-              runnerDebugMode: core.isDebug(),
-              debug: log.debug === console.debug,
-              info: log.info === console.info
-            }
-      - id: evaluate-tests
-        name: Evaluate test outputs
-        env:
-          RDMODE: ${{ runner.debug == '1' }}
-        run: |
-          # tests table, pipe separated: label | output | expected
-          # leading and trailing spaces on any field are trimmed
-          tests=$(cat << 'TESTS'
-            Validating debug default |\
-              ${{ steps.debug-default.outputs.result }} |\
-              {"runnerDebugMode":${{ env.RDMODE }},"debug":${{ env.RDMODE }},"info":${{ env.RDMODE }}}
-            Validating debug set to true |\
-              ${{ steps.debug-true.outputs.result }} |\
-              {"runnerDebugMode":${{ env.RDMODE }},"debug":true,"info":true}
-            Validating debug set to false |\
-              ${{ steps.debug-false.outputs.result }} |\
-              {"runnerDebugMode":${{ env.RDMODE }},"debug":false,"info":false}
-          TESTS
-          )
-
-          strim() { shopt -s extglob; lt="${1##+( )}"; echo "${lt%%+( )}"; }
-          while IFS='|' read label output expected; do
-            label="$(strim "$label")"; output="$(strim "$output")"; expected="$(strim "$expected")"
-            echo -n "- $label:"
-            if [[ "$output" != "$expected" ]]; then
-              echo $'\n::error::\u274C' "Expected '$expected', got '$output'"
-              exit 1
-            fi
-            echo $' \u2705'
-          done <<< "$tests"
-
-          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
-
-  test-base-url:
-    name: 'Integration test: base-url option'
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: ./.github/actions/install-dependencies
-
-      - id: base-url-default
-        name: API URL with base-url not set
-        uses: ./
-        with:
-          script: |
-            const endpoint = github.request.endpoint
-            return endpoint({}).url
-          result-encoding: string
-
-      - id: base-url-default-graphql
-        name: GraphQL URL with base-url not set
-        uses: ./
-        with:
-          script: |
-            const endpoint = github.request.endpoint
-            return endpoint({url: "/graphql"}).url
-          result-encoding: string
-
-      - id: base-url-set
-        name: API URL with base-url set
-        uses: ./
-        with:
-          base-url: https://my.github-enterprise-server.com/api/v3
-          script: |
-            const endpoint = github.request.endpoint
-            return endpoint({}).url
-          result-encoding: string
-
-      - id: base-url-set-graphql
-        name: GraphQL URL with base-url set
-        uses: ./
-        with:
-          base-url: https://my.github-enterprise-server.com/api/v3
-          script: |
-            const endpoint = github.request.endpoint
-            return endpoint({url: "/graphql"}).url
-          result-encoding: string
-
-      - run: |
-          echo "- Validating API URL default"
-          expected="https://api.github.com/"
-          actual="${{steps.base-url-default.outputs.result}}"
-          if [[ "$expected" != "$actual" ]]; then
-            echo $'::error::\u274C' "Expected base-url to equal '$expected', got $actual"
-            exit 1
-          fi
-          echo "- Validating GraphQL URL default"
-          expected="https://api.github.com/graphql"
-          actual="${{steps.base-url-default-graphql.outputs.result}}"
-          if [[ "$expected" != "$actual" ]]; then
-            echo $'::error::\u274C' "Expected base-url to equal '$expected', got $actual"
-            exit 1
-          fi
-          echo "- Validating base-url set to a value"
-          expected="https://my.github-enterprise-server.com/api/v3/"
-          actual="${{steps.base-url-set.outputs.result}}"
-          if [[ "$expected" != "$actual" ]]; then
-            echo $'::error::\u274C' "Expected base-url to equal '$expected', got $actual"
-            exit 1
-          fi
-          echo "- Validating GraphQL URL with base-url set to a value"
-          expected="https://my.github-enterprise-server.com/api/v3/graphql"
-          actual="${{steps.base-url-set-graphql.outputs.result}}"
-          if [[ "$expected" != "$actual" ]]; then
-            echo $'::error::\u274C' "Expected base-url to equal '$expected', got $actual"
+          if [[ "${{steps.output-set.outputs.result}}" != "@actions/core" ]]; then
            exit 1
          fi
@@ -8,23 +8,17 @@ on:
    branches:
      - main

-permissions:
-  contents: read
-
 jobs:
  test:
    runs-on: ubuntu-latest
    name: Check licenses
    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0 # prefer to use a full fetch for licensed workflows
-      - uses: ruby/setup-ruby@354a1ad156761f5ee2b7b13fa8e09943a5e8d252 # v1.229.0
-        with:
-          ruby-version: ruby
-      - uses: github/setup-licensed@v1
-        with:
-          version: '4.x'
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-      - uses: ./.github/actions/install-dependencies
+      - uses: actions/checkout@v2
+      - run: npm ci
+      - name: Install licensed
+        run: |
+          cd $RUNNER_TEMP
+          curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/2.12.2/licensed-2.12.2-linux-x64.tar.gz
+          sudo tar -xzf licensed.tar.gz
+          sudo mv licensed /usr/local/bin/licensed
      - run: licensed status
@@ -1,20 +0,0 @@
-name: 'Publish Immutable Action Version'
-
-on:
-  release:
-    types: [published]
-
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
-      packages: write
-
-    steps:
-      - name: Checking out
-        uses: actions/checkout@v4
-      - name: Publish
-        id: publish
-        uses: actions/publish-immutable-action@0.0.4
@@ -5,41 +5,37 @@ on:
    branches: [main]
    types: [opened, synchronize]

-permissions:
-  contents: read
-  pull-requests: write
-
 jobs:
  pull-request-test:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v2
      - uses: ./
        with:
          script: |
            // Get the existing comments.
-            const {data: comments} = await github.rest.issues.listComments({
+            const {data: comments} = await github.issues.listComments({
              owner: context.repo.owner,
              repo: context.repo.repo,
              issue_number: context.payload.number,
            })

-            // Find any comment already made by the bot.
-            const botComment = comments.find(comment => comment.user.id === 41898282)
-            const commentBody = "Hello from actions/github-script! (${{ github.sha }})"
+            // Find any comment already made by the bot.                                                                                                    
+            const botComment = comments.find(comment => comment.user.id === 41898282)                                                                       
+            const commentBody = "Hello from actions/github-script! (${{ github.sha }})"                  

            if (context.payload.pull_request.head.repo.full_name !== 'actions/github-script') {
              console.log('Not attempting to write comment on PR from fork');
            } else {
              if (botComment) {
-                await github.rest.issues.updateComment({
+                await github.issues.updateComment({
                  owner: context.repo.owner,
                  repo: context.repo.repo,
                  comment_id: botComment.id,
                  body: commentBody
                })
              } else {
-                await github.rest.issues.createComment({
+                await github.issues.createComment({
                  owner: context.repo.owner,
                  repo: context.repo.repo,
                  issue_number: context.payload.number,
@@ -0,0 +1,31 @@
+name: Stale Issues & PRs
+
+on:
+  schedule:
+    - cron: '0 0 * * *'
+  workflow_dispatch:
+
+jobs:
+  mark_stale:
+    name: Mark issues and PRs as stale
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v3
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          exempt-issue-labels: Not Stale
+          exempt-pr-labels: Not Stale
+          stale-issue-message: >
+            This issue is stale because it has been open for 60 days with no
+            activity. Remove the "Stale" label or comment on the issue, or it
+            will be closed in 7 days.
+          stale-pr-message: >
+            This pull request is stale because it has been open for 60 days
+            with no activity. Remove the "Stale" label or comment on the pull
+            request, or it will be closed in 7 days.
+          close-issue-message: >
+            This issue has been marked as stale and closed due to no activity
+            on it.
+          close-pr-message: >
+            This pull request has been marked as stale and closed due to no
+            activity on it.
@@ -1 +1,2 @@
-/node_modules/
+/node_modules/
+!/.vscode/
@@ -1 +0,0 @@
-npm run pre-commit && git add dist/
@@ -1,6 +1,6 @@
 ---
 name: "@actions/core"
-version: 1.10.1
+version: 1.5.0
 type: npm
 summary: Actions core lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/core
@@ -1,6 +1,6 @@
 ---
 name: "@actions/exec"
-version: 1.1.1
+version: 1.1.0
 type: npm
 summary: Actions exec lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/exec
@@ -1,20 +1,30 @@
 ---
 name: "@actions/github"
-version: 9.1.0
+version: 4.0.0
 type: npm
 summary: Actions github lib
-homepage: https://github.com/actions/toolkit/tree/main/packages/github
+homepage: https://github.com/actions/toolkit/tree/master/packages/github
 license: mit
 licenses:
- sources: LICENSE.md
-  text: |-
-    The MIT License (MIT)
+- sources: Auto-generated MIT license text
+  text: |
+    MIT License

-    Copyright 2019 GitHub
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:

-    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.

-    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
 notices: []
@@ -1,6 +1,6 @@
 ---
 name: "@actions/glob"
-version: 0.4.0
+version: 0.1.2
 type: npm
 summary: Actions glob lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/glob
@@ -1,32 +0,0 @@
---
-name: "@actions/http-client"
-version: 2.2.0
-type: npm
-summary: Actions Http Client
-homepage: https://github.com/actions/toolkit/tree/main/packages/http-client
-license: mit
-licenses:
- sources: LICENSE
-  text: |
-    Actions Http Client for Node.js
-
-    Copyright (c) GitHub, Inc.
-
-    All rights reserved.
-
-    MIT License
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
-    associated documentation files (the "Software"), to deal in the Software without restriction,
-    including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
-    and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so,
-    subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
-    LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
-    NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
-    WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
-    SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-notices: []
@@ -1,32 +0,0 @@
---
-name: "@actions/http-client"
-version: 3.0.2
-type: npm
-summary: Actions Http Client
-homepage: https://github.com/actions/toolkit/tree/main/packages/http-client
-license: mit
-licenses:
- sources: LICENSE
-  text: |
-    Actions Http Client for Node.js
-
-    Copyright (c) GitHub, Inc.
-
-    All rights reserved.
-
-    MIT License
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
-    associated documentation files (the "Software"), to deal in the Software without restriction,
-    including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
-    and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so,
-    subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
-    LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
-    NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
-    WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
-    SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-notices: []
@@ -1,9 +1,9 @@
 ---
 name: "@actions/http-client"
-version: 2.2.0
+version: 1.0.8
 type: npm
 summary: Actions Http Client
-homepage: https://github.com/actions/toolkit/tree/main/packages/http-client
+homepage: https://github.com/actions/http-client#readme
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,6 +1,6 @@
 ---
 name: "@actions/io"
-version: 1.1.3
+version: 1.1.1
 type: npm
 summary: Actions io lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/io
@@ -1,30 +0,0 @@
---
-name: "@fastify/busboy"
-version: 2.0.0
-type: npm
-summary: A streaming parser for HTML form data for node.js
-homepage:
-license: mit
-licenses:
- sources: LICENSE
-  text: |-
-    Copyright Brian White. All rights reserved.
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to
-    deal in the Software without restriction, including without limitation the
-    rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
-    sell copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in
-    all copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
-    FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
-    IN THE SOFTWARE.
-notices: []
@@ -1,9 +1,9 @@
 ---
 name: "@octokit/auth-token"
-version: 6.0.0
+version: 2.5.0
 type: npm
 summary: GitHub API token authentication for browsers and Node.js
-homepage:
+homepage: 
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,9 +1,9 @@
 ---
 name: "@octokit/core"
-version: 7.0.6
+version: 3.5.1
 type: npm
 summary: Extendable client for GitHub's REST & GraphQL APIs
-homepage:
+homepage: 
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,9 +1,9 @@
 ---
 name: "@octokit/endpoint"
-version: 11.0.3
+version: 6.0.12
 type: npm
 summary: Turns REST API endpoints into generic request options
-homepage:
+homepage: 
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,9 +1,9 @@
 ---
 name: "@octokit/graphql"
-version: 9.0.3
+version: 4.8.0
 type: npm
 summary: GitHub GraphQL API client for browsers and Node
-homepage:
+homepage: 
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,20 +0,0 @@
---
-name: "@octokit/openapi-types"
-version: 18.0.0
-type: npm
-summary: Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com
-homepage:
-license: mit
-licenses:
- sources: LICENSE
-  text: |-
-    Copyright 2020 Gregor Martynus
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
- sources: README.md
-  text: "[MIT](LICENSE)"
-notices: []
@@ -1,20 +0,0 @@
---
-name: "@octokit/openapi-types"
-version: 19.0.0
-type: npm
-summary: Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com
-homepage:
-license: mit
-licenses:
- sources: LICENSE
-  text: |-
-    Copyright 2020 Gregor Martynus
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
- sources: README.md
-  text: "[MIT](LICENSE)"
-notices: []
@@ -1,9 +1,9 @@
 ---
 name: "@octokit/openapi-types"
-version: 27.0.0
+version: 10.4.0
 type: npm
 summary: Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com
-homepage:
+homepage: 
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,9 +1,9 @@
 ---
 name: "@octokit/plugin-paginate-rest"
-version: 14.0.0
+version: 2.16.4
 type: npm
 summary: Octokit plugin to paginate REST API endpoint responses
-homepage:
+homepage: 
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,20 +0,0 @@
---
-name: "@octokit/plugin-request-log"
-version: 6.0.0
-type: npm
-summary: Log all requests and request errors
-homepage:
-license: mit
-licenses:
- sources: LICENSE
-  text: |
-    MIT License Copyright (c) 2020 Octokit contributors
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice (including the next paragraph) shall be included in all copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
- sources: README.md
-  text: "[MIT](LICENSE)"
-notices: []
@@ -1,9 +1,9 @@
 ---
 name: "@octokit/plugin-rest-endpoint-methods"
-version: 17.0.0
+version: 4.2.1
 type: npm
 summary: Octokit plugin adding one method for all of api.github.com REST API endpoints
-homepage:
+homepage: https://github.com/octokit/plugin-rest-endpoint-methods.js#readme
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,34 +0,0 @@
---
-name: "@octokit/plugin-retry"
-version: 8.1.0
-type: npm
-summary: Automatic retry plugin for octokit
-homepage:
-license: mit
-licenses:
- sources: LICENSE
-  text: |
-    MIT License
-
-    Copyright (c) 2018 Octokit contributors
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE.
- sources: README.md
-  text: "[MIT](LICENSE)"
-notices: []
@@ -1,9 +1,9 @@
 ---
 name: "@octokit/request-error"
-version: 7.1.0
+version: 2.1.0
 type: npm
 summary: Error class for Octokit request errors
-homepage:
+homepage: 
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,10 +1,10 @@
 ---
 name: "@octokit/request"
-version: 10.0.8
+version: 5.6.1
 type: npm
-summary: Send parameterized requests to GitHub's APIs with sensible defaults in browsers
-  and Node
-homepage:
+summary: "Send parameterized requests to GitHubâ\x80\x99s APIs with sensible defaults
+  in browsers and Node"
+homepage: 
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,9 +1,9 @@
 ---
 name: "@octokit/types"
-version: 11.1.0
+version: 5.5.0
 type: npm
 summary: Shared TypeScript definitions for Octokit projects
-homepage:
+homepage: https://github.com/octokit/types.ts#readme
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,9 +1,9 @@
 ---
 name: "@octokit/types"
-version: 12.0.0
+version: 6.30.0
 type: npm
 summary: Shared TypeScript definitions for Octokit projects
-homepage:
+homepage: 
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,20 +0,0 @@
---
-name: "@octokit/types"
-version: 16.0.0
-type: npm
-summary: Shared TypeScript definitions for Octokit projects
-homepage:
-license: mit
-licenses:
- sources: LICENSE
-  text: |
-    MIT License Copyright (c) 2019 Octokit contributors
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice (including the next paragraph) shall be included in all copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
- sources: README.md
-  text: "[MIT](LICENSE)"
-notices: []
@@ -1,9 +1,9 @@
 ---
 name: "@types/node"
-version: 24.1.0
+version: 14.6.0
 type: npm
-summary: TypeScript definitions for node
-homepage: https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node
+summary: TypeScript definitions for Node.js
+homepage: https://github.com/DefinitelyTyped/DefinitelyTyped#readme
 license: mit
 licenses:
 - sources: LICENSE
@@ -1,9 +1,9 @@
 ---
 name: before-after-hook
-version: 4.0.0
+version: 2.2.2
 type: npm
 summary: asynchronous before/error/after hooks for internal functionality
-homepage: https://github.com/gr2m/before-after-hook#readme
+homepage: 
 license: apache-2.0
 licenses:
 - sources: LICENSE
@@ -1,31 +0,0 @@
---
-name: bottleneck
-version: 2.19.5
-type: npm
-summary: Distributed task scheduler and rate limiter
-homepage: 
-license: mit
-licenses:
- sources: LICENSE
-  text: |
-    The MIT License (MIT)
-
-    Copyright (c) 2014 Simon Grondin
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy of
-    this software and associated documentation files (the "Software"), to deal in
-    the Software without restriction, including without limitation the rights to
-    use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
-    the Software, and to permit persons to whom the Software is furnished to do so,
-    subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
-    FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
-    COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
-    IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-    CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-notices: []
@@ -1,32 +0,0 @@
---
-name: fast-content-type-parse
-version: 3.0.0
-type: npm
-summary: Parse HTTP Content-Type header according to RFC 7231
-homepage: https://github.com/fastify/fast-content-type-parse#readme
-license: mit
-licenses:
- sources: LICENSE
-  text: |
-    MIT License
-
-    Copyright (c) 2023 Fastify
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE.
-notices: []
@@ -1,9 +1,9 @@
 ---
 name: minimatch
-version: 3.1.2
+version: 3.0.4
 type: npm
 summary: a glob matcher in javascript
-homepage:
+homepage: https://github.com/isaacs/minimatch#readme
 license: isc
 licenses:
 - sources: LICENSE
@@ -0,0 +1,56 @@
+---
+name: node-fetch
+version: 2.6.5
+type: npm
+summary: A light-weight module that brings window.fetch to node.js
+homepage: https://github.com/bitinn/node-fetch
+license: mit
+licenses:
+- sources: LICENSE.md
+  text: |+
+    The MIT License (MIT)
+
+    Copyright (c) 2016 David Frank
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+
+- sources: README.md
+  text: |-
+    MIT
+
+    [npm-image]: https://flat.badgen.net/npm/v/node-fetch
+    [npm-url]: https://www.npmjs.com/package/node-fetch
+    [travis-image]: https://flat.badgen.net/travis/bitinn/node-fetch
+    [travis-url]: https://travis-ci.org/bitinn/node-fetch
+    [codecov-image]: https://flat.badgen.net/codecov/c/github/bitinn/node-fetch/master
+    [codecov-url]: https://codecov.io/gh/bitinn/node-fetch
+    [install-size-image]: https://flat.badgen.net/packagephobia/install/node-fetch
+    [install-size-url]: https://packagephobia.now.sh/result?p=node-fetch
+    [discord-image]: https://img.shields.io/discord/619915844268326952?color=%237289DA&label=Discord&style=flat-square
+    [discord-url]: https://discord.gg/Zxbndcm
+    [opencollective-image]: https://opencollective.com/node-fetch/backers.svg
+    [opencollective-url]: https://opencollective.com/node-fetch
+    [whatwg-fetch]: https://fetch.spec.whatwg.org/
+    [response-init]: https://fetch.spec.whatwg.org/#responseinit
+    [node-readable]: https://nodejs.org/api/stream.html#stream_readable_streams
+    [mdn-headers]: https://developer.mozilla.org/en-US/docs/Web/API/Headers
+    [LIMITS.md]: https://github.com/bitinn/node-fetch/blob/master/LIMITS.md
+    [ERROR-HANDLING.md]: https://github.com/bitinn/node-fetch/blob/master/ERROR-HANDLING.md
+    [UPGRADE-GUIDE.md]: https://github.com/bitinn/node-fetch/blob/master/UPGRADE-GUIDE.md
+notices: []
@@ -1,17 +1,15 @@
 ---
-name: undici-types
-version: 7.8.0
+name: tr46
+version: 0.0.3
 type: npm
-summary: A stand-alone types package for Undici
-homepage: https://undici.nodejs.org
+summary: An implementation of the Unicode TR46 spec
+homepage: https://github.com/Sebmaster/tr46.js#readme
 license: mit
 licenses:
- sources: LICENSE
+- sources: Auto-generated MIT license text
  text: |
    MIT License

-    Copyright (c) Matteo Collina and Undici contributors
-
    Permission is hereby granted, free of charge, to any person obtaining a copy
    of this software and associated documentation files (the "Software"), to deal
    in the Software without restriction, including without limitation the rights
@@ -1,34 +0,0 @@
---
-name: undici
-version: 5.28.5
-type: npm
-summary: An HTTP/1.1 client, written from scratch for Node.js
-homepage: https://undici.nodejs.org
-license: mit
-licenses:
- sources: LICENSE
-  text: |
-    MIT License
-
-    Copyright (c) Matteo Collina and Undici contributors
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE.
- sources: README.md
-  text: MIT
-notices: []
@@ -1,34 +0,0 @@
---
-name: undici
-version: 6.24.1
-type: npm
-summary: An HTTP/1.1 client, written from scratch for Node.js
-homepage: https://undici.nodejs.org
-license: mit
-licenses:
- sources: LICENSE
-  text: |
-    MIT License
-
-    Copyright (c) Matteo Collina and Undici contributors
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE.
- sources: README.md
-  text: MIT
-notices: []
@@ -1,34 +0,0 @@
---
-name: undici
-version: 5.28.5
-type: npm
-summary: An HTTP/1.1 client, written from scratch for Node.js
-homepage: https://undici.nodejs.org
-license: mit
-licenses:
- sources: LICENSE
-  text: |
-    MIT License
-
-    Copyright (c) Matteo Collina and Undici contributors
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE.
- sources: README.md
-  text: MIT
-notices: []
@@ -1,10 +1,10 @@
 ---
 name: universal-user-agent
-version: 7.0.3
+version: 6.0.0
 type: npm
 summary: Get a user agent string in both browser and node
 homepage: https://github.com/gr2m/universal-user-agent#readme
-license: isc
+license: other
 licenses:
 - sources: LICENSE.md
  text: |
@@ -1,20 +0,0 @@
---
-name: uuid
-version: 8.3.2
-type: npm
-summary: RFC4122 (v1, v4, and v5) UUIDs
-homepage: 
-license: mit
-licenses:
- sources: LICENSE.md
-  text: |
-    The MIT License (MIT)
-
-    Copyright (c) 2010-2020 Robert Kieffer and other contributors
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-notices: []
@@ -0,0 +1,23 @@
+---
+name: webidl-conversions
+version: 3.0.1
+type: npm
+summary: Implements the WebIDL algorithms for converting to and from JavaScript values
+homepage: 
+license: bsd-2-clause
+licenses:
+- sources: LICENSE.md
+  text: |
+    # The BSD 2-Clause License
+
+    Copyright (c) 2014, Domenic Denicola
+    All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+
+    2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+notices: []
@@ -1,16 +1,16 @@
 ---
-name: json-with-bigint
-version: 3.5.8
+name: whatwg-url
+version: 5.0.0
 type: npm
-summary: JSON parser/stringifier with BigInt support
-homepage: https://github.com/nickytonline/json-with-bigint#readme
+summary: An implementation of the WHATWG URL Standard's URL API and parsing machinery
+homepage: 
 license: mit
 licenses:
- sources: LICENSE
+- sources: LICENSE.txt
  text: |
-    MIT License
+    The MIT License (MIT)

-    Copyright (c) 2023
+    Copyright (c) 2015–2016 Sebastian Mayr

    Permission is hereby granted, free of charge, to any person obtaining a copy
    of this software and associated documentation files (the "Software"), to deal
@@ -19,14 +19,14 @@ licenses:
    copies of the Software, and to permit persons to whom the Software is
    furnished to do so, subject to the following conditions:

-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
+    The above copyright notice and this permission notice shall be included in
+    all copies or substantial portions of the Software.

    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE.
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+    THE SOFTWARE.
 notices: []
@@ -1 +0,0 @@
-engine-strict=true
@@ -0,0 +1,10 @@
+{
+  "editor.formatOnSave": true,
+  "editor.codeActionsOnSave": {
+    "source.organizeImports": true
+  },
+  "files.exclude": {
+    "**/dist": true,
+    "**/node_modules": true
+  }
+}
@@ -1 +1 @@
-* @actions/actions-launch
+* @actions/actions-experience
@@ -1,34 +1,15 @@
 # actions/github-script

-[![Integration](https://github.com/actions/github-script/actions/workflows/integration.yml/badge.svg?branch=main&event=push)](https://github.com/actions/github-script/actions/workflows/integration.yml)
-[![CI](https://github.com/actions/github-script/actions/workflows/ci.yml/badge.svg?branch=main&event=push)](https://github.com/actions/github-script/actions/workflows/ci.yml)
-[![Licensed](https://github.com/actions/github-script/actions/workflows/licensed.yml/badge.svg?branch=main&event=push)](https://github.com/actions/github-script/actions/workflows/licensed.yml)
+[![.github/workflows/integration.yml](https://github.com/actions/github-script/workflows/Integration/badge.svg?event=push&branch=main)](https://github.com/actions/github-script/actions?query=workflow%3AIntegration+branch%3Amain+event%3Apush)
+[![.github/workflows/ci.yml](https://github.com/actions/github-script/workflows/CI/badge.svg?event=push&branch=main)](https://github.com/actions/github-script/actions?query=workflow%3ACI+branch%3Amain+event%3Apush)
+[![.github/workflows/licensed.yml](https://github.com/actions/github-script/workflows/Licensed/badge.svg?event=push&branch=main)](https://github.com/actions/github-script/actions?query=workflow%3ALicensed+branch%3Amain+event%3Apush)

 This action makes it easy to quickly write a script in your workflow that
 uses the GitHub API and the workflow run context.

-### Note
-
-Thank you for your interest in this GitHub action, however, right now we are not taking contributions.
-
-We continue to focus our resources on strategic areas that help our customers be successful while making developers' lives easier. While GitHub Actions remains a key part of this vision, we are allocating resources towards other areas of Actions and are not taking contributions to this repository at this time. The GitHub public roadmap is the best place to follow along for any updates on features we’re working on and what stage they’re in.
-
-We are taking the following steps to better direct requests related to GitHub Actions, including:
-
-1. We will be directing questions and support requests to our [Community Discussions area](https://github.com/orgs/community/discussions/categories/actions)
-
-2. High Priority bugs can be reported through Community Discussions or you can report these to our support team https://support.github.com/contact/bug-report.
-
-3. Security Issues should be handled as per our [security.md](security.md)
-
-We will still provide security updates for this project and fix major breaking changes during this time.
-
-You are welcome to still raise bugs in this repo.
-
-### This action
-
-To use this action, provide an input named `script` that contains the body of an asynchronous JavaScript function call.
-The following arguments will be provided:
+In order to use this action, a `script` input is provided. The value of that
+input should be the body of an asynchronous function call. The following
+arguments will be provided:

 - `github` A pre-authenticated
  [octokit/rest.js](https://octokit.github.io/rest.js) client with pagination plugins
@@ -38,7 +19,6 @@ The following arguments will be provided:
 - `glob` A reference to the [@actions/glob](https://github.com/actions/toolkit/tree/main/packages/glob) package
 - `io` A reference to the [@actions/io](https://github.com/actions/toolkit/tree/main/packages/io) package
 - `exec` A reference to the [@actions/exec](https://github.com/actions/toolkit/tree/main/packages/exec) package
- `getOctokit` A factory function to create additional authenticated Octokit clients with different tokens (see [Creating additional clients](#creating-additional-clients-with-getoctokit))
 - `require` A proxy wrapper around the normal Node.js `require` to enable
  requiring relative paths (relative to the current working directory) and
  requiring npm packages installed in the current working directory. If for
@@ -47,94 +27,25 @@ The following arguments will be provided:
  our wrapping applied.

 Since the `script` is just a function body, these values will already be
-defined, so you don't have to import them (see examples below).
+defined, so you don't have to (see examples below).

 See [octokit/rest.js](https://octokit.github.io/rest.js/) for the API client
 documentation.

-## Breaking Changes
-
-### V9
-
-Version 9 of this action upgrades to `@actions/github` v9, which brings the latest Octokit types and features.
-
-**New features:**
-
- **`getOctokit` factory function** — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See [Creating additional clients with `getOctokit`](#creating-additional-clients-with-getoctokit) for details and examples.
- **Orchestration ID in user-agent** — The `ACTIONS_ORCHESTRATION_ID` environment variable is automatically appended to the user-agent string for request tracing.
-
-**Breaking changes:**
-
- **`require('@actions/github')` no longer works in scripts.** The upgrade to `@actions/github` v9 (ESM-only) means `require('@actions/github')` will fail at runtime. If you previously used patterns like `const { getOctokit } = require('@actions/github')` to create secondary clients, use the new injected `getOctokit` function instead — it's available directly in the script context with no imports needed.
- `getOctokit` is now an injected function parameter. Scripts that declare `const getOctokit = ...` or `let getOctokit = ...` will get a `SyntaxError` because JavaScript does not allow `const`/`let` redeclaration of function parameters. Use the injected `getOctokit` directly, or use `var getOctokit = ...` if you need to redeclare it.
- If your script accesses other `@actions/github` internals beyond the standard `github`/`octokit` client, you may need to update those references for v9 compatibility.
-
-### V8
-
-Version 8 of this action updated the runtime to Node 24 - https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions
-
-All scripts are now run with Node 24 instead of Node 20 and are affected by any breaking changes between Node 20 and 24.
-
-**This requires a minimum Actions Runner version of [v2.327.1](https://github.com/actions/runner/releases/tag/v2.327.1)**
-
-### V7
-
-Version 7 of this action updated the runtime to Node 20 - https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions
-
-All scripts are now run with Node 20 instead of Node 16 and are affected by any breaking changes between Node 16 and 20
-
-The `previews` input now only applies to GraphQL API calls as REST API previews are no longer necessary - https://github.blog/changelog/2021-10-14-rest-api-preview-promotions/.
-
-### V6
-
-Version 6 of this action updated the runtime to Node 16 - https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions
-
-All scripts are now run with Node 16 instead of Node 12 and are affected by any breaking changes between Node 12 and 16.
-
-### V5
-
-Version 5 of this action includes the version 5 of `@actions/github` and `@octokit/plugin-rest-endpoint-methods`. As part of this update, the Octokit context available via `github` no longer has REST methods directly. These methods are available via `github.rest.*` - https://github.com/octokit/plugin-rest-endpoint-methods.js/releases/tag/v5.0.0
-
-For example, `github.issues.createComment` in V4 becomes `github.rest.issues.createComment` in V5
-
-`github.request`, `github.paginate`, and `github.graphql` are unchanged.
+**Note** This action is still a bit of an experiment—the API may change in
+future versions. 🙂

 ## Development

 See [development.md](/docs/development.md).

-## Passing inputs to the script
-
-Actions expressions are evaluated before the `script` is passed to the action, so the result of any expressions
-_will be evaluated as JavaScript code_.
-
-It's highly recommended to _not_ evaluate expressions directly in the `script` to avoid
-[script injections](https://docs.github.com/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections)
-and potential `SyntaxError`s when the expression is not valid JavaScript code (particularly when it comes to improperly escaped strings).
-
-To pass inputs, set `env` vars on the action step and reference them in your script with `process.env`:
-
-```yaml
- uses: actions/github-script@v9
-  env:
-    TITLE: ${{ github.event.pull_request.title }}
-  with:
-    script: |
-      const title = process.env.TITLE;
-      if (title.startsWith('octocat')) {
-        console.log("PR title starts with 'octocat'");
-      } else {
-        console.error("PR title did not start with 'octocat'");
-      }
-```
-
 ## Reading step results

 The return value of the script will be in the step's outputs under the
 "result" key.

 ```yaml
- uses: actions/github-script@v9
+- uses: actions/github-script@v4
  id: set-result
  with:
    script: return "Hello!"
@@ -153,54 +64,13 @@ output of a github-script step. For some workflows, string encoding is preferred
 `result-encoding` input:

 ```yaml
- uses: actions/github-script@v9
+- uses: actions/github-script@v4
  id: my-script
  with:
    result-encoding: string
    script: return "I will be string (not JSON) encoded!"
 ```

-## Retries
-
-By default, requests made with the `github` instance will not be retried. You can configure this with the `retries` option:
-
-```yaml
- uses: actions/github-script@v9
-  id: my-script
-  with:
-    result-encoding: string
-    retries: 3
-    script: |
-      github.rest.issues.get({
-        issue_number: context.issue.number,
-        owner: context.repo.owner,
-        repo: context.repo.repo,
-      })
-```
-
-In this example, request failures from `github.rest.issues.get()` will be retried up to 3 times.
-
-You can also configure which status codes should be exempt from retries via the `retry-exempt-status-codes` option:
-
-```yaml
- uses: actions/github-script@v9
-  id: my-script
-  with:
-    result-encoding: string
-    retries: 3
-    retry-exempt-status-codes: 400,401
-    script: |
-      github.rest.issues.get({
-        issue_number: context.issue.number,
-        owner: context.repo.owner,
-        repo: context.repo.repo,
-      })
-```
-
-By default, the following status codes will not be retried: `400, 401, 403, 404, 422` [(source)](https://github.com/octokit/plugin-retry.js/blob/9a2443746c350b3beedec35cf26e197ea318a261/src/index.ts#L14).
-
-These retries are implemented using the [octokit/plugin-retry.js](https://github.com/octokit/plugin-retry.js) plugin. The retries use [exponential backoff](https://en.wikipedia.org/wiki/Exponential_backoff) to space out retries. ([source](https://github.com/octokit/plugin-retry.js/blob/9a2443746c350b3beedec35cf26e197ea318a261/src/error-request.ts#L13))
-
 ## Examples

 Note that `github-token` is optional in this action, and the input is there
@@ -212,7 +82,7 @@ By default, github-script will use the token provided to your workflow.

 ```yaml
 - name: View context attributes
-  uses: actions/github-script@v9
+  uses: actions/github-script@v4
  with:
    script: console.log(context)
 ```
@@ -228,10 +98,10 @@ jobs:
  comment:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/github-script@v9
+      - uses: actions/github-script@v4
        with:
          script: |
-            github.rest.issues.createComment({
+            github.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
@@ -250,10 +120,10 @@ jobs:
  apply-label:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/github-script@v9
+      - uses: actions/github-script@v4
        with:
          script: |
-            github.rest.issues.addLabels({
+            github.issues.addLabels({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
@@ -263,22 +133,20 @@ jobs:

 ### Welcome a first-time contributor

-You can format text in comments using the same [Markdown syntax](https://docs.github.com/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax) as the GitHub web interface:
-
 ```yaml
-on: pull_request_target
+on: pull_request

 jobs:
  welcome:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/github-script@v9
+      - uses: actions/github-script@v4
        with:
          script: |
            // Get a list of all issues created by the PR opener
            // See: https://octokit.github.io/rest.js/#pagination
            const creator = context.payload.sender.login
-            const opts = github.rest.issues.listForRepo.endpoint.merge({
+            const opts = github.issues.listForRepo.endpoint.merge({
              ...context.issue,
              creator,
              state: 'all'
@@ -295,13 +163,11 @@ jobs:
              }
            }

-            await github.rest.issues.createComment({
+            await github.issues.createComment({
              issue_number: context.issue.number,
              owner: context.repo.owner,
              repo: context.repo.repo,
-              body: `**Welcome**, new contributor!
-
-                Please make sure you've read our [contributing guide](CONTRIBUTING.md) and we look forward to reviewing your Pull request shortly ✨`
+              body: 'Welcome, new contributor!'
            })
 ```

@@ -317,7 +183,7 @@ jobs:
  diff:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/github-script@v9
+      - uses: actions/github-script@v4
        with:
          script: |
            const diff_url = context.payload.pull_request.diff_url
@@ -341,7 +207,7 @@ jobs:
  list-issues:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/github-script@v9
+      - uses: actions/github-script@v4
        with:
          script: |
            const query = `query($owner:String!, $name:String!, $label:String!) {
@@ -374,8 +240,8 @@ jobs:
  echo-input:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/github-script@v9
+      - uses: actions/checkout@v2
+      - uses: actions/github-script@v4
        with:
          script: |
            const script = require('./path/to/script.js')
@@ -412,8 +278,8 @@ jobs:
  echo-input:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/github-script@v9
+      - uses: actions/checkout@v2
+      - uses: actions/github-script@v4
        env:
          SHA: '${{env.parentSHA}}'
        with:
@@ -427,7 +293,7 @@ And then export an async function from your module:
 ```javascript
 module.exports = async ({github, context, core}) => {
  const {SHA} = process.env
-  const commit = await github.rest.repos.getCommit({
+  const commit = await github.repos.getCommit({
    owner: context.repo.owner,
    repo: context.repo.repo,
    ref: `${SHA}`
@@ -450,14 +316,14 @@ jobs:
  echo-input:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
        with:
-          node-version: '20.x'
+          node-version: 14
      - run: npm ci
      # or one-off:
      - run: npm install execa
-      - uses: actions/github-script@v9
+      - uses: actions/github-script@v4
        with:
          script: |
            const execa = require('execa')
@@ -467,52 +333,26 @@ jobs:
            console.log(stdout)
 ```

-### Use ESM `import`
+### Use env as input

-To import an ESM file, you'll need to reference your script by an absolute path and ensure you have a `package.json` file with `"type": "module"` specified.
-
-For a script in your repository `src/print-stuff.js`:
-
-```js
-export default function printStuff() {
-  console.log('stuff')
-}
-```
+You can set env vars to use them in your script:

 ```yaml
 on: push

 jobs:
-  print-stuff:
+  echo-input:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/github-script@v9
+      - uses: actions/github-script@v4
+        env:
+          FIRST_NAME: Mona
+          LAST_NAME: Octocat
        with:
          script: |
-            const { default: printStuff } = await import('${{ github.workspace }}/src/print-stuff.js')
+            const { FIRST_NAME, LAST_NAME } = process.env

-            await printStuff()
-```
-
-### Use scripts with jsDoc support
-
-If you want type support for your scripts, you could use the command below to install the
-`@actions/github-script` type declaration.
-
-```sh
-$ npm i -D @actions/github-script@github:actions/github-script
-```
-
-And then add the `jsDoc` declaration to your script like this:
-
-```js
-// @ts-check
-/** @param {import('@actions/github-script').AsyncFunctionArguments} AsyncFunctionArguments */
-export default async ({core, context}) => {
-  core.debug('Running something at the moment')
-  return context.actor
-}
+            console.log(`Hello ${FIRST_NAME} ${LAST_NAME}`)
 ```

 ### Using a separate GitHub token
@@ -523,129 +363,23 @@ If you need access to a different repository or an API that the `GITHUB_TOKEN` d

 [Learn more about creating and using encrypted secrets](https://docs.github.com/actions/reference/encrypted-secrets)

-### Creating additional clients with `getOctokit`
-
-The `getOctokit` function is available in the script context and lets you create additional authenticated Octokit clients — useful when you need to interact with the GitHub API using a different token than the one provided to the action (e.g. a GitHub App installation token, a PAT for cross-org access, or a fine-grained token with different permissions).
-
-```js
-getOctokit(token)
-getOctokit(token, opts)
-```
-
-**Parameters:**
-
-| Name    | Type     | Description                                                                             |
-| ------- | -------- | --------------------------------------------------------------------------------------- |
-| `token` | `string` | **Required.** A GitHub token (PAT, GitHub App token, etc.)                              |
-| `opts`  | `object` | Optional. Octokit constructor options (e.g. `userAgent`, `baseUrl`, `request`, `retry`) |
-
-The returned client is fully configured with the same plugins as `github` (retry, request-log, proxy support) — you don't need to set those up yourself.
-
-**Option merging behavior:** `request` and `retry` are deep-merged with the action's defaults, so you can override individual fields (e.g. `{request: {timeout: 5000}}`) without losing the inherited retry count or proxy settings. All other top-level options (like `baseUrl` or `userAgent`) are replaced outright if you provide them.
-
-> **Note:** `getOctokit` is injected as a function parameter (like `github`, `context`, `core`, etc.). You cannot redeclare it with `const` or `let` — this will cause a `SyntaxError`. Use `getOctokit` directly, or use `var` if you need to redeclare it. See [V9 breaking changes](#v9) for details.
-
-#### Basic usage — one primary token, one secondary token
-
 ```yaml
- uses: actions/github-script@v9
-  env:
-    APP_TOKEN: ${{ secrets.MY_APP_TOKEN }}
-  with:
-    github-token: ${{ secrets.GITHUB_TOKEN }}
-    script: |
-      // `github` uses GITHUB_TOKEN (scoped to this repo)
-      await github.rest.issues.addLabels({
-        issue_number: context.issue.number,
-        owner: context.repo.owner,
-        repo: context.repo.repo,
-        labels: ['triage']
-      })
-
-      // `getOctokit` creates a second client with a different token
-      const appOctokit = getOctokit(process.env.APP_TOKEN)
-      await appOctokit.rest.repos.createDispatchEvent({
-        owner: 'my-org',
-        repo: 'another-repo',
-        event_type: 'trigger-deploy'
-      })
-```
-
-#### Multiple clients for cross-org workflows
-
-```yaml
- uses: actions/github-script@v9
-  env:
-    ORG_A_TOKEN: ${{ secrets.ORG_A_PAT }}
-    ORG_B_TOKEN: ${{ secrets.ORG_B_PAT }}
-  with:
-    script: |
-      const orgA = getOctokit(process.env.ORG_A_TOKEN)
-      const orgB = getOctokit(process.env.ORG_B_TOKEN)
-
-      const [repoA, repoB] = await Promise.all([
-        orgA.rest.repos.get({ owner: 'org-a', repo: 'service' }),
-        orgB.rest.repos.get({ owner: 'org-b', repo: 'service' })
-      ])
-
-      console.log(`Org A: ${repoA.data.full_name}`)
-      console.log(`Org B: ${repoB.data.full_name}`)
-```
-
-#### Custom options
-
-```yaml
- uses: actions/github-script@v9
-  env:
-    GHES_TOKEN: ${{ secrets.GHES_PAT }}
-  with:
-    script: |
-      const ghes = getOctokit(process.env.GHES_TOKEN, {
-        baseUrl: 'https://github.example.com/api/v3'
-      })
-
-      const { data } = await ghes.rest.repos.listForOrg({ org: 'internal' })
-      console.log(`Found ${data.length} repos on GHES`)
-```
-
-### Using exec package
-
-The provided [@actions/exec](https://github.com/actions/toolkit/tree/main/packages/exec) package allows to execute command or tools in a cross platform way:
-
-```yaml
-on: push
+on:
+  issues:
+    types: [opened]

 jobs:
-  use-exec:
+  apply-label:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/github-script@v9
+      - uses: actions/github-script@v4
        with:
+          github-token: ${{ secrets.MY_PAT }}
          script: |
-            const exitCode = await exec.exec('echo', ['hello'])
-
-            console.log(exitCode)
-```
-
-`exec` packages provides `getExecOutput` function to retrieve stdout and stderr from executed command:
-
-```yaml
-on: push
-
-jobs:
-  use-get-exec-output:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/github-script@v9
-        with:
-          script: |
-            const {
-              exitCode,
-              stdout,
-              stderr
-            } = await exec.getExecOutput('echo', ['hello']);
-
-            console.log(exitCode, stdout, stderr)
+            github.issues.addLabels({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              labels: ['Triage']
+            })
 ```
@@ -8,94 +8,6 @@ describe('callAsyncFunction', () => {
    expect(result).toEqual('bar')
  })

-  test('passes getOctokit through the script context', async () => {
-    const getOctokit = jest.fn().mockReturnValue('secondary-client')
-
-    const result = await callAsyncFunction(
-      {getOctokit} as any,
-      "return getOctokit('token')"
-    )
-
-    expect(getOctokit).toHaveBeenCalledWith('token')
-    expect(result).toEqual('secondary-client')
-  })
-
-  test('getOctokit creates client independent from github', async () => {
-    const github = {rest: {issues: 'primary'}}
-    const getOctokit = jest.fn().mockReturnValue({rest: {issues: 'secondary'}})
-
-    const result = await callAsyncFunction(
-      {github, getOctokit} as any,
-      `
-        const secondary = getOctokit('other-token')
-        return {
-          primary: github.rest.issues,
-          secondary: secondary.rest.issues,
-          different: github !== secondary
-        }
-      `
-    )
-
-    expect(result).toEqual({
-      primary: 'primary',
-      secondary: 'secondary',
-      different: true
-    })
-    expect(getOctokit).toHaveBeenCalledWith('other-token')
-  })
-
-  test('getOctokit passes options through', async () => {
-    const getOctokit = jest.fn().mockReturnValue('client-with-opts')
-
-    const result = await callAsyncFunction(
-      {getOctokit} as any,
-      `return getOctokit('my-token', { baseUrl: 'https://ghes.example.com/api/v3' })`
-    )
-
-    expect(getOctokit).toHaveBeenCalledWith('my-token', {
-      baseUrl: 'https://ghes.example.com/api/v3'
-    })
-    expect(result).toEqual('client-with-opts')
-  })
-
-  test('getOctokit supports plugins', async () => {
-    const getOctokit = jest.fn().mockReturnValue('client-with-plugins')
-
-    const result = await callAsyncFunction(
-      {getOctokit} as any,
-      `return getOctokit('my-token', { previews: ['v3'] }, 'pluginA', 'pluginB')`
-    )
-
-    expect(getOctokit).toHaveBeenCalledWith(
-      'my-token',
-      {previews: ['v3']},
-      'pluginA',
-      'pluginB'
-    )
-    expect(result).toEqual('client-with-plugins')
-  })
-
-  test('multiple getOctokit calls produce independent clients', async () => {
-    const getOctokit = jest
-      .fn()
-      .mockReturnValueOnce({id: 'client-a'})
-      .mockReturnValueOnce({id: 'client-b'})
-
-    const result = await callAsyncFunction(
-      {getOctokit} as any,
-      `
-        const a = getOctokit('token-a')
-        const b = getOctokit('token-b')
-        return { a: a.id, b: b.id, different: a !== b }
-      `
-    )
-
-    expect(getOctokit).toHaveBeenCalledTimes(2)
-    expect(getOctokit).toHaveBeenNthCalledWith(1, 'token-a')
-    expect(getOctokit).toHaveBeenNthCalledWith(2, 'token-b')
-    expect(result).toEqual({a: 'client-a', b: 'client-b', different: true})
-  })
-
  test('throws on ReferenceError', async () => {
    expect.assertions(1)

@@ -113,22 +25,4 @@ describe('callAsyncFunction', () => {
  test('can access console', async () => {
    await callAsyncFunction({} as any, 'console')
  })
-
-  test('injected names are accessible when not redeclared', async () => {
-    const getOctokit = jest.fn().mockReturnValue('from-injected')
-
-    const result = await callAsyncFunction(
-      {getOctokit} as any,
-      `return getOctokit('token')`
-    )
-
-    expect(result).toEqual('from-injected')
-    expect(getOctokit).toHaveBeenCalledWith('token')
-  })
-
-  test('syntax errors in user code still throw', () => {
-    expect(() => callAsyncFunction({} as any, 'const x = {')).toThrow(
-      SyntaxError
-    )
-  })
 })
@@ -1,288 +0,0 @@
-/* eslint-disable @typescript-eslint/no-explicit-any */
-
-import {createConfiguredGetOctokit} from '../src/create-configured-getoctokit'
-
-describe('createConfiguredGetOctokit', () => {
-  const mockRetryPlugin = jest.fn()
-  const mockRequestLogPlugin = jest.fn()
-
-  function makeMockGetOctokit() {
-    return jest.fn().mockReturnValue('mock-client')
-  }
-
-  test('passes token and merged defaults to underlying getOctokit', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {
-      userAgent: 'actions/github-script actions_orchestration_id/abc',
-      retry: {enabled: true},
-      request: {retries: 3}
-    }
-
-    const wrapped = createConfiguredGetOctokit(
-      raw as any,
-      defaults,
-      mockRetryPlugin,
-      mockRequestLogPlugin
-    )
-    wrapped('my-token' as any)
-
-    expect(raw).toHaveBeenCalledWith(
-      'my-token',
-      expect.objectContaining({
-        userAgent: 'actions/github-script actions_orchestration_id/abc',
-        retry: {enabled: true},
-        request: {retries: 3}
-      }),
-      mockRetryPlugin,
-      mockRequestLogPlugin
-    )
-  })
-
-  test('user options override top-level defaults', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {
-      userAgent: 'default-agent',
-      previews: ['v3']
-    }
-
-    const wrapped = createConfiguredGetOctokit(raw as any, defaults)
-    wrapped('tok' as any, {userAgent: 'custom-agent'} as any)
-
-    expect(raw).toHaveBeenCalledWith(
-      'tok',
-      expect.objectContaining({userAgent: 'custom-agent', previews: ['v3']})
-    )
-  })
-
-  test('deep-merges request so partial overrides preserve retries', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {
-      request: {retries: 3, agent: 'proxy-agent', fetch: 'proxy-fetch'}
-    }
-
-    const wrapped = createConfiguredGetOctokit(raw as any, defaults)
-    wrapped('tok' as any, {request: {timeout: 5000}} as any)
-
-    expect(raw).toHaveBeenCalledWith(
-      'tok',
-      expect.objectContaining({
-        request: {
-          retries: 3,
-          agent: 'proxy-agent',
-          fetch: 'proxy-fetch',
-          timeout: 5000
-        }
-      })
-    )
-  })
-
-  test('deep-merges retry so partial overrides preserve existing settings', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {
-      retry: {enabled: true, retries: 3}
-    }
-
-    const wrapped = createConfiguredGetOctokit(raw as any, defaults)
-    wrapped('tok' as any, {retry: {retries: 5}} as any)
-
-    expect(raw).toHaveBeenCalledWith(
-      'tok',
-      expect.objectContaining({
-        retry: {enabled: true, retries: 5}
-      })
-    )
-  })
-
-  test('user can override request.retries explicitly', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {request: {retries: 3}}
-
-    const wrapped = createConfiguredGetOctokit(raw as any, defaults)
-    wrapped('tok' as any, {request: {retries: 0}} as any)
-
-    expect(raw).toHaveBeenCalledWith(
-      'tok',
-      expect.objectContaining({request: {retries: 0}})
-    )
-  })
-
-  test('user plugins are appended after default plugins', () => {
-    const raw = makeMockGetOctokit()
-    const customPlugin = jest.fn()
-
-    const wrapped = createConfiguredGetOctokit(
-      raw as any,
-      {},
-      mockRetryPlugin,
-      mockRequestLogPlugin
-    )
-    wrapped('tok' as any, {} as any, customPlugin as any)
-
-    expect(raw).toHaveBeenCalledWith(
-      'tok',
-      expect.any(Object),
-      mockRetryPlugin,
-      mockRequestLogPlugin,
-      customPlugin
-    )
-  })
-
-  test('duplicate plugins are deduplicated', () => {
-    const raw = makeMockGetOctokit()
-
-    const wrapped = createConfiguredGetOctokit(
-      raw as any,
-      {},
-      mockRetryPlugin,
-      mockRequestLogPlugin
-    )
-    // User passes retry again — should not duplicate
-    wrapped('tok' as any, {} as any, mockRetryPlugin as any)
-
-    expect(raw).toHaveBeenCalledWith(
-      'tok',
-      expect.any(Object),
-      mockRetryPlugin,
-      mockRequestLogPlugin
-    )
-  })
-
-  test('applies defaults when no user options provided', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {
-      userAgent: 'actions/github-script',
-      retry: {enabled: true},
-      request: {retries: 3}
-    }
-
-    const wrapped = createConfiguredGetOctokit(
-      raw as any,
-      defaults,
-      mockRetryPlugin
-    )
-    wrapped('tok' as any)
-
-    expect(raw).toHaveBeenCalledWith(
-      'tok',
-      {
-        userAgent: 'actions/github-script',
-        retry: {enabled: true},
-        request: {retries: 3}
-      },
-      mockRetryPlugin
-    )
-  })
-
-  test('baseUrl: undefined from user does not clobber default', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {baseUrl: 'https://ghes.example.com/api/v3'}
-
-    const wrapped = createConfiguredGetOctokit(raw as any, defaults)
-    wrapped('tok' as any, {baseUrl: undefined} as any)
-
-    const calledOpts = raw.mock.calls[0][1]
-    expect(calledOpts.baseUrl).toBe('https://ghes.example.com/api/v3')
-  })
-
-  test('undefined values in nested request are stripped', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {request: {retries: 3, agent: 'proxy'}}
-
-    const wrapped = createConfiguredGetOctokit(raw as any, defaults)
-    wrapped('tok' as any, {request: {retries: undefined, timeout: 5000}} as any)
-
-    const calledOpts = raw.mock.calls[0][1]
-    expect(calledOpts.request).toEqual({
-      retries: 3,
-      agent: 'proxy',
-      timeout: 5000
-    })
-  })
-
-  test('undefined values in nested retry are stripped', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {retry: {enabled: true, retries: 3}}
-
-    const wrapped = createConfiguredGetOctokit(raw as any, defaults)
-    wrapped('tok' as any, {retry: {enabled: undefined, retries: 5}} as any)
-
-    const calledOpts = raw.mock.calls[0][1]
-    expect(calledOpts.retry).toEqual({enabled: true, retries: 5})
-  })
-
-  test('each call creates an independent client', () => {
-    const raw = jest
-      .fn()
-      .mockReturnValueOnce('client-a')
-      .mockReturnValueOnce('client-b')
-
-    const wrapped = createConfiguredGetOctokit(raw as any, {})
-    const a = wrapped('token-a' as any)
-    const b = wrapped('token-b' as any)
-
-    expect(a).toBe('client-a')
-    expect(b).toBe('client-b')
-    expect(raw).toHaveBeenCalledTimes(2)
-  })
-
-  test('does not mutate defaultOptions between calls', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {
-      request: {retries: 3},
-      retry: {enabled: true}
-    }
-    const originalDefaults = JSON.parse(JSON.stringify(defaults))
-
-    const wrapped = createConfiguredGetOctokit(raw as any, defaults)
-    wrapped(
-      'tok' as any,
-      {request: {timeout: 5000}, retry: {retries: 10}} as any
-    )
-    wrapped('tok' as any, {request: {timeout: 9000}} as any)
-
-    expect(defaults).toEqual(originalDefaults)
-  })
-
-  test('undefined values in defaults are stripped (e.g. log: undefined)', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {
-      userAgent: 'actions/github-script',
-      log: undefined,
-      previews: undefined,
-      retry: {enabled: true}
-    }
-
-    const wrapped = createConfiguredGetOctokit(raw as any, defaults)
-    wrapped('tok' as any)
-
-    const calledOpts = raw.mock.calls[0][1]
-    expect(calledOpts.userAgent).toBe('actions/github-script')
-    expect(calledOpts.retry).toEqual({enabled: true})
-    // undefined defaults should be stripped, not passed through
-    expect('log' in calledOpts).toBe(false)
-    expect('previews' in calledOpts).toBe(false)
-  })
-
-  test('falsy-but-valid values are preserved, only undefined is stripped', () => {
-    const raw = makeMockGetOctokit()
-    const defaults = {baseUrl: 'https://ghes.example.com/api/v3'}
-
-    const wrapped = createConfiguredGetOctokit(raw as any, defaults)
-    wrapped(
-      'tok' as any,
-      {
-        log: null,
-        retries: 0,
-        debug: false,
-        userAgent: ''
-      } as any
-    )
-
-    const calledOpts = raw.mock.calls[0][1]
-    expect(calledOpts.log).toBeNull()
-    expect(calledOpts.retries).toBe(0)
-    expect(calledOpts.debug).toBe(false)
-    expect(calledOpts.userAgent).toBe('')
-    expect(calledOpts.baseUrl).toBe('https://ghes.example.com/api/v3')
-  })
-})
@@ -1,69 +0,0 @@
-/* eslint-disable @typescript-eslint/no-explicit-any */
-
-import {getRetryOptions} from '../src/retry-options'
-
-describe('getRequestOptions', () => {
-  test('retries disabled if retries == 0', async () => {
-    const [retryOptions, requestOptions] = getRetryOptions(
-      0,
-      [400, 500, 502],
-      []
-    )
-
-    expect(retryOptions.enabled).toBe(false)
-    expect(retryOptions.doNotRetry).toBeFalsy()
-
-    expect(requestOptions?.retries).toBeFalsy()
-  })
-
-  test('properties set if retries > 0', async () => {
-    const [retryOptions, requestOptions] = getRetryOptions(
-      1,
-      [400, 500, 502],
-      []
-    )
-
-    expect(retryOptions.enabled).toBe(true)
-    expect(retryOptions.doNotRetry).toEqual([400, 500, 502])
-
-    expect(requestOptions?.retries).toEqual(1)
-  })
-
-  test('properties set if retries > 0', async () => {
-    const [retryOptions, requestOptions] = getRetryOptions(
-      1,
-      [400, 500, 502],
-      []
-    )
-
-    expect(retryOptions.enabled).toBe(true)
-    expect(retryOptions.doNotRetry).toEqual([400, 500, 502])
-
-    expect(requestOptions?.retries).toEqual(1)
-  })
-
-  test('retryOptions.doNotRetry not set if exemptStatusCodes isEmpty', async () => {
-    const [retryOptions, requestOptions] = getRetryOptions(1, [], [])
-
-    expect(retryOptions.enabled).toBe(true)
-    expect(retryOptions.doNotRetry).toBeUndefined()
-
-    expect(requestOptions?.retries).toEqual(1)
-  })
-
-  test('requestOptions does not override defaults from @actions/github', async () => {
-    const [retryOptions, requestOptions] = getRetryOptions(1, [], {
-      request: {
-        agent: 'default-user-agent'
-      },
-      foo: 'bar'
-    })
-
-    expect(retryOptions.enabled).toBe(true)
-    expect(retryOptions.doNotRetry).toBeUndefined()
-
-    expect(requestOptions?.retries).toEqual(1)
-    expect(requestOptions?.agent).toEqual('default-user-agent')
-    expect(requestOptions?.foo).toBeUndefined() // this should not be in the `options.request` object, but at the same level as `request`
-  })
-})
@@ -1,102 +0,0 @@
-/* eslint-disable @typescript-eslint/no-explicit-any */
-
-import {callAsyncFunction} from '../src/async-function'
-
-// Create a mock getOctokit that returns Octokit-like objects.
-// Real @actions/github integration is tested in the CI workflow
-// (integration.yml test-get-octokit job). Here we verify the
-// script context wiring — getOctokit is passed through and
-// callable from user scripts.
-function mockGetOctokit(token: string, options?: any) {
-  return {
-    _token: token,
-    _options: options,
-    rest: {
-      issues: {get: async () => ({data: {id: 1}})},
-      pulls: {get: async () => ({data: {id: 2}})}
-    },
-    graphql: async () => ({}),
-    request: async () => ({})
-  }
-}
-
-describe('getOctokit integration via callAsyncFunction', () => {
-  test('getOctokit creates a functional client in script scope', async () => {
-    const result = await callAsyncFunction(
-      {getOctokit: mockGetOctokit} as any,
-      `
-        const client = getOctokit('fake-token-for-test')
-        return {
-          hasRest: typeof client.rest === 'object',
-          hasGraphql: typeof client.graphql === 'function',
-          hasRequest: typeof client.request === 'function',
-          hasIssues: typeof client.rest.issues === 'object',
-          hasPulls: typeof client.rest.pulls === 'object'
-        }
-      `
-    )
-
-    expect(result).toEqual({
-      hasRest: true,
-      hasGraphql: true,
-      hasRequest: true,
-      hasIssues: true,
-      hasPulls: true
-    })
-  })
-
-  test('secondary client is independent from primary github client', async () => {
-    const primary = mockGetOctokit('primary-token')
-
-    const result = await callAsyncFunction(
-      {github: primary, getOctokit: mockGetOctokit} as any,
-      `
-        const secondary = getOctokit('secondary-token')
-        return {
-          bothHaveRest: typeof github.rest === 'object' && typeof secondary.rest === 'object',
-          areDistinct: github !== secondary
-        }
-      `
-    )
-
-    expect(result).toEqual({
-      bothHaveRest: true,
-      areDistinct: true
-    })
-  })
-
-  test('getOctokit accepts options for GHES base URL', async () => {
-    const result = await callAsyncFunction(
-      {getOctokit: mockGetOctokit} as any,
-      `
-        const client = getOctokit('fake-token', {
-          baseUrl: 'https://ghes.example.com/api/v3'
-        })
-        return typeof client.rest === 'object'
-      `
-    )
-
-    expect(result).toBe(true)
-  })
-
-  test('multiple getOctokit calls produce independent clients with different tokens', async () => {
-    const result = await callAsyncFunction(
-      {getOctokit: mockGetOctokit} as any,
-      `
-        const clientA = getOctokit('token-a')
-        const clientB = getOctokit('token-b')
-        return {
-          aHasRest: typeof clientA.rest === 'object',
-          bHasRest: typeof clientB.rest === 'object',
-          areDistinct: clientA !== clientB
-        }
-      `
-    )
-
-    expect(result).toEqual({
-      aHasRest: true,
-      bHasRest: true,
-      areDistinct: true
-    })
-  })
-})
@@ -13,28 +13,19 @@ inputs:
    default: ${{ github.token }}
    required: false
  debug:
-    description: Whether to tell the GitHub client to log details of its requests. true or false. Default is to run in debug mode when the GitHub Actions step debug logging is turned on.
-    default: ${{ runner.debug == '1' }}
+    description: Whether to tell the GitHub client to log details of its requests
+    default: false
  user-agent:
    description: An optional user-agent string
    default: actions/github-script
  previews:
-    description: A comma-separated list of GraphQL API previews to accept
+    description: A comma-separated list of API previews to accept
  result-encoding:
-    description: Either "string" or "json" (default "json")—how the result will be encoded
+    description: Either "string" or "json" (default "json")—how the result will be encoded 
    default: json
-  retries:
-    description: The number of times to retry a request
-    default: "0"
-  retry-exempt-status-codes:
-    description: A comma separated list of status codes that will NOT be retried e.g. "400,500". No effect unless `retries` is set
-    default: 400,401,403,404,422 # from https://github.com/octokit/plugin-retry.js/blob/9a2443746c350b3beedec35cf26e197ea318a261/src/index.ts#L14
-  base-url:
-    description: An optional GitHub REST API URL to connect to a different GitHub instance. For example, https://my.github-enterprise-server.com/api/v3
-    required: false
 outputs:
  result:
    description: The return value of the script, stringified with `JSON.stringify`
 runs:
-  using: node24
+  using: node12
  main: dist/index.js
@@ -25,4 +25,4 @@ Releases are done manually, for now:
 1. Ensure that the build is up to date with `npm run build`. It's also good to ensure you have the correct dependencies installed by running `npm install` before you build.
 1. Bump the [package.json](/package.json#L3) and [package-lock.json](/package-lock.json#L3) version numbers and commit them. I like to do this with `npm version {major,minor,patch} --no-git-tag-version`. This will bump the version numbers but let you manually commit and tag, yourself.
 1. Update documentation (including updated version numbers).
-1. Tag main with the new version number and create a GitHub release. Make sure you also force-create and force-push tags for minor and patch updates. For example, when creating v5.2.0 (a minor bump), you want to create (or update) `v5`, `v5.2`, and `v5.2.0`.
+1. Tag main with the new version number and create a GitHub release. Make sure you also force-create and force-push tags for minor and patch updates. For example, when creating v5.1.0 (a minor bump), you want to create (or update) `v5`, `v5.1`, and `v5.1.0`.
@@ -1,71 +1,61 @@
 {
-  "name": "@actions/github-script",
+  "name": "github-script",
  "description": "A GitHub action for executing a simple script",
-  "engines": {
-    "node": ">=24"
-  },
-  "version": "9.0.0",
+  "version": "4.2.0",
  "author": "GitHub",
  "license": "MIT",
  "main": "dist/index.js",
-  "types": "types/async-function.d.ts",
+  "private": true,
  "scripts": {
-    "build": "npm run build:types && ncc build src/main.ts",
-    "build:types": "tsc src/async-function.ts --target es2022 --module es2022 --moduleResolution bundler --declaration --emitDeclarationOnly --outDir types",
+    "build": "ncc build src/main.ts",
    "format:check": "prettier --check src __test__",
    "format:write": "prettier --write src __test__",
    "lint": "eslint src __test__",
    "style:check": "run-p --continue-on-error --aggregate-output format:check lint",
    "style:write": "run-p --continue-on-error --aggregate-output format:write lint",
    "pre-commit": "run-s style:write test build",
-    "test": "jest",
-    "prepare": "husky"
+    "test": "jest"
+  },
+  "husky": {
+    "hooks": {
+      "pre-commit": "npm run pre-commit && git add dist/"
+    }
  },
  "jest": {
    "preset": "ts-jest",
    "testEnvironment": "node",
-    "transform": {
-      "^.+\\.ts$": [
-        "ts-jest",
-        {
-          "tsconfig": {
-            "target": "es2022",
-            "module": "commonjs",
-            "moduleResolution": "bundler"
-          },
-          "diagnostics": {
-            "ignoreCodes": [
-              "151001"
-            ]
-          }
+    "globals": {
+      "ts-jest": {
+        "diagnostics": {
+          "ignoreCodes": [
+            "151001"
+          ]
        }
-      ]
+      }
    }
  },
  "dependencies": {
-    "@actions/core": "^1.10.1",
-    "@actions/exec": "^1.1.1",
-    "@actions/github": "^9.0.0",
-    "@actions/glob": "^0.4.0",
-    "@actions/io": "^1.1.3",
-    "@octokit/core": "^7.0.0",
-    "@octokit/plugin-request-log": "^6.0.0",
-    "@octokit/plugin-retry": "^8.0.0",
-    "@types/node": "^24.1.0"
+    "@actions/core": "^1.10.0",
+    "@actions/exec": "^1.1.0",
+    "@actions/github": "^4.0.0",
+    "@actions/glob": "^0.1.2",
+    "@actions/io": "^1.1.1",
+    "@octokit/core": "^3.5.1",
+    "@octokit/plugin-paginate-rest": "^2.16.4",
+    "@octokit/plugin-rest-endpoint-methods": "^4.2.1"
  },
  "devDependencies": {
-    "@types/jest": "^29.5.5",
-    "@typescript-eslint/eslint-plugin": "^6.7.5",
-    "@typescript-eslint/parser": "^6.7.5",
-    "@vercel/ncc": "^0.38.0",
-    "eslint": "^8.51.0",
-    "eslint-config-prettier": "^9.0.0",
-    "eslint-plugin-prettier": "^5.0.1",
-    "husky": "^9.1.1",
-    "jest": "^29.7.0",
+    "@types/jest": "^26.0.24",
+    "@typescript-eslint/eslint-plugin": "^3.10.1",
+    "@typescript-eslint/parser": "^3.10.1",
+    "@vercel/ncc": "^0.23.0",
+    "eslint": "^7.32.0",
+    "eslint-config-prettier": "^6.15.0",
+    "husky": "^4.2.5",
+    "jest": "^26.6.3",
    "npm-run-all": "^4.1.5",
-    "prettier": "^3.0.3",
-    "ts-jest": "^29.1.1",
-    "typescript": "^5.2.2"
+    "prettier": "^2.0.5",
+    "ts-jest": "^26.5.6",
+    "typescript": "^4.3.5"
  }
-}
+}
@@ -1,17 +1,16 @@
 import * as core from '@actions/core'
 import * as exec from '@actions/exec'
-import type {context, getOctokit} from '@actions/github'
+import {Context} from '@actions/github/lib/context'
+import {GitHub} from '@actions/github/lib/utils'
 import * as glob from '@actions/glob'
 import * as io from '@actions/io'

 const AsyncFunction = Object.getPrototypeOf(async () => null).constructor

-export declare type AsyncFunctionArguments = {
-  context: typeof context
+type AsyncFunctionArguments = {
+  context: Context
  core: typeof core
-  github: ReturnType<typeof getOctokit>
-  octokit: ReturnType<typeof getOctokit>
-  getOctokit: typeof getOctokit
+  github: InstanceType<typeof GitHub>
  exec: typeof exec
  glob: typeof glob
  io: typeof io
@@ -1,64 +0,0 @@
-import {getOctokit} from '@actions/github'
-
-/**
- * Strip keys whose value is `undefined` so they don't clobber defaults
- * during object spread (e.g. `{baseUrl: undefined}` would wipe a GHES URL).
- */
-function stripUndefined(obj: Record<string, unknown>): Record<string, unknown> {
-  return Object.fromEntries(
-    Object.entries(obj).filter(([, v]) => v !== undefined)
-  )
-}
-
-/**
- * Creates a wrapped getOctokit that inherits default options and plugins.
- * Secondary clients created via the wrapper get the same retry, logging,
- * orchestration ID, and retries count as the pre-built `github` client.
- *
- * - `request` and `retry` are deep-merged so partial overrides
- *   (e.g. `{request: {timeout: 5000}}`) don't clobber inherited values.
- * - `undefined` values in both default and user options are stripped to prevent
- *   accidental clobbering (e.g. GHES `baseUrl`, or `log: undefined` from defaults).
- * - Default plugins (retry, requestLog) are always included; duplicates are skipped.
- */
-export function createConfiguredGetOctokit(
-  rawGetOctokit: typeof getOctokit,
-  defaultOptions: Record<string, unknown>,
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  ...defaultPlugins: any[]
-): typeof getOctokit {
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  return ((token: string, options?: any, ...plugins: any[]) => {
-    const cleanDefaults = stripUndefined(defaultOptions)
-    const userOpts = stripUndefined(options ?? {})
-
-    const defaultRequest =
-      (cleanDefaults.request as Record<string, unknown> | undefined) ?? {}
-    const userRequest = stripUndefined(
-      (userOpts.request as Record<string, unknown> | undefined) ?? {}
-    )
-
-    const defaultRetry =
-      (cleanDefaults.retry as Record<string, unknown> | undefined) ?? {}
-    const userRetry = stripUndefined(
-      (userOpts.retry as Record<string, unknown> | undefined) ?? {}
-    )
-
-    const merged = {
-      ...cleanDefaults,
-      ...userOpts,
-      request: {...defaultRequest, ...userRequest},
-      retry: {...defaultRetry, ...userRetry}
-    }
-
-    // Deduplicate: default plugins first, then user plugins that aren't already present
-    const allPlugins = [...defaultPlugins]
-    for (const plugin of plugins) {
-      if (!allPlugins.includes(plugin)) {
-        allPlugins.push(plugin)
-      }
-    }
-
-    return rawGetOctokit(token, merged, ...allPlugins)
-  }) as typeof getOctokit
-}
@@ -1,15 +1,9 @@
 import * as core from '@actions/core'
 import * as exec from '@actions/exec'
 import {context, getOctokit} from '@actions/github'
-import {defaults as defaultGitHubOptions} from '@actions/github/lib/utils'
 import * as glob from '@actions/glob'
 import * as io from '@actions/io'
-import {requestLog} from '@octokit/plugin-request-log'
-import {retry} from '@octokit/plugin-retry'
-import {RequestRequestOptions} from '@octokit/types'
 import {callAsyncFunction} from './async-function'
-import {createConfiguredGetOctokit} from './create-configured-getoctokit'
-import {RetryOptions, getRetryOptions, parseNumberArray} from './retry-options'
 import {wrapRequire} from './wrap-require'

 process.on('unhandledRejection', handleError)
@@ -18,66 +12,29 @@ main().catch(handleError)
 type Options = {
  log?: Console
  userAgent?: string
-  baseUrl?: string
  previews?: string[]
-  retry?: RetryOptions
-  request?: RequestRequestOptions
 }

 async function main(): Promise<void> {
  const token = core.getInput('github-token', {required: true})
-  const debug = core.getBooleanInput('debug')
+  const debug = core.getInput('debug')
  const userAgent = core.getInput('user-agent')
  const previews = core.getInput('previews')
-  const baseUrl = core.getInput('base-url')
-  const retries = parseInt(core.getInput('retries'))
-  const exemptStatusCodes = parseNumberArray(
-    core.getInput('retry-exempt-status-codes')
-  )
-  const [retryOpts, requestOpts] = getRetryOptions(
-    retries,
-    exemptStatusCodes,
-    defaultGitHubOptions
-  )

-  const baseUserAgent = userAgent || 'actions/github-script'
-  const finalUserAgent = getUserAgentWithOrchestrationId(baseUserAgent)
+  const opts: Options = {}
+  if (debug === 'true') opts.log = console
+  if (userAgent != null) opts.userAgent = userAgent
+  if (previews != null) opts.previews = previews.split(',')

-  const opts: Options = {
-    log: debug ? console : undefined,
-    userAgent: finalUserAgent,
-    previews: previews ? previews.split(',') : undefined,
-    retry: retryOpts,
-    request: requestOpts
-  }
-
-  // Setting `baseUrl` to undefined will prevent the default value from being used
-  // https://github.com/actions/github-script/issues/436
-  if (baseUrl) {
-    opts.baseUrl = baseUrl
-  }
-
-  const github = getOctokit(token, opts, retry, requestLog)
+  const github = getOctokit(token, opts)
  const script = core.getInput('script', {required: true})

-  // Wrap getOctokit so secondary clients inherit retry, logging,
-  // orchestration ID, and the action's retries input.
-  // Deep-copy opts to prevent shared references with the primary client.
-  const configuredGetOctokit = createConfiguredGetOctokit(
-    getOctokit,
-    {...opts, retry: {...opts.retry}, request: {...opts.request}},
-    retry,
-    requestLog
-  )
-
  // Using property/value shorthand on `require` (e.g. `{require}`) causes compilation errors.
  const result = await callAsyncFunction(
    {
      require: wrapRequire,
      __original_require__: __non_webpack_require__,
      github,
-      octokit: github,
-      getOctokit: configuredGetOctokit,
      context,
      core,
      exec,
@@ -111,20 +68,3 @@ function handleError(err: any): void {
  console.error(err)
  core.setFailed(`Unhandled error: ${err}`)
 }
-
-/**
- * Gets the user agent string with orchestration ID appended if available
- * @param userAgent The base user agent string
- * @returns The user agent string with orchestration ID appended if ACTIONS_ORCHESTRATION_ID is set
- */
-function getUserAgentWithOrchestrationId(userAgent: string): string {
-  const orchestrationId = process.env['ACTIONS_ORCHESTRATION_ID']
-  if (!orchestrationId) {
-    return userAgent
-  }
-
-  // Sanitize orchestration ID - replace invalid characters with underscore
-  const sanitized = orchestrationId.replace(/[^a-zA-Z0-9._-]/g, '_')
-
-  return `${userAgent} actions_orchestration_id/${sanitized}`
-}
@@ -1,53 +0,0 @@
-import * as core from '@actions/core'
-import {OctokitOptions} from '@octokit/core/types'
-import {RequestRequestOptions} from '@octokit/types'
-
-export type RetryOptions = {
-  doNotRetry?: number[]
-  enabled?: boolean
-}
-
-export function getRetryOptions(
-  retries: number,
-  exemptStatusCodes: number[],
-  defaultOptions: OctokitOptions
-): [RetryOptions, RequestRequestOptions | undefined] {
-  if (retries <= 0) {
-    return [{enabled: false}, defaultOptions.request]
-  }
-
-  const retryOptions: RetryOptions = {
-    enabled: true
-  }
-
-  if (exemptStatusCodes.length > 0) {
-    retryOptions.doNotRetry = exemptStatusCodes
-  }
-
-  // The GitHub type has some defaults for `options.request`
-  // see: https://github.com/actions/toolkit/blob/4fbc5c941a57249b19562015edbd72add14be93d/packages/github/src/utils.ts#L15
-  // We pass these in here so they are not overidden.
-  const requestOptions: RequestRequestOptions = {
-    ...defaultOptions.request,
-    retries
-  }
-
-  core.debug(
-    `GitHub client configured with: (retries: ${
-      requestOptions.retries
-    }, retry-exempt-status-code: ${
-      retryOptions.doNotRetry ?? 'octokit default: [400, 401, 403, 404, 422]'
-    })`
-  )
-
-  return [retryOptions, requestOptions]
-}
-
-export function parseNumberArray(listString: string): number[] {
-  if (!listString) {
-    return []
-  }
-
-  const split = listString.trim().split(',')
-  return split.map(x => parseInt(x))
-}
@@ -1,4 +0,0 @@
-{
-  "extends": "./tsconfig.json",
-  "exclude": []
-}
@@ -1,8 +1,7 @@
 {
  "compilerOptions": {
-    "target": "es2022",
-    "module": "es2022",
-    "moduleResolution": "bundler",
+    "target": "es2018",
+    "moduleResolution": "node",
    "strict": true,
    "forceConsistentCasingInFileNames": true
  },
@@ -1,19 +0,0 @@
-/// <reference types="node" />
-import * as core from '@actions/core';
-import * as exec from '@actions/exec';
-import type { context, getOctokit } from '@actions/github';
-import * as glob from '@actions/glob';
-import * as io from '@actions/io';
-export declare type AsyncFunctionArguments = {
-    context: typeof context;
-    core: typeof core;
-    github: ReturnType<typeof getOctokit>;
-    octokit: ReturnType<typeof getOctokit>;
-    getOctokit: typeof getOctokit;
-    exec: typeof exec;
-    glob: typeof glob;
-    io: typeof io;
-    require: NodeRequire;
-    __original_require__: NodeRequire;
-};
-export declare function callAsyncFunction<T>(args: AsyncFunctionArguments, source: string): Promise<T>;
Author	SHA1	Message	Date
Francesco Renzi	10b53a9ec6	Merge pull request #352 from actions/rentziass/4.2.0 Prepare release v4.2.0	2023-03-13 13:10:02 +00:00
Francesco Renzi	c5f1d2f012	Prepare release v4.2.0	2023-03-13 10:20:37 +00:00
Francesco Renzi	fcd38580e9	Merge pull request #349 from actions/rentziass/core-v4 Upgrade @actions/core to 1.10.0 for v4	2023-03-10 17:24:40 +00:00
Francesco Renzi	9e0656c88d	Upgrade @actions/core to 1.10.0	2023-03-10 17:01:55 +00:00