release 2.2.1

Signed-off-by: Rui Chen <rui@chenrui.dev>
fix: big file uploads (#562 )
2025-01-07 13:45:03 -05:00 · 2025-01-07 13:42:55 -05:00 · 2025-01-07 13:41:34 -05:00 · 2025-01-07 13:40:50 -05:00 · 2024-12-18 11:15:03 -05:00 · 2024-12-10 21:23:24 -05:00
22 changed files with 2183 additions and 5120 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@ -1,14 +1,18 @@
 version: 2
 updates:
- package-ecosystem: npm
-  directory: "/"
-  schedule:
-    interval: weekly
-  ignore:
-  - dependency-name: node-fetch
-    versions:
-    - ">=3.0.0"
- package-ecosystem: github-actions
-  directory: "/"
-  schedule:
-    interval: weekly
+  - package-ecosystem: npm
+    directory: "/"
+    schedule:
+      interval: weekly
+    ignore:
+      - dependency-name: node-fetch
+        versions:
+          - ">=3.0.0"
+    commit-message:
+      prefix: "chore(deps)"
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly
+    commit-message:
+      prefix: "chore(deps)"
--- a/.github/release.yml
+++ b/.github/release.yml
@ -0,0 +1,22 @@
+changelog:
+  exclude:
+    labels:
+      - ignore-for-release
+      - github-actions
+    authors:
+      - octocat
+      - renovate[bot]
+  categories:
+    - title: Breaking Changes 🛠
+      labels:
+        - breaking-change
+    - title: Exciting New Features 🎉
+      labels:
+        - enhancement
+        - feature
+    - title: Bug fixes 🐛
+      labels:
+        - bug
+    - title: Other Changes 🔄
+      labels:
+        - "*"
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -1,14 +1,20 @@
-name: Main
+name: main

-on: [pull_request, push]
+on:
+  push:
+  pull_request:

 jobs:
  build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
    steps:
-      # https://github.com/actions/checkout
-      - name: Checkout
-        uses: actions/checkout@v3
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
+
+      - uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4
+        with:
+          node-version-file: ".tool-versions"
+          cache: "npm"
+
      - name: Install
        run: npm ci
      - name: Build
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +0,0 @@
-16.13.1
--- a/.tool-versions
+++ b/.tool-versions
@ -0,0 +1 @@
+nodejs 20.15.1
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,3 +1,112 @@
+## 2.2.1
+
+## What's Changed
+
+### Bug fixes 🐛
+
+* fix: big file uploads by @xen0n in https://github.com/softprops/action-gh-release/pull/562
+
+### Other Changes 🔄
+* chore(deps): bump @types/node from 22.10.1 to 22.10.2 by @dependabot in https://github.com/softprops/action-gh-release/pull/559
+* chore(deps): bump @types/node from 22.10.2 to 22.10.5 by @dependabot in https://github.com/softprops/action-gh-release/pull/569
+* chore: update error and warning messages for not matching files in files field by @ytimocin in https://github.com/softprops/action-gh-release/pull/568
+
+## 2.2.0
+
+## What's Changed
+
+### Exciting New Features 🎉
+
+* feat: read the release assets asynchronously by @xen0n in https://github.com/softprops/action-gh-release/pull/552
+
+### Bug fixes 🐛
+
+* fix(docs): clarify the default for tag_name by @alexeagle in https://github.com/softprops/action-gh-release/pull/544
+
+### Other Changes 🔄
+
+* chore(deps): bump typescript from 5.6.3 to 5.7.2 by @dependabot in https://github.com/softprops/action-gh-release/pull/548
+* chore(deps): bump @types/node from 22.9.0 to 22.9.4 by @dependabot in https://github.com/softprops/action-gh-release/pull/547
+* chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 by @dependabot in https://github.com/softprops/action-gh-release/pull/545
+* chore(deps): bump @vercel/ncc from 0.38.2 to 0.38.3 by @dependabot in https://github.com/softprops/action-gh-release/pull/543
+* chore(deps): bump prettier from 3.3.3 to 3.4.1 by @dependabot in https://github.com/softprops/action-gh-release/pull/550
+* chore(deps): bump @types/node from 22.9.4 to 22.10.1 by @dependabot in https://github.com/softprops/action-gh-release/pull/551
+* chore(deps): bump prettier from 3.4.1 to 3.4.2 by @dependabot in https://github.com/softprops/action-gh-release/pull/554
+
+## 2.1.0
+
+## What's Changed
+
+### Exciting New Features 🎉
+* feat: add support for release assets with multiple spaces within the name by @dukhine in https://github.com/softprops/action-gh-release/pull/518
+* feat: preserve upload order by @richarddd in https://github.com/softprops/action-gh-release/pull/500
+
+### Other Changes 🔄
+* chore(deps): bump @types/node from 22.8.2 to 22.8.7 by @dependabot in https://github.com/softprops/action-gh-release/pull/539
+
+## 2.0.9
+
+- maintenance release with updated dependencies
+
+## 2.0.8
+
+### Other Changes 🔄
+* chore(deps): bump prettier from 2.8.0 to 3.3.3 by @dependabot in https://github.com/softprops/action-gh-release/pull/480
+* chore(deps): bump @types/node from 20.14.9 to 20.14.11 by @dependabot in https://github.com/softprops/action-gh-release/pull/483
+* chore(deps): bump @octokit/plugin-throttling from 9.3.0 to 9.3.1 by @dependabot in https://github.com/softprops/action-gh-release/pull/484
+* chore(deps): bump glob from 10.4.2 to 11.0.0 by @dependabot in https://github.com/softprops/action-gh-release/pull/477
+* refactor: write jest config in ts by @chenrui333 in https://github.com/softprops/action-gh-release/pull/485
+* chore(deps): bump @actions/github from 5.1.1 to 6.0.0 by @dependabot in https://github.com/softprops/action-gh-release/pull/470
+
+## 2.0.7
+
+### Bug fixes 🐛
+
+* Fix missing update release body by @FirelightFlagboy in https://github.com/softprops/action-gh-release/pull/365
+
+### Other Changes 🔄
+
+* Bump @octokit/plugin-retry from 4.0.3 to 7.1.1 by @dependabot in https://github.com/softprops/action-gh-release/pull/443
+* Bump typescript from 4.9.5 to 5.5.2 by @dependabot in https://github.com/softprops/action-gh-release/pull/467
+* Bump @types/node from 20.14.6 to 20.14.8 by @dependabot in https://github.com/softprops/action-gh-release/pull/469
+* Bump @types/node from 20.14.8 to 20.14.9 by @dependabot in https://github.com/softprops/action-gh-release/pull/473
+* Bump typescript from 5.5.2 to 5.5.3 by @dependabot in https://github.com/softprops/action-gh-release/pull/472
+* Bump ts-jest from 29.1.5 to 29.2.2 by @dependabot in https://github.com/softprops/action-gh-release/pull/479
+* docs: document that existing releases are updated by @jvanbruegge in https://github.com/softprops/action-gh-release/pull/474
+
+## 2.0.6
+
+- maintenance release with updated dependencies
+
+## 2.0.5
+
+- Factor in file names with spaces when upserting files [#446](https://github.com/softprops/action-gh-release/pull/446) via [@MystiPanda](https://github.com/MystiPanda)
+- Improvements to error handling [#449](https://github.com/softprops/action-gh-release/pull/449) via [@till](https://github.com/till)
+
+## 2.0.4
+
+- Minor follow up to [#417](https://github.com/softprops/action-gh-release/pull/417). [#425](https://github.com/softprops/action-gh-release/pull/425)
+
+## 2.0.3
+
+- Declare `make_latest` as an input field in `action.yml` [#419](https://github.com/softprops/action-gh-release/pull/419)
+
+## 2.0.2
+
+- Revisit approach to [#384](https://github.com/softprops/action-gh-release/pull/384) making unresolved pattern failures opt-in [#417](https://github.com/softprops/action-gh-release/pull/417)
+
+## 2.0.1
+
+- Add support for make_latest property [#304](https://github.com/softprops/action-gh-release/pull/304) via [@samueljseay](https://github.com/samueljseay)
+- Fail run if files setting contains invalid patterns [#384](https://github.com/softprops/action-gh-release/pull/384) via [@rpdelaney](https://github.com/rpdelaney)
+- Add support for proxy env variables (don't use node-fetch) [#386](https://github.com/softprops/action-gh-release/pull/386/) via [@timor-raiman](https://github.com/timor-raiman)
+- Suppress confusing warning when input_files is empty [#389](https://github.com/softprops/action-gh-release/pull/389) via [@Drowze](https://github.com/Drowze)
+
+## 2.0.0
+
+- `2.0.0`!? this release corrects a disjunction between git tag versions used in the marketplace and versions list this file. Previous versions should have really been 1.\*. Going forward this should be better aligned.
+- Upgrade action.yml declaration to node20 to address deprecations
+
 ## 0.1.15

 - Upgrade to action.yml declaration to node16 to address deprecations
--- a/2
+++ b/2
@ -1,4 +1,4 @@
-Copyright (c) 2019 Doug Tangren
+Copyright (c) 2019-current Doug Tangren

 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the
--- a/README.md
+++ b/README.md
@ -21,6 +21,16 @@

 <br />

+- [🤸 Usage](#-usage)
+  - [🚥 Limit releases to pushes to tags](#-limit-releases-to-pushes-to-tags)
+  - [⬆️ Uploading release assets](#️-uploading-release-assets)
+  - [📝 External release notes](#-external-release-notes)
+  - [💅 Customizing](#-customizing)
+    - [inputs](#inputs)
+    - [outputs](#outputs)
+    - [environment variables](#environment-variables)
+  - [Permissions](#permissions)
+
 ## 🤸 Usage

 ### 🚥 Limit releases to pushes to tags
@ -41,9 +51,9 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
      - name: Release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
        if: startsWith(github.ref, 'refs/tags/')
 ```

@ -62,9 +72,9 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
      - name: Release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
 ```

 ### ⬆️ Uploading release assets
@ -75,6 +85,7 @@ GitHub release and all are optional.
 A common case for GitHub releases is to upload your binary after its been validated and packaged.
 Use the `with.files` input to declare a newline-delimited list of glob expressions matching the files
 you wish to upload to GitHub releases. If you'd like you can just list the files by name directly.
+If a tag already has a GitHub release, the existing release will be updated with the release assets.

 Below is an example of uploading a single asset named `Release.txt`

@ -88,13 +99,13 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
      - name: Build
        run: echo ${{ github.sha }} > Release.txt
      - name: Test
        run: cat Release.txt
      - name: Release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
        if: startsWith(github.ref, 'refs/tags/')
        with:
          files: Release.txt
@ -112,13 +123,13 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
      - name: Build
        run: echo ${{ github.sha }} > Release.txt
      - name: Test
        run: cat Release.txt
      - name: Release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
        if: startsWith(github.ref, 'refs/tags/')
        with:
          files: |
@ -126,7 +137,9 @@ jobs:
            LICENSE
 ```

-> **⚠️ Note:** Notice the `|` in the yaml syntax above ☝️. That let's you effectively declare a multi-line yaml string. You can learn more about multi-line yaml syntax [here](https://yaml-multiline.info)
+> **⚠️ Note:** Notice the `|` in the yaml syntax above ☝️. That lets you effectively declare a multi-line yaml string. You can learn more about multi-line yaml syntax [here](https://yaml-multiline.info)
+
+> **⚠️ Note for Windows:** Paths must use `/` as a separator, not `\`, as `\` is used to escape characters with special meaning in the pattern; for example, instead of specifying `D:\Foo.txt`, you must specify `D:/Foo.txt`. If you're using PowerShell, you can do this with `$Path = $Path -replace '\\','/'`

 ### 📝 External release notes

@ -144,19 +157,18 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
      - name: Generate Changelog
        run: echo "# Good things have arrived" > ${{ github.workspace }}-CHANGELOG.txt
      - name: Release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
        if: startsWith(github.ref, 'refs/tags/')
        with:
          body_path: ${{ github.workspace }}-CHANGELOG.txt
+          repository: my_gh_org/my_gh_repo
          # note you'll typically need to create a personal access token
          # with permissions to create releases in the other repo
          token: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
-        env:
-          GITHUB_REPOSITORY: my_gh_org/my_gh_repo
 ```

 ### 💅 Customizing
@ -171,9 +183,10 @@ The following are optional as `step.with` keys
 | `body_path`                | String  | Path to load text communicating notable changes in this release                                                                                                                                                                                                                                                                                                                                                                                 |
 | `draft`                    | Boolean | Indicator of whether or not this release is a draft                                                                                                                                                                                                                                                                                                                                                                                             |
 | `prerelease`               | Boolean | Indicator of whether or not is a prerelease                                                                                                                                                                                                                                                                                                                                                                                                     |
+| `preserve_order`           | Boolean | Indicator of whether order of files should be preserved when uploading assets                                                                                                                                                                                                                                                                                                                                                                   |
 | `files`                    | String  | Newline-delimited globs of paths to assets to upload for release                                                                                                                                                                                                                                                                                                                                                                                |
 | `name`                     | String  | Name of the release. defaults to tag name                                                                                                                                                                                                                                                                                                                                                                                                       |
-| `tag_name`                 | String  | Name of a tag. defaults to `github.ref`                                                                                                                                                                                                                                                                                                                                                                                                         |
+| `tag_name`                 | String  | Name of a tag. defaults to `github.ref_name`                                                                                                                                                                                                                                                                                                                                                                                                         |
 | `fail_on_unmatched_files`  | Boolean | Indicator of whether to fail if any of the `files` globs match nothing                                                                                                                                                                                                                                                                                                                                                                          |
 | `repository`               | String  | Name of a target repository in `<owner>/<repo>` format. Defaults to GITHUB_REPOSITORY env variable                                                                                                                                                                                                                                                                                                                                              |
 | `target_commitish`         | String  | Commitish value that determines where the Git tag is created from. Can be any branch or commit SHA. Defaults to repository default branch.                                                                                                                                                                                                                                                                                                      |
@ -181,6 +194,7 @@ The following are optional as `step.with` keys
 | `discussion_category_name` | String  | If specified, a discussion of the specified category is created and linked to the release. The value must be a category that already exists in the repository. For more information, see ["Managing categories for discussions in your repository."](https://docs.github.com/en/discussions/managing-discussions-for-your-community/managing-categories-for-discussions-in-your-repository)                                                     |
 | `generate_release_notes`   | Boolean | Whether to automatically generate the name and body for this release. If name is specified, the specified name will be used; otherwise, a name will be automatically generated. If body is specified, the body will be pre-pended to the automatically generated notes. See the [GitHub docs for this feature](https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes) for more information |
 | `append_body`              | Boolean | Append to existing body instead of overwriting it                                                                                                                                                                                                                                                                                                                                                                                               |
+| `make_latest`              | String  | Specifies whether this release should be set as the latest release for the repository. Drafts and prereleases cannot be set as latest. Can be `true`, `false`, or `legacy`. Uses GitHub api defaults if not provided                                                                                                                                                                                                                            |

 💡 When providing a `body` and `body_path` at the same time, `body_path` will be
 attempted first, then falling back on `body` if the path can not be read from.
@ -193,11 +207,11 @@ release will retain its original info.

 The following outputs can be accessed via `${{ steps.<step-id>.outputs }}` from this action

-| Name         | Type   | Description                                                                                                                                                                                                |
-| ------------ | ------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `url`        | String | Github.com URL for the release                                                                                                                                                                             |
-| `id`         | String | Release ID                                                                                                                                                                                                 |
-| `upload_url` | String | URL for uploading assets to the release                                                                                                                                                                    |
+| Name         | Type   | Description                                                                                                                                                                               |
+| ------------ | ------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `url`        | String | Github.com URL for the release                                                                                                                                                            |
+| `id`         | String | Release ID                                                                                                                                                                                |
+| `upload_url` | String | URL for uploading assets to the release                                                                                                                                                   |
 | `assets`     | String | JSON array containing information about each uploaded asset, in the format given [here](https://docs.github.com/en/rest/releases/assets#get-a-release-asset) (minus the `uploader` field) |

 As an example, you can use `${{ fromJSON(steps.<step-id>.outputs.assets)[0].browser_download_url }}` to get the download URL of the first asset.
@ -232,4 +246,7 @@ permissions:

 [GitHub token permissions](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token) can be set for an individual job, workflow, or for Actions as a whole.

+Note that if you intend to run workflows on the release event (`on: { release: { types: [published] } }`), you need to use
+a personal access token for this action, as the [default `secrets.GITHUB_TOKEN` does not trigger another workflow](https://github.com/actions/create-release/issues/71).
+
 Doug Tangren (softprops) 2019
--- a/tests/github.test.ts
+++ b/tests/github.test.ts
@ -1,6 +1,5 @@
-//import * as assert from "assert";
-//const assert = require('assert');
 import * as assert from "assert";
+import { text } from "stream/consumers";
 import { mimeOrDefault, asset } from "../src/github";

 describe("github", () => {
@ -15,11 +14,10 @@ describe("github", () => {

  describe("asset", () => {
    it("derives asset info from a path", async () => {
-      const { name, mime, size, data } = asset("tests/data/foo/bar.txt");
+      const { name, mime, size } = asset("tests/data/foo/bar.txt");
      assert.equal(name, "bar.txt");
      assert.equal(mime, "text/plain");
      assert.equal(size, 10);
-      assert.equal(data.toString(), "release me");
    });
  });
 });
--- a/tests/util.test.ts
+++ b/tests/util.test.ts
@ -6,6 +6,7 @@ import {
  parseInputFiles,
  unmatchedPatterns,
  uploadUrl,
+  alignAssetName,
 } from "../src/util";
 import * as assert from "assert";

@ -14,9 +15,9 @@ describe("util", () => {
    it("strips template", () => {
      assert.equal(
        uploadUrl(
-          "https://uploads.github.com/repos/octocat/Hello-World/releases/1/assets{?name,label}"
+          "https://uploads.github.com/repos/octocat/Hello-World/releases/1/assets{?name,label}",
        ),
-        "https://uploads.github.com/repos/octocat/Hello-World/releases/1/assets"
+        "https://uploads.github.com/repos/octocat/Hello-World/releases/1/assets",
      );
    });
  });
@ -30,7 +31,7 @@ describe("util", () => {
    it("parses newline and comma-delimited (and then some)", () => {
      assert.deepStrictEqual(
        parseInputFiles("foo,bar\nbaz,boom,\n\ndoom,loom "),
-        ["foo", "bar", "baz", "boom", "doom", "loom"]
+        ["foo", "bar", "baz", "boom", "doom", "loom"],
      );
    });
  });
@ -46,13 +47,15 @@ describe("util", () => {
          input_body_path: undefined,
          input_draft: false,
          input_prerelease: false,
+          input_preserve_order: undefined,
          input_files: [],
          input_name: undefined,
          input_tag_name: undefined,
          input_target_commitish: undefined,
          input_discussion_category_name: undefined,
          input_generate_release_notes: false,
-        })
+          input_make_latest: undefined,
+        }),
      );
    });
    it("uses input body path", () => {
@ -66,13 +69,15 @@ describe("util", () => {
          input_body_path: "__tests__/release.txt",
          input_draft: false,
          input_prerelease: false,
+          input_preserve_order: undefined,
          input_files: [],
          input_name: undefined,
          input_tag_name: undefined,
          input_target_commitish: undefined,
          input_discussion_category_name: undefined,
          input_generate_release_notes: false,
-        })
+          input_make_latest: undefined,
+        }),
      );
    });
    it("defaults to body path when both body and body path are provided", () => {
@ -86,13 +91,15 @@ describe("util", () => {
          input_body_path: "__tests__/release.txt",
          input_draft: false,
          input_prerelease: false,
+          input_preserve_order: undefined,
          input_files: [],
          input_name: undefined,
          input_tag_name: undefined,
          input_target_commitish: undefined,
          input_discussion_category_name: undefined,
          input_generate_release_notes: false,
-        })
+          input_make_latest: undefined,
+        }),
      );
    });
  });
@ -118,6 +125,7 @@ describe("util", () => {
          input_body_path: undefined,
          input_draft: undefined,
          input_prerelease: undefined,
+          input_preserve_order: undefined,
          input_files: [],
          input_name: undefined,
          input_tag_name: undefined,
@ -125,7 +133,8 @@ describe("util", () => {
          input_target_commitish: undefined,
          input_discussion_category_name: undefined,
          input_generate_release_notes: false,
-        }
+          input_make_latest: undefined,
+        },
      );
    });

@ -144,13 +153,15 @@ describe("util", () => {
          input_draft: undefined,
          input_prerelease: undefined,
          input_files: [],
+          input_preserve_order: undefined,
          input_name: undefined,
          input_tag_name: undefined,
          input_fail_on_unmatched_files: false,
          input_target_commitish: "affa18ef97bc9db20076945705aba8c516139abd",
          input_discussion_category_name: undefined,
          input_generate_release_notes: false,
-        }
+          input_make_latest: undefined,
+        },
      );
    });
    it("supports discussion category names", () => {
@ -168,13 +179,15 @@ describe("util", () => {
          input_draft: undefined,
          input_prerelease: undefined,
          input_files: [],
+          input_preserve_order: undefined,
          input_name: undefined,
          input_tag_name: undefined,
          input_fail_on_unmatched_files: false,
          input_target_commitish: undefined,
          input_discussion_category_name: "releases",
          input_generate_release_notes: false,
-        }
+          input_make_latest: undefined,
+        },
      );
    });

@ -192,6 +205,7 @@ describe("util", () => {
          input_body_path: undefined,
          input_draft: undefined,
          input_prerelease: undefined,
+          input_preserve_order: undefined,
          input_files: [],
          input_name: undefined,
          input_tag_name: undefined,
@ -199,7 +213,8 @@ describe("util", () => {
          input_target_commitish: undefined,
          input_discussion_category_name: undefined,
          input_generate_release_notes: true,
-        }
+          input_make_latest: undefined,
+        },
      );
    });

@ -208,6 +223,7 @@ describe("util", () => {
        parseConfig({
          INPUT_DRAFT: "false",
          INPUT_PRERELEASE: "true",
+          INPUT_PRESERVE_ORDER: "true",
          GITHUB_TOKEN: "env-token",
          INPUT_TOKEN: "input-token",
        }),
@ -220,6 +236,7 @@ describe("util", () => {
          input_body_path: undefined,
          input_draft: false,
          input_prerelease: true,
+          input_preserve_order: true,
          input_files: [],
          input_name: undefined,
          input_tag_name: undefined,
@ -227,7 +244,8 @@ describe("util", () => {
          input_target_commitish: undefined,
          input_discussion_category_name: undefined,
          input_generate_release_notes: false,
-        }
+          input_make_latest: undefined,
+        },
      );
    });
    it("uses input token as the source of GITHUB_TOKEN by default", () => {
@ -246,6 +264,7 @@ describe("util", () => {
          input_body_path: undefined,
          input_draft: false,
          input_prerelease: true,
+          input_preserve_order: undefined,
          input_files: [],
          input_name: undefined,
          input_tag_name: undefined,
@ -253,7 +272,8 @@ describe("util", () => {
          input_target_commitish: undefined,
          input_discussion_category_name: undefined,
          input_generate_release_notes: false,
-        }
+          input_make_latest: undefined,
+        },
      );
    });
    it("parses basic config with draft and prerelease", () => {
@ -271,6 +291,7 @@ describe("util", () => {
          input_body_path: undefined,
          input_draft: false,
          input_prerelease: true,
+          input_preserve_order: undefined,
          input_files: [],
          input_name: undefined,
          input_tag_name: undefined,
@ -278,7 +299,34 @@ describe("util", () => {
          input_target_commitish: undefined,
          input_discussion_category_name: undefined,
          input_generate_release_notes: false,
-        }
+          input_make_latest: undefined,
+        },
+      );
+    });
+    it("parses basic config where make_latest is passed", () => {
+      assert.deepStrictEqual(
+        parseConfig({
+          INPUT_MAKE_LATEST: "false",
+        }),
+        {
+          github_ref: "",
+          github_repository: "",
+          github_token: "",
+          input_append_body: false,
+          input_body: undefined,
+          input_body_path: undefined,
+          input_draft: undefined,
+          input_prerelease: undefined,
+          input_preserve_order: undefined,
+          input_files: [],
+          input_name: undefined,
+          input_tag_name: undefined,
+          input_fail_on_unmatched_files: false,
+          input_target_commitish: undefined,
+          input_discussion_category_name: undefined,
+          input_generate_release_notes: false,
+          input_make_latest: "false",
+        },
      );
    });
    it("parses basic config with append_body", () => {
@ -295,6 +343,7 @@ describe("util", () => {
          input_body_path: undefined,
          input_draft: undefined,
          input_prerelease: undefined,
+          input_preserve_order: undefined,
          input_files: [],
          input_name: undefined,
          input_tag_name: undefined,
@ -302,7 +351,8 @@ describe("util", () => {
          input_target_commitish: undefined,
          input_discussion_category_name: undefined,
          input_generate_release_notes: false,
-        }
+          input_make_latest: undefined,
+        },
      );
    });
  });
@ -319,7 +369,7 @@ describe("util", () => {
    it("resolves files given a set of paths", async () => {
      assert.deepStrictEqual(
        paths(["tests/data/**/*", "tests/data/does/not/exist/*"]),
-        ["tests/data/foo/bar.txt"]
+        ["tests/data/foo/bar.txt"],
      );
    });
  });
@ -328,8 +378,24 @@ describe("util", () => {
    it("returns the patterns that don't match any files", async () => {
      assert.deepStrictEqual(
        unmatchedPatterns(["tests/data/**/*", "tests/data/does/not/exist/*"]),
-        ["tests/data/does/not/exist/*"]
+        ["tests/data/does/not/exist/*"],
      );
    });
  });
+
+  describe("replaceSpacesWithDots", () => {
+    it("replaces all spaces with dots", () => {
+      expect(alignAssetName("John Doe.bla")).toBe("John.Doe.bla");
+    });
+
+    it("handles names with multiple spaces", () => {
+      expect(alignAssetName("John William Doe.bla")).toBe(
+        "John.William.Doe.bla",
+      );
+    });
+
+    it("returns the same string if there are no spaces", () => {
+      expect(alignAssetName("JohnDoe")).toBe("JohnDoe");
+    });
+  });
 });
--- a/action.yml
+++ b/action.yml
@ -21,6 +21,9 @@ inputs:
  prerelease:
    description: "Identify the release as a prerelease. Defaults to false"
    required: false
+  preserve_order:
+    description: "Preserver the order of the artifacts when uploading"
+    required: false
  files:
    description: "Newline-delimited list of path globs for asset files to upload"
    required: false
@ -46,8 +49,11 @@ inputs:
  append_body:
    description: "Append to existing body instead of overwriting it. Default is false."
    required: false
+  make_latest:
+    description: "Specifies whether this release should be set as the latest release for the repository. Drafts and prereleases cannot be set as latest. Can be `true`, `false`, or `legacy`. Uses GitHub api default if not provided"
+    required: false
 env:
-  "GITHUB_TOKEN": "As provided by Github Actions"
+  GITHUB_TOKEN: "As provided by Github Actions"
 outputs:
  url:
    description: "URL to the Release HTML Page"
@ -58,7 +64,7 @@ outputs:
  assets:
    description: "JSON array containing information about each uploaded asset, in the format given [here](https://docs.github.com/en/rest/reference/repos#upload-a-release-asset--code-samples) (minus the `uploader` field)"
 runs:
-  using: "node16"
+  using: "node20"
  main: "dist/index.js"
 branding:
  color: "green"
--- a/dist/37.index.js
+++ b/dist/37.index.js
@ -1,452 +0,0 @@
-"use strict";
-exports.id = 37;
-exports.ids = [37];
-exports.modules = {
-
-/***/ 4037:
-/***/ ((__unused_webpack___webpack_module__, __webpack_exports__, __webpack_require__) => {
-
-__webpack_require__.r(__webpack_exports__);
-/* harmony export */ __webpack_require__.d(__webpack_exports__, {
-/* harmony export */   "toFormData": () => (/* binding */ toFormData)
-/* harmony export */ });
-/* harmony import */ var fetch_blob_from_js__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(2777);
-/* harmony import */ var formdata_polyfill_esm_min_js__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(8010);
-
-
-
-let s = 0;
-const S = {
-	START_BOUNDARY: s++,
-	HEADER_FIELD_START: s++,
-	HEADER_FIELD: s++,
-	HEADER_VALUE_START: s++,
-	HEADER_VALUE: s++,
-	HEADER_VALUE_ALMOST_DONE: s++,
-	HEADERS_ALMOST_DONE: s++,
-	PART_DATA_START: s++,
-	PART_DATA: s++,
-	END: s++
-};
-
-let f = 1;
-const F = {
-	PART_BOUNDARY: f,
-	LAST_BOUNDARY: f *= 2
-};
-
-const LF = 10;
-const CR = 13;
-const SPACE = 32;
-const HYPHEN = 45;
-const COLON = 58;
-const A = 97;
-const Z = 122;
-
-const lower = c => c | 0x20;
-
-const noop = () => {};
-
-class MultipartParser {
-	/**
-	 * @param {string} boundary
-	 */
-	constructor(boundary) {
-		this.index = 0;
-		this.flags = 0;
-
-		this.onHeaderEnd = noop;
-		this.onHeaderField = noop;
-		this.onHeadersEnd = noop;
-		this.onHeaderValue = noop;
-		this.onPartBegin = noop;
-		this.onPartData = noop;
-		this.onPartEnd = noop;
-
-		this.boundaryChars = {};
-
-		boundary = '\r\n--' + boundary;
-		const ui8a = new Uint8Array(boundary.length);
-		for (let i = 0; i < boundary.length; i++) {
-			ui8a[i] = boundary.charCodeAt(i);
-			this.boundaryChars[ui8a[i]] = true;
-		}
-
-		this.boundary = ui8a;
-		this.lookbehind = new Uint8Array(this.boundary.length + 8);
-		this.state = S.START_BOUNDARY;
-	}
-
-	/**
-	 * @param {Uint8Array} data
-	 */
-	write(data) {
-		let i = 0;
-		const length_ = data.length;
-		let previousIndex = this.index;
-		let {lookbehind, boundary, boundaryChars, index, state, flags} = this;
-		const boundaryLength = this.boundary.length;
-		const boundaryEnd = boundaryLength - 1;
-		const bufferLength = data.length;
-		let c;
-		let cl;
-
-		const mark = name => {
-			this[name + 'Mark'] = i;
-		};
-
-		const clear = name => {
-			delete this[name + 'Mark'];
-		};
-
-		const callback = (callbackSymbol, start, end, ui8a) => {
-			if (start === undefined || start !== end) {
-				this[callbackSymbol](ui8a && ui8a.subarray(start, end));
-			}
-		};
-
-		const dataCallback = (name, clear) => {
-			const markSymbol = name + 'Mark';
-			if (!(markSymbol in this)) {
-				return;
-			}
-
-			if (clear) {
-				callback(name, this[markSymbol], i, data);
-				delete this[markSymbol];
-			} else {
-				callback(name, this[markSymbol], data.length, data);
-				this[markSymbol] = 0;
-			}
-		};
-
-		for (i = 0; i < length_; i++) {
-			c = data[i];
-
-			switch (state) {
-				case S.START_BOUNDARY:
-					if (index === boundary.length - 2) {
-						if (c === HYPHEN) {
-							flags |= F.LAST_BOUNDARY;
-						} else if (c !== CR) {
-							return;
-						}
-
-						index++;
-						break;
-					} else if (index - 1 === boundary.length - 2) {
-						if (flags & F.LAST_BOUNDARY && c === HYPHEN) {
-							state = S.END;
-							flags = 0;
-						} else if (!(flags & F.LAST_BOUNDARY) && c === LF) {
-							index = 0;
-							callback('onPartBegin');
-							state = S.HEADER_FIELD_START;
-						} else {
-							return;
-						}
-
-						break;
-					}
-
-					if (c !== boundary[index + 2]) {
-						index = -2;
-					}
-
-					if (c === boundary[index + 2]) {
-						index++;
-					}
-
-					break;
-				case S.HEADER_FIELD_START:
-					state = S.HEADER_FIELD;
-					mark('onHeaderField');
-					index = 0;
-					// falls through
-				case S.HEADER_FIELD:
-					if (c === CR) {
-						clear('onHeaderField');
-						state = S.HEADERS_ALMOST_DONE;
-						break;
-					}
-
-					index++;
-					if (c === HYPHEN) {
-						break;
-					}
-
-					if (c === COLON) {
-						if (index === 1) {
-							// empty header field
-							return;
-						}
-
-						dataCallback('onHeaderField', true);
-						state = S.HEADER_VALUE_START;
-						break;
-					}
-
-					cl = lower(c);
-					if (cl < A || cl > Z) {
-						return;
-					}
-
-					break;
-				case S.HEADER_VALUE_START:
-					if (c === SPACE) {
-						break;
-					}
-
-					mark('onHeaderValue');
-					state = S.HEADER_VALUE;
-					// falls through
-				case S.HEADER_VALUE:
-					if (c === CR) {
-						dataCallback('onHeaderValue', true);
-						callback('onHeaderEnd');
-						state = S.HEADER_VALUE_ALMOST_DONE;
-					}
-
-					break;
-				case S.HEADER_VALUE_ALMOST_DONE:
-					if (c !== LF) {
-						return;
-					}
-
-					state = S.HEADER_FIELD_START;
-					break;
-				case S.HEADERS_ALMOST_DONE:
-					if (c !== LF) {
-						return;
-					}
-
-					callback('onHeadersEnd');
-					state = S.PART_DATA_START;
-					break;
-				case S.PART_DATA_START:
-					state = S.PART_DATA;
-					mark('onPartData');
-					// falls through
-				case S.PART_DATA:
-					previousIndex = index;
-
-					if (index === 0) {
-						// boyer-moore derrived algorithm to safely skip non-boundary data
-						i += boundaryEnd;
-						while (i < bufferLength && !(data[i] in boundaryChars)) {
-							i += boundaryLength;
-						}
-
-						i -= boundaryEnd;
-						c = data[i];
-					}
-
-					if (index < boundary.length) {
-						if (boundary[index] === c) {
-							if (index === 0) {
-								dataCallback('onPartData', true);
-							}
-
-							index++;
-						} else {
-							index = 0;
-						}
-					} else if (index === boundary.length) {
-						index++;
-						if (c === CR) {
-							// CR = part boundary
-							flags |= F.PART_BOUNDARY;
-						} else if (c === HYPHEN) {
-							// HYPHEN = end boundary
-							flags |= F.LAST_BOUNDARY;
-						} else {
-							index = 0;
-						}
-					} else if (index - 1 === boundary.length) {
-						if (flags & F.PART_BOUNDARY) {
-							index = 0;
-							if (c === LF) {
-								// unset the PART_BOUNDARY flag
-								flags &= ~F.PART_BOUNDARY;
-								callback('onPartEnd');
-								callback('onPartBegin');
-								state = S.HEADER_FIELD_START;
-								break;
-							}
-						} else if (flags & F.LAST_BOUNDARY) {
-							if (c === HYPHEN) {
-								callback('onPartEnd');
-								state = S.END;
-								flags = 0;
-							} else {
-								index = 0;
-							}
-						} else {
-							index = 0;
-						}
-					}
-
-					if (index > 0) {
-						// when matching a possible boundary, keep a lookbehind reference
-						// in case it turns out to be a false lead
-						lookbehind[index - 1] = c;
-					} else if (previousIndex > 0) {
-						// if our boundary turned out to be rubbish, the captured lookbehind
-						// belongs to partData
-						const _lookbehind = new Uint8Array(lookbehind.buffer, lookbehind.byteOffset, lookbehind.byteLength);
-						callback('onPartData', 0, previousIndex, _lookbehind);
-						previousIndex = 0;
-						mark('onPartData');
-
-						// reconsider the current character even so it interrupted the sequence
-						// it could be the beginning of a new sequence
-						i--;
-					}
-
-					break;
-				case S.END:
-					break;
-				default:
-					throw new Error(`Unexpected state entered: ${state}`);
-			}
-		}
-
-		dataCallback('onHeaderField');
-		dataCallback('onHeaderValue');
-		dataCallback('onPartData');
-
-		// Update properties for the next call
-		this.index = index;
-		this.state = state;
-		this.flags = flags;
-	}
-
-	end() {
-		if ((this.state === S.HEADER_FIELD_START && this.index === 0) ||
-			(this.state === S.PART_DATA && this.index === this.boundary.length)) {
-			this.onPartEnd();
-		} else if (this.state !== S.END) {
-			throw new Error('MultipartParser.end(): stream ended unexpectedly');
-		}
-	}
-}
-
-function _fileName(headerValue) {
-	// matches either a quoted-string or a token (RFC 2616 section 19.5.1)
-	const m = headerValue.match(/\bfilename=("(.*?)"|([^()<>@,;:\\"/[\]?={}\s\t]+))($|;\s)/i);
-	if (!m) {
-		return;
-	}
-
-	const match = m[2] || m[3] || '';
-	let filename = match.slice(match.lastIndexOf('\\') + 1);
-	filename = filename.replace(/%22/g, '"');
-	filename = filename.replace(/&#(\d{4});/g, (m, code) => {
-		return String.fromCharCode(code);
-	});
-	return filename;
-}
-
-async function toFormData(Body, ct) {
-	if (!/multipart/i.test(ct)) {
-		throw new TypeError('Failed to fetch');
-	}
-
-	const m = ct.match(/boundary=(?:"([^"]+)"|([^;]+))/i);
-
-	if (!m) {
-		throw new TypeError('no or bad content-type header, no multipart boundary');
-	}
-
-	const parser = new MultipartParser(m[1] || m[2]);
-
-	let headerField;
-	let headerValue;
-	let entryValue;
-	let entryName;
-	let contentType;
-	let filename;
-	const entryChunks = [];
-	const formData = new formdata_polyfill_esm_min_js__WEBPACK_IMPORTED_MODULE_1__/* .FormData */ .Ct();
-
-	const onPartData = ui8a => {
-		entryValue += decoder.decode(ui8a, {stream: true});
-	};
-
-	const appendToFile = ui8a => {
-		entryChunks.push(ui8a);
-	};
-
-	const appendFileToFormData = () => {
-		const file = new fetch_blob_from_js__WEBPACK_IMPORTED_MODULE_0__/* .File */ .$B(entryChunks, filename, {type: contentType});
-		formData.append(entryName, file);
-	};
-
-	const appendEntryToFormData = () => {
-		formData.append(entryName, entryValue);
-	};
-
-	const decoder = new TextDecoder('utf-8');
-	decoder.decode();
-
-	parser.onPartBegin = function () {
-		parser.onPartData = onPartData;
-		parser.onPartEnd = appendEntryToFormData;
-
-		headerField = '';
-		headerValue = '';
-		entryValue = '';
-		entryName = '';
-		contentType = '';
-		filename = null;
-		entryChunks.length = 0;
-	};
-
-	parser.onHeaderField = function (ui8a) {
-		headerField += decoder.decode(ui8a, {stream: true});
-	};
-
-	parser.onHeaderValue = function (ui8a) {
-		headerValue += decoder.decode(ui8a, {stream: true});
-	};
-
-	parser.onHeaderEnd = function () {
-		headerValue += decoder.decode();
-		headerField = headerField.toLowerCase();
-
-		if (headerField === 'content-disposition') {
-			// matches either a quoted-string or a token (RFC 2616 section 19.5.1)
-			const m = headerValue.match(/\bname=("([^"]*)"|([^()<>@,;:\\"/[\]?={}\s\t]+))/i);
-
-			if (m) {
-				entryName = m[2] || m[3] || '';
-			}
-
-			filename = _fileName(headerValue);
-
-			if (filename) {
-				parser.onPartData = appendToFile;
-				parser.onPartEnd = appendFileToFormData;
-			}
-		} else if (headerField === 'content-type') {
-			contentType = headerValue;
-		}
-
-		headerValue = '';
-		headerField = '';
-	};
-
-	for await (const chunk of Body) {
-		parser.write(chunk);
-	}
-
-	parser.end();
-
-	return formData;
-}
-
-
-/***/ })
-
-};
-;
--- a/dist/index.js
+++ b/dist/index.js
--- a/jest.config.js
+++ b/jest.config.js
@ -1,11 +0,0 @@
-module.exports = {
-  clearMocks: true,
-  moduleFileExtensions: ['js', 'ts'],
-  testEnvironment: 'node',
-  testMatch: ['**/*.test.ts'],
-  testRunner: 'jest-circus/runner',
-  transform: {
-    '^.+\\.ts$': 'ts-jest'
-  },
-  verbose: true
-}
--- a/jest.config.ts
+++ b/jest.config.ts
@ -0,0 +1,16 @@
+import type { JestConfigWithTsJest } from 'ts-jest';
+
+const config: JestConfigWithTsJest = {
+  preset: 'ts-jest/presets/default-esm',
+  clearMocks: true,
+  moduleFileExtensions: ['js', 'ts'],
+  testEnvironment: 'node',
+  testMatch: ['**/*.test.ts'],
+  testRunner: 'jest-circus/runner',
+  transform: {
+    '^.+\\.ts$': 'ts-jest',
+  },
+  verbose: true,
+};
+
+export default config;
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -1,14 +1,16 @@
 {
  "name": "action-gh-release",
-  "version": "0.1.15",
+  "version": "2.2.1",
  "private": true,
  "description": "GitHub Action for creating GitHub Releases",
  "main": "lib/main.js",
  "scripts": {
    "build": "ncc build src/main.ts --minify",
+    "build-debug": "ncc build src/main.ts --v8-cache --source-map",
    "test": "jest",
    "fmt": "prettier --write \"src/**/*.ts\" \"__tests__/**/*.ts\"",
-    "fmtcheck": "prettier --check \"src/**/*.ts\" \"__tests__/**/*.ts\""
+    "fmtcheck": "prettier --check \"src/**/*.ts\" \"__tests__/**/*.ts\"",
+    "updatetag": "git tag -d v2 && git push origin :v2 && git tag -a v2 -m '' && git push origin v2"
  },
  "repository": {
    "type": "git",
@ -19,26 +21,25 @@
  ],
  "author": "softprops",
  "dependencies": {
-    "@actions/core": "^1.10.0",
-    "@actions/github": "^5.1.1",
-    "@octokit/plugin-retry": "^4.0.3",
-    "@octokit/plugin-throttling": "^4.3.2",
-    "glob": "^8.0.3",
-    "mime": "^3.0.0",
-    "node-fetch": "^2.6.7"
+    "@actions/core": "^1.11.1",
+    "@actions/github": "^6.0.0",
+    "@octokit/plugin-retry": "^7.1.2",
+    "@octokit/plugin-throttling": "^9.3.2",
+    "glob": "^11.0.0",
+    "mime": "^3.0.0"
  },
  "devDependencies": {
-    "@types/glob": "^8.0.0",
-    "@types/jest": "^29.2.2",
+    "@types/glob": "^8.1.0",
+    "@types/jest": "^29.5.14",
    "@types/mime": "^3.0.1",
-    "@types/node": "^18.11.9",
-    "@types/node-fetch": "^2.5.12",
-    "@vercel/ncc": "^0.34.0",
+    "@types/node": "^22.10.5",
+    "@vercel/ncc": "^0.38.3",
    "jest": "^29.3.1",
    "jest-circus": "^29.3.1",
-    "prettier": "2.7.1",
-    "ts-jest": "^29.0.3",
-    "typescript": "^4.8.4",
+    "prettier": "3.4.2",
+    "ts-jest": "^29.2.5",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.7.2",
    "typescript-formatter": "^7.2.2"
  }
 }
--- a/release.sh
+++ b/release.sh
@ -1,17 +0,0 @@
-#!/bin/bash
-# actions requires a node_modules dir https://github.com/actions/toolkit/blob/master/docs/javascript-action.md#publish-a-releasesv1-action
-# but its recommended not to check these in https://github.com/actions/toolkit/blob/master/docs/action-versioning.md#recommendations
-# as such the following hack is how we dill with it
-
-if [[ $# -ne 1 ]]; then
-	echo "please pass a release version. i.e. $0 v1"
-	exit 1
-fi
-
-git checkout -b releases/$1 # If this branch already exists, omit the -b flag
-rm -rf node_modules
-sed -i '/node_modules/d' .gitignore # Bash command that removes node_modules from .gitignore
-npm install --production
-git add node_modules -f .gitignore
-git commit -m node_modules
-git push origin releases/$1
--- a/src/github.ts
+++ b/src/github.ts
@ -1,7 +1,7 @@
-import fetch from "node-fetch";
 import { GitHub } from "@actions/github/lib/utils";
-import { Config, isTag, releaseBody } from "./util";
-import { statSync, readFileSync } from "fs";
+import { Config, isTag, releaseBody, alignAssetName } from "./util";
+import { statSync } from "fs";
+import { open } from "fs/promises";
 import { getType } from "mime";
 import { basename } from "path";

@ -11,7 +11,6 @@ export interface ReleaseAsset {
  name: string;
  mime: string;
  size: number;
-  data: Buffer;
 }

 export interface Release {
@ -45,6 +44,7 @@ export interface Releaser {
    target_commitish: string | undefined;
    discussion_category_name: string | undefined;
    generate_release_notes: boolean | undefined;
+    make_latest: "true" | "false" | "legacy" | undefined;
  }): Promise<{ data: Release }>;

  updateRelease(params: {
@ -59,6 +59,7 @@ export interface Releaser {
    prerelease: boolean | undefined;
    discussion_category_name: string | undefined;
    generate_release_notes: boolean | undefined;
+    make_latest: "true" | "false" | "legacy" | undefined;
  }): Promise<{ data: Release }>;

  allReleases(params: {
@ -92,7 +93,15 @@ export class GitHubReleaser implements Releaser {
    target_commitish: string | undefined;
    discussion_category_name: string | undefined;
    generate_release_notes: boolean | undefined;
+    make_latest: "true" | "false" | "legacy" | undefined;
  }): Promise<{ data: Release }> {
+    if (
+      typeof params.make_latest === "string" &&
+      !["true", "false", "legacy"].includes(params.make_latest)
+    ) {
+      params.make_latest = undefined;
+    }
+
    return this.github.rest.repos.createRelease(params);
  }

@ -108,7 +117,15 @@ export class GitHubReleaser implements Releaser {
    prerelease: boolean | undefined;
    discussion_category_name: string | undefined;
    generate_release_notes: boolean | undefined;
+    make_latest: "true" | "false" | "legacy" | undefined;
  }): Promise<{ data: Release }> {
+    if (
+      typeof params.make_latest === "string" &&
+      !["true", "false", "legacy"].includes(params.make_latest)
+    ) {
+      params.make_latest = undefined;
+    }
+
    return this.github.rest.repos.updateRelease(params);
  }

@ -118,7 +135,7 @@ export class GitHubReleaser implements Releaser {
  }): AsyncIterableIterator<{ data: Release[] }> {
    const updatedParams = { per_page: 100, ...params };
    return this.github.paginate.iterator(
-      this.github.rest.repos.listReleases.endpoint.merge(updatedParams)
+      this.github.rest.repos.listReleases.endpoint.merge(updatedParams),
    );
  }
 }
@ -128,7 +145,6 @@ export const asset = (path: string): ReleaseAsset => {
    name: basename(path),
    mime: mimeOrDefault(path),
    size: statSync(path).size,
-    data: readFileSync(path),
  };
 };

@ -141,12 +157,15 @@ export const upload = async (
  github: GitHub,
  url: string,
  path: string,
-  currentAssets: Array<{ id: number; name: string }>
+  currentAssets: Array<{ id: number; name: string }>,
 ): Promise<any> => {
  const [owner, repo] = config.github_repository.split("/");
-  const { name, size, mime, data: body } = asset(path);
+  const { name, mime, size } = asset(path);
  const currentAsset = currentAssets.find(
-    ({ name: currentName }) => currentName == name
+    // note: GitHub renames asset filenames that have special characters, non-alphanumeric characters, and leading or trailing periods. The "List release assets" endpoint lists the renamed filenames.
+    // due to this renaming we need to be mindful when we compare the file name we're uploading with a name github may already have rewritten for logical comparison
+    // see https://docs.github.com/en/rest/releases/assets?apiVersion=2022-11-28#upload-a-release-asset
+    ({ name: currentName }) => currentName == alignAssetName(name),
  );
  if (currentAsset) {
    console.log(`♻️ Deleting previously uploaded asset ${name}...`);
@ -159,30 +178,37 @@ export const upload = async (
  console.log(`⬆️ Uploading ${name}...`);
  const endpoint = new URL(url);
  endpoint.searchParams.append("name", name);
-  const resp = await fetch(endpoint, {
-    headers: {
-      "content-length": `${size}`,
-      "content-type": mime,
-      authorization: `token ${config.github_token}`,
-    },
-    method: "POST",
-    body,
-  });
-  const json = await resp.json();
-  if (resp.status !== 201) {
-    throw new Error(
-      `Failed to upload release asset ${name}. received status code ${
-        resp.status
-      }\n${json.message}\n${JSON.stringify(json.errors)}`
-    );
+  const fh = await open(path);
+  try {
+    const resp = await github.request({
+      method: "POST",
+      url: endpoint.toString(),
+      headers: {
+        "content-length": `${size}`,
+        "content-type": mime,
+        authorization: `token ${config.github_token}`,
+      },
+      data: fh.readableWebStream({ type: "bytes" }),
+    });
+    const json = resp.data;
+    if (resp.status !== 201) {
+      throw new Error(
+        `Failed to upload release asset ${name}. received status code ${
+          resp.status
+        }\n${json.message}\n${JSON.stringify(json.errors)}`,
+      );
+    }
+    console.log(`✅ Uploaded ${name}`);
+    return json;
+  } finally {
+    await fh.close();
  }
-  return json;
 };

 export const release = async (
  config: Config,
  releaser: Releaser,
-  maxRetries: number = 3
+  maxRetries: number = 3,
 ): Promise<Release> => {
  if (maxRetries <= 0) {
    console.log(`❌ Too many retries. Aborting...`);
@ -201,45 +227,63 @@ export const release = async (
  try {
    // you can't get a an existing draft by tag
    // so we must find one in the list of all releases
+    let _release: Release | undefined = undefined;
    if (config.input_draft) {
      for await (const response of releaser.allReleases({
        owner,
        repo,
      })) {
-        let release = response.data.find((release) => release.tag_name === tag);
-        if (release) {
-          return release;
-        }
+        _release = response.data.find((release) => release.tag_name === tag);
      }
+    } else {
+      _release = (
+        await releaser.getReleaseByTag({
+          owner,
+          repo,
+          tag,
+        })
+      ).data;
+    }
+    if (_release === null || _release === undefined) {
+      return await createRelease(
+        tag,
+        config,
+        releaser,
+        owner,
+        repo,
+        discussion_category_name,
+        generate_release_notes,
+        maxRetries,
+      );
    }
-    let existingRelease = await releaser.getReleaseByTag({
-      owner,
-      repo,
-      tag,
-    });

-    const release_id = existingRelease.data.id;
+    let existingRelease: Release = _release!;
+    console.log(
+      `Found release ${existingRelease.name} (with id=${existingRelease.id})`,
+    );
+
+    const release_id = existingRelease.id;
    let target_commitish: string;
    if (
      config.input_target_commitish &&
-      config.input_target_commitish !== existingRelease.data.target_commitish
+      config.input_target_commitish !== existingRelease.target_commitish
    ) {
      console.log(
-        `Updating commit from "${existingRelease.data.target_commitish}" to "${config.input_target_commitish}"`
+        `Updating commit from "${existingRelease.target_commitish}" to "${config.input_target_commitish}"`,
      );
      target_commitish = config.input_target_commitish;
    } else {
-      target_commitish = existingRelease.data.target_commitish;
+      target_commitish = existingRelease.target_commitish;
    }

    const tag_name = tag;
-    const name = config.input_name || existingRelease.data.name || tag;
+    const name = config.input_name || existingRelease.name || tag;
    // revisit: support a new body-concat-strategy input for accumulating
    // body parts as a release gets updated. some users will likely want this while
    // others won't previously this was duplicating content for most which
    // no one wants
    const workflowBody = releaseBody(config) || "";
-    const existingReleaseBody = existingRelease.data.body || "";
+    const existingReleaseBody = existingRelease.body || "";
    let body: string;
    if (config.input_append_body && workflowBody && existingReleaseBody) {
      body = existingReleaseBody + "\n" + workflowBody;
@ -250,11 +294,13 @@ export const release = async (
    const draft =
      config.input_draft !== undefined
        ? config.input_draft
-        : existingRelease.data.draft;
+        : existingRelease.draft;
    const prerelease =
      config.input_prerelease !== undefined
        ? config.input_prerelease
-        : existingRelease.data.prerelease;
+        : existingRelease.prerelease;
+
+    const make_latest = config.input_make_latest;

    const release = await releaser.updateRelease({
      owner,
@ -268,53 +314,91 @@ export const release = async (
      prerelease,
      discussion_category_name,
      generate_release_notes,
+      make_latest,
    });
    return release.data;
  } catch (error) {
-    if (error.status === 404) {
-      const tag_name = tag;
-      const name = config.input_name || tag;
-      const body = releaseBody(config);
-      const draft = config.input_draft;
-      const prerelease = config.input_prerelease;
-      const target_commitish = config.input_target_commitish;
-      let commitMessage: string = "";
-      if (target_commitish) {
-        commitMessage = ` using commit "${target_commitish}"`;
-      }
+    if (error.status !== 404) {
      console.log(
-        `👩‍🏭 Creating new GitHub release for tag ${tag_name}${commitMessage}...`
-      );
-      try {
-        let release = await releaser.createRelease({
-          owner,
-          repo,
-          tag_name,
-          name,
-          body,
-          draft,
-          prerelease,
-          target_commitish,
-          discussion_category_name,
-          generate_release_notes,
-        });
-        return release.data;
-      } catch (error) {
-        // presume a race with competing metrix runs
-        console.log(
-          `⚠️ GitHub release failed with status: ${
-            error.status
-          }\n${JSON.stringify(error.response.data.errors)}\nretrying... (${
-            maxRetries - 1
-          } retries remaining)`
-        );
-        return release(config, releaser, maxRetries - 1);
-      }
-    } else {
-      console.log(
-        `⚠️ Unexpected error fetching GitHub release for tag ${config.github_ref}: ${error}`
+        `⚠️ Unexpected error fetching GitHub release for tag ${config.github_ref}: ${error}`,
      );
      throw error;
    }
+
+    return await createRelease(
+      tag,
+      config,
+      releaser,
+      owner,
+      repo,
+      discussion_category_name,
+      generate_release_notes,
+      maxRetries,
+    );
  }
 };
+
+async function createRelease(
+  tag: string,
+  config: Config,
+  releaser: Releaser,
+  owner: string,
+  repo: string,
+  discussion_category_name: string | undefined,
+  generate_release_notes: boolean | undefined,
+  maxRetries: number,
+) {
+  const tag_name = tag;
+  const name = config.input_name || tag;
+  const body = releaseBody(config);
+  const draft = config.input_draft;
+  const prerelease = config.input_prerelease;
+  const target_commitish = config.input_target_commitish;
+  const make_latest = config.input_make_latest;
+  let commitMessage: string = "";
+  if (target_commitish) {
+    commitMessage = ` using commit "${target_commitish}"`;
+  }
+  console.log(
+    `👩‍🏭 Creating new GitHub release for tag ${tag_name}${commitMessage}...`,
+  );
+  try {
+    let release = await releaser.createRelease({
+      owner,
+      repo,
+      tag_name,
+      name,
+      body,
+      draft,
+      prerelease,
+      target_commitish,
+      discussion_category_name,
+      generate_release_notes,
+      make_latest,
+    });
+    return release.data;
+  } catch (error) {
+    // presume a race with competing matrix runs
+    console.log(`⚠️ GitHub release failed with status: ${error.status}`);
+    console.log(`${JSON.stringify(error.response.data)}`);
+
+    switch (error.status) {
+      case 403:
+        console.log(
+          "Skip retry — your GitHub token/PAT does not have the required permission to create a release",
+        );
+        throw error;
+
+      case 404:
+        console.log("Skip retry - discussion category mismatch");
+        throw error;
+
+      case 422:
+        console.log("Skip retry - validation failed");
+        throw error;
+    }
+
+    console.log(`retrying... (${maxRetries - 1} retries remaining)`);
+    return release(config, releaser, maxRetries - 1);
+  }
+}
--- a/src/main.ts
+++ b/src/main.ts
@ -8,7 +8,6 @@ import {
 import { release, upload, GitHubReleaser } from "./github";
 import { getOctokit } from "@actions/github";
 import { setFailed, setOutput } from "@actions/core";
-import { GitHub, getOctokitOptions } from "@actions/github/lib/utils";

 import { env } from "process";

@ -24,9 +23,13 @@ async function run() {
    }
    if (config.input_files) {
      const patterns = unmatchedPatterns(config.input_files);
-      patterns.forEach((pattern) =>
-        console.warn(`🤔 Pattern '${pattern}' does not match any files.`)
-      );
+      patterns.forEach((pattern) => {
+        if (config.input_fail_on_unmatched_files) {
+          throw new Error(`⚠️  Pattern '${pattern}' does not match any files.`);
+        } else {
+          console.warn(`🤔 Pattern '${pattern}' does not match any files.`);
+        }
+      });
      if (patterns.length > 0 && config.input_fail_on_unmatched_files) {
        throw new Error(`⚠️ There were unmatched files`);
      }
@ -42,7 +45,7 @@ async function run() {
      throttle: {
        onRateLimit: (retryAfter, options) => {
          console.warn(
-            `Request quota exhausted for request ${options.method} ${options.url}`
+            `Request quota exhausted for request ${options.method} ${options.url}`,
          );
          if (options.request.retryCount === 0) {
            // only retries once
@ -53,34 +56,45 @@ async function run() {
        onAbuseLimit: (retryAfter, options) => {
          // does not retry, only logs a warning
          console.warn(
-            `Abuse detected for request ${options.method} ${options.url}`
+            `Abuse detected for request ${options.method} ${options.url}`,
          );
        },
      },
    });
    //);
    const rel = await release(config, new GitHubReleaser(gh));
-    if (config.input_files) {
+    if (config.input_files && config.input_files.length > 0) {
      const files = paths(config.input_files);
      if (files.length == 0) {
-        console.warn(`🤔 ${config.input_files} not include valid file.`);
+        if (config.input_fail_on_unmatched_files) {
+          throw new Error(`⚠️ ${config.input_files} does not include a valid file.`);
+        } else {
+          console.warn(`🤔 ${config.input_files} does not include a valid file.`);
+        }
      }
      const currentAssets = rel.assets;
-      const assets = await Promise.all(
-        files.map(async (path) => {
-          const json = await upload(
-            config,
-            gh,
-            uploadUrl(rel.upload_url),
-            path,
-            currentAssets
-          );
-          delete json.uploader;
-          return json;
-        })
-      ).catch((error) => {
-        throw error;
-      });
+
+      const uploadFile = async (path) => {
+        const json = await upload(
+          config,
+          gh,
+          uploadUrl(rel.upload_url),
+          path,
+          currentAssets,
+        );
+        delete json.uploader;
+        return json;
+      };
+
+      let assets;
+      if (!config.input_preserve_order) {
+        assets = await Promise.all(files.map(uploadFile));
+      } else {
+        assets = [];
+        for (const path of files) {
+          assets.push(await uploadFile(path));
+        }
+      }
      setOutput("assets", assets);
    }
    console.log(`🎉 Release ready at ${rel.html_url}`);
--- a/src/util.ts
+++ b/src/util.ts
@ -13,12 +13,14 @@ export interface Config {
  input_body_path?: string;
  input_files?: string[];
  input_draft?: boolean;
+  input_preserve_order?: boolean;
  input_prerelease?: boolean;
  input_fail_on_unmatched_files?: boolean;
  input_target_commitish?: string;
  input_discussion_category_name?: string;
  input_generate_release_notes?: boolean;
  input_append_body?: boolean;
+  input_make_latest: "true" | "false" | "legacy" | undefined;
 }

 export const uploadUrl = (url: string): string => {
@ -46,7 +48,7 @@ export const parseInputFiles = (files: string): string[] => {
        .concat(line.split(","))
        .filter((pat) => pat)
        .map((pat) => pat.trim()),
-    []
+    [],
  );
 };

@ -61,6 +63,9 @@ export const parseConfig = (env: Env): Config => {
    input_body_path: env.INPUT_BODY_PATH,
    input_files: parseInputFiles(env.INPUT_FILES || ""),
    input_draft: env.INPUT_DRAFT ? env.INPUT_DRAFT === "true" : undefined,
+    input_preserve_order: env.INPUT_PRESERVE_ORDER
+      ? env.INPUT_PRESERVE_ORDER == "true"
+      : undefined,
    input_prerelease: env.INPUT_PRERELEASE
      ? env.INPUT_PRERELEASE == "true"
      : undefined,
@ -70,13 +75,23 @@ export const parseConfig = (env: Env): Config => {
      env.INPUT_DISCUSSION_CATEGORY_NAME || undefined,
    input_generate_release_notes: env.INPUT_GENERATE_RELEASE_NOTES == "true",
    input_append_body: env.INPUT_APPEND_BODY == "true",
+    input_make_latest: parseMakeLatest(env.INPUT_MAKE_LATEST),
  };
 };

+const parseMakeLatest = (
+  value: string | undefined,
+): "true" | "false" | "legacy" | undefined => {
+  if (value === "true" || value === "false" || value === "legacy") {
+    return value;
+  }
+  return undefined;
+};
+
 export const paths = (patterns: string[]): string[] => {
  return patterns.reduce((acc: string[], pattern: string): string[] => {
    return acc.concat(
-      glob.sync(pattern).filter((path) => statSync(path).isFile())
+      glob.sync(pattern).filter((path) => statSync(path).isFile()),
    );
  }, []);
 };
@ -86,7 +101,7 @@ export const unmatchedPatterns = (patterns: string[]): string[] => {
    return acc.concat(
      glob.sync(pattern).filter((path) => statSync(path).isFile()).length == 0
        ? [pattern]
-        : []
+        : [],
    );
  }, []);
 };
@ -94,3 +109,7 @@ export const unmatchedPatterns = (patterns: string[]): string[] => {
 export const isTag = (ref: string): boolean => {
  return ref.startsWith("refs/tags/");
 };
+
+export const alignAssetName = (assetName: string): string => {
+  return assetName.replace(/ /g, ".");
+};
--- a/tsconfig.json
+++ b/tsconfig.json
@ -60,5 +60,5 @@
    // "experimentalDecorators": true,        /* Enables experimental support for ES7 decorators. */
    // "emitDecoratorMetadata": true,         /* Enables experimental support for emitting type metadata for decorators. */
  },
-  "exclude": ["node_modules", "**/*.test.ts"]
-}
+  "exclude": ["node_modules", "**/*.test.ts", "jest.config.ts"]
+}