@htekdev/actions-debugger 1.0.118 → 1.0.119

package/errors/silent-failures/silent-failures-110.yml

@@ -0,0 +1,91 @@
+id: silent-failures-110
+title: 'setup-node v6 cache:npm silently aborts entire Windows job when npm cache directory does not exist'
+category: silent-failures
+severity: silent-failure
+tags:
+  - setup-node
+  - windows
+  - npm
+  - cache
+  - silent-failure
+  - fresh-runner
+  - npm-cache-path
+patterns:
+  - regex: 'Found in cache.*\n(?:.*\n){0,5}Post job cleanup'
+    flags: 'im'
+  - regex: 'npm config get cache.*\n(?:.*\n){0,3}(?:Detected npm|Auto caching)'
+    flags: 'im'
+  - regex: 'setup-node.*cache.*npm.*windows.*abort'
+    flags: 'i'
+error_messages:
+  - 'Found in cache @ C:\hostedtoolcache\windows\node\22...'
+  - 'Detected npm as the package manager from package.json'
+  - 'Auto caching has been enabled for npm.'
+root_cause: |
+  actions/setup-node@v6 with `cache: 'npm'` (or auto-detected npm caching when
+  package.json has `packageManager: npm`) calls `npm config get cache` to locate the
+  npm cache directory before registering it with actions/cache.
+
+  On fresh Windows runners (hosted or self-hosted), `C:\npm\cache` does not yet exist
+  because no prior npm install has run in this workspace. The Node.js process executing
+  `npm config get cache` internally tries to initialise the npm config directory and
+  hits an EEXIST or missing-parent-directory race in npm's cache initialisation code
+  (npm/cli#7308). The runner process exits after ~24 seconds with no error message and
+  no non-zero exit code.
+
+  The result: every step AFTER setup-node is silently skipped. The job shows as
+  "Success" or the failure appears much later in a confusing step, making this
+  extremely hard to diagnose.
+
+  Affected versions: actions/setup-node@v6.4.0+; most frequently seen on
+  `windows-latest` and `windows-2025` hosted runners.
+fix: |
+  Remove `cache: 'npm'` from setup-node on Windows runners and handle npm caching
+  separately using actions/cache pointing at `~/.npm` or the correct Windows path.
+
+  Alternatively, run a no-op npm command before setup-node to force-create the cache
+  directory (not recommended as a long-term fix).
+
+  If npm caching is needed, use setup-node without `cache:` and add an explicit
+  actions/cache step after npm install has run at least once.
+fix_code:
+  - language: yaml
+    label: 'Remove cache:npm from setup-node; handle caching separately'
+    code: |
+      - uses: actions/setup-node@v6
+        with:
+          node-version: '22'
+          # Do NOT set cache: 'npm' on Windows — it silently aborts on fresh runners
+
+      - name: Get npm cache dir
+        id: npm-cache-dir
+        shell: pwsh
+        run: echo "dir=$(npm config get cache)" >> $env:GITHUB_OUTPUT
+
+      - uses: actions/cache@v4
+        with:
+          path: ${{ steps.npm-cache-dir.outputs.dir }}
+          key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }}
+          restore-keys: |
+            ${{ runner.os }}-npm-
+
+      - run: npm ci
+  - language: yaml
+    label: 'Cross-platform: use cache:npm only on non-Windows'
+    code: |
+      - uses: actions/setup-node@v6
+        with:
+          node-version: '22'
+          cache: ${{ runner.os != 'Windows' && 'npm' || '' }}
+prevention:
+  - 'Never set cache: npm in setup-node for Windows-targeted jobs without verifying the npm cache directory pre-exists.'
+  - 'When targeting multiple OSes with a matrix, conditionally disable cache:npm on Windows runners.'
+  - 'After setup-node on Windows, immediately run a trivial npm command (e.g., npm --version) and verify the step succeeds before continuing.'
+  - 'Pin setup-node version and watch the changelog for fixes to the Windows npm cache init race.'
+docs:
+  - url: 'https://github.com/unslothai/unsloth/pull/5474'
+    label: 'unsloth PR #5474 — drop cache:npm from setup-node (silent abort on Windows)'
+  - url: 'https://github.com/npm/cli/issues/7308'
+    label: 'npm/cli#7308 — EEXIST/missing-dir race in npm cache directory initialisation'
+  - url: 'https://github.com/actions/setup-node/issues/1556'
+    label: 'setup-node#1556 — setup-node silently falls through on download/extract failure'

package/errors/silent-failures/silent-failures-111.yml

@@ -0,0 +1,107 @@
+id: silent-failures-111
+title: '`helm list` shows all release states by default in Helm 4 — scripts silently return unexpected releases'
+category: silent-failures
+severity: silent-failure
+tags:
+  - helm
+  - helm-4
+  - ubuntu-26
+  - tool-upgrade
+  - output-change
+  - deploy-check
+patterns:
+  - regex: 'helm list'
+    flags: 'i'
+error_messages:
+  - '# No error message — helm list exits 0 but returns FAILED/SUPERSEDED/UNINSTALLED releases alongside DEPLOYED ones'
+root_cause: |
+  In Helm 3, `helm list` (without flags) only returned releases in the DEPLOYED
+  state. To see releases in all states, you had to pass `-a`/`--all`.
+
+  In Helm 4 (installed on ubuntu-26.04), `helm list` returns releases of ALL
+  states by default: DEPLOYED, FAILED, SUPERSEDED, UNINSTALLED, PENDING_INSTALL,
+  PENDING_UPGRADE, PENDING_ROLLBACK. The `-a`/`--all` flag was temporarily removed
+  (helm/helm#31784) and restored as a deprecated no-op in Helm 4.1.1+.
+
+  This causes silent failures in two common patterns:
+
+  1. **Existence check**: `helm list --filter my-release | grep my-release` returns
+     a match even if the release is in a FAILED state, causing a subsequent
+     `helm upgrade` to proceed when `helm install` should have been used instead
+     (or vice versa).
+
+  2. **Release count**: Scripts that count `helm list | wc -l` to assert a number
+     of deployed releases now count more releases than expected.
+
+  3. **CI deploy gate**: Pipelines that run `helm list` to verify a deployment
+     succeeded will see FAILED releases included in output and may incorrectly
+     conclude the deployment is present/healthy.
+
+  No error is thrown — `helm list` exits 0 in all cases. The bug is in the
+  consuming script's assumption about Helm 3 behavior.
+fix: |
+  Filter `helm list` output explicitly by state using the `--deployed` flag
+  or the `--filter`+`--output json` approach to check actual release status.
+
+  In Helm 4, use `helm status <release>` to get the definitive state of a
+  specific release rather than parsing `helm list` output.
+fix_code:
+  - language: yaml
+    label: 'Use --deployed flag to replicate Helm 3 default behavior'
+    code: |
+      - name: Check if release is deployed
+        run: |
+          # Helm 4 on ubuntu-26.04: helm list shows ALL states by default.
+          # Use --deployed to replicate Helm 3 default behavior:
+          DEPLOYED=$(helm list --deployed --filter "^my-release$" --short)
+          if [ -n "$DEPLOYED" ]; then
+            echo "Release is deployed — running upgrade"
+            helm upgrade my-release ./chart
+          else
+            echo "No deployed release found — running install"
+            helm install my-release ./chart
+          fi
+
+  - language: yaml
+    label: 'Use helm status for definitive state check'
+    code: |
+      - name: Check release status
+        run: |
+          # helm status exits non-zero if the release does not exist.
+          # Use --output json to get machine-parseable state:
+          STATUS=$(helm status my-release --output json 2>/dev/null | jq -r '.info.status' || echo "not-found")
+          echo "Release status: $STATUS"
+          if [ "$STATUS" = "deployed" ]; then
+            echo "Healthy — proceeding"
+          elif [ "$STATUS" = "failed" ]; then
+            echo "Previous install failed — rolling back before upgrade"
+            helm rollback my-release 0  # Roll back to last successful
+          else
+            echo "Installing fresh"
+            helm install my-release ./chart
+          fi
+
+  - language: yaml
+    label: 'Use helm list --output json for precise state parsing'
+    code: |
+      - name: List only deployed releases
+        run: |
+          # Explicitly request only DEPLOYED state, output JSON for safe parsing:
+          helm list --deployed --output json | jq '.[] | .name + " (" + .status + ")"'
+          # Do NOT rely on: helm list | grep release-name
+          # In Helm 4, this matches FAILED/SUPERSEDED releases too.
+prevention:
+  - "Never use `helm list | grep <release>` as a deployment check — it matches any release state in Helm 4."
+  - "Use `helm list --deployed` or `helm status <release>` for definitive deployed-state checks."
+  - "When migrating to ubuntu-26.04, audit all scripts that parse `helm list` output."
+  - "Add `--output json` to `helm list` calls and parse `status` field explicitly rather than relying on line-presence checks."
+  - "Pin Helm 3 with `azure/setup-helm` if your scripts are not yet Helm 4 compatible."
+docs:
+  - url: 'https://github.com/helm/helm/issues/31784'
+    label: 'helm/helm#31784 — Breaking change to helm list CLI command in v4'
+  - url: 'https://helm.sh/docs/topics/v4_migration/'
+    label: 'Helm v4 Migration Guide'
+  - url: 'https://helm.sh/docs/helm/helm_list/'
+    label: 'helm list command reference'
+  - url: 'https://github.com/actions/runner-images/commit/9e3319d6b4acc306925295853d0ff41ddd5c40f0'
+    label: 'runner-images commit: ubuntu-26.04 installs Helm 4'

package/errors/yaml-syntax/yaml-syntax-072.yml

@@ -0,0 +1,93 @@
+id: yaml-syntax-072
+title: 'concurrency queue: max rejected as "Unknown Property" by act and actionlint (May 2026 schema lag)'
+category: yaml-syntax
+severity: error
+tags:
+  - concurrency
+  - queue
+  - act
+  - actionlint
+  - schema-validation
+  - local-ci
+  - queue-max
+patterns:
+  - regex: 'Unknown Property queue'
+    flags: 'i'
+  - regex: 'Failed to match concurrency-mapping.*Unknown Property queue'
+    flags: 'is'
+  - regex: 'concurrency.*queue.*unknown|queue.*max.*schema.*invalid'
+    flags: 'i'
+  - regex: 'actionlint.*"queue".*unknown key'
+    flags: 'i'
+error_messages:
+  - "Line: 4 Column 3: Unknown Property queue"
+  - "Failed to match concurrency-mapping: Line: 6 Column 3: Unknown Property queue"
+  - 'Actions YAML Schema Validation Error detected: Unknown Property queue'
+  - 'unknown key "queue" for "concurrency"'
+root_cause: |
+  GitHub added the `queue` field to the concurrency block in May 2026 (Changelog:
+  "GitHub Actions concurrency groups now allow larger queues"). The new field accepts
+  `single` (default — one pending run) or `max` (up to 100 queued runs).
+
+  Local workflow tooling has not been updated to recognize this field:
+
+  - **nektos/act ≤0.2.88** — `pkg/schema/workflow_schema.json` defines `concurrency-mapping`
+    with only `group` and `cancel-in-progress`. Any workflow using `queue: max` or
+    `queue: single` fails immediately at schema validation, before any step runs.
+
+  - **rhysd/actionlint ≤1.7.8** — the actionlint parser similarly rejects `queue` as an
+    unknown concurrency key, blocking pre-commit hooks and CI lint gates.
+
+  This is a **tooling lag** — the workflow is perfectly valid on GitHub.com and runs
+  correctly in hosted runners. The failure only occurs in local development environments
+  and CI pipelines that use act or actionlint for pre-flight validation.
+
+  SchemaStore (github-workflow.json) already encodes the `queue` enum, so VS Code's
+  GitHub Actions extension does NOT exhibit this error.
+fix: |
+  Until act and actionlint release updated versions with queue support, use one of:
+
+  1. Upgrade act to a version that includes PR #6097 (queue schema fix) — check
+     github.com/nektos/act for the minimum patched version.
+
+  2. Upgrade actionlint to a version that includes the fix for issue #657.
+
+  3. Skip schema validation for workflows that use queue (act: add --no-schema-valid flag;
+     actionlint: add -ignore 'queue' comment).
+
+  4. Temporarily remove queue: max while waiting for local tooling to catch up; GitHub.com
+     itself already supports it and local validation is the only blocker.
+fix_code:
+  - language: yaml
+    label: 'Correct workflow syntax — valid on GitHub.com even if local tools reject it'
+    code: |
+      concurrency:
+        group: ${{ github.workflow }}-${{ github.ref }}
+        cancel-in-progress: false
+        queue: max    # queues up to 100 pending runs instead of cancelling them
+  - language: yaml
+    label: 'Suppress actionlint error with inline ignore comment'
+    code: |
+      concurrency:
+        group: ${{ github.workflow }}-${{ github.ref }}
+        cancel-in-progress: false
+        queue: max  # actionlint:ignore
+  - language: yaml
+    label: 'Skip act schema validation flag (temporary workaround)'
+    code: |
+      # In .actrc or CLI:
+      # act --no-schema-validate
+prevention:
+  - 'Pin act and actionlint versions in your tooling and monitor their changelogs when GitHub Actions releases new YAML keys.'
+  - 'When a workflow is valid on GitHub.com but rejected locally, check if it uses a recently-added key (queue, timezone, etc.) that local tools have not caught up with.'
+  - 'Use the SchemaStore github-workflow.json schema in VS Code for real-time validation — it tends to be updated faster than act/actionlint.'
+  - 'Do not block PR merges on local-only actionlint errors when the same workflow runs successfully in GitHub Actions CI.'
+docs:
+  - url: 'https://github.com/nektos/act/issues/6095'
+    label: 'nektos/act#6095 — concurrency.queue fails schema validation (May 2026)'
+  - url: 'https://github.com/rhysd/actionlint/issues/657'
+    label: 'rhysd/actionlint#657 — unknown key "queue" for concurrency'
+  - url: 'https://github.blog/changelog/2026-05-07-github-actions-concurrency-groups-now-allow-larger-queues/'
+    label: 'GitHub Changelog — concurrency groups now allow larger queues (May 2026)'
+  - url: 'https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#concurrencyqueue'
+    label: 'GitHub Docs — concurrency.queue syntax reference'

package/errors/yaml-syntax/yaml-syntax-073.yml

@@ -0,0 +1,103 @@
+id: yaml-syntax-073
+title: "setup-python 'python-version: 3.10' Parsed as YAML Float 3.1 — Wrong Python Version Installed"
+category: yaml-syntax
+severity: silent-failure
+tags:
+  - setup-python
+  - yaml-float
+  - python-version
+  - version-mismatch
+  - silent-failure
+patterns:
+  - regex: 'Version 3\.1 with arch .{0,20} not found'
+    flags: 'i'
+  - regex: "Installed Python 3\\.1\\."
+    flags: 'i'
+  - regex: 'python.version.*3\.10.*3\.1|3\.10.*yaml.*float'
+    flags: 'i'
+error_messages:
+  - "Version 3.1 with arch x64 not found in the local, remote file."
+  - "Version 3.1 with arch x64 not found"
+  - "Installed Python 3.1.5"
+  - "Error: Version 3.1 was not found in the local cache"
+root_cause: |
+  When 'python-version' is specified as a bare unquoted decimal like 3.10
+  in a workflow YAML file, the YAML parser interprets the value as a
+  floating-point number. The float representation of 3.10 is 3.1 (the
+  trailing zero is dropped during float-to-string conversion).
+
+  actions/setup-python then receives the string "3.1" and attempts to
+  install Python version 3.1.x. Python 3.1 is an extremely old release
+  from 2009 and is not available in the tool cache. The action either:
+
+  a) Fails with "Version 3.1 with arch x64 not found" — if the version
+     is not in the manifest (common on GitHub-hosted runners).
+  b) Silently installs the latest 3.1.x if one happens to be cached,
+     giving developers an unexpectedly old Python environment with no
+     warning.
+
+  Affected version strings: any Python version where the minor version
+  ends in zero (3.10, 3.20 if it existed, etc.) or has trailing decimal
+  zeros (3.10.0 → still has the problem if written unquoted as 3.10).
+
+  The same YAML float coercion affects other setup-* actions:
+  - setup-go with go-version: 1.20 → "1.2" (yaml-syntax-027)
+  - setup-node with node-version: 18.10 → "18.1"
+  This entry specifically covers setup-python.
+fix: |
+  Always quote the python-version value in YAML to force the parser to
+  treat it as a string, not a number.
+fix_code:
+  - language: yaml
+    label: "Wrong — unquoted 3.10 parsed as float 3.1"
+    code: |
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.10   # ❌ YAML parses as float → installs 3.1.x
+
+  - language: yaml
+    label: "Fixed — quoted string forces correct version"
+    code: |
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.10'   # ✅ Quoted string → installs 3.10.x
+
+  - language: yaml
+    label: "Fixed — matrix with quoted python versions"
+    code: |
+      jobs:
+        test:
+          strategy:
+            matrix:
+              python-version: ['3.9', '3.10', '3.11', '3.12']
+              #               ^^^^^^  ^^^^^^  ^^^^^^  ^^^^^^
+              # All quoted — prevents YAML float coercion for any version
+          steps:
+            - uses: actions/setup-python@v5
+              with:
+                python-version: ${{ matrix.python-version }}
+
+  - language: yaml
+    label: "Alternative — use python-version-file to avoid manual version strings"
+    code: |
+      - uses: actions/setup-python@v5
+        with:
+          python-version-file: '.python-version'
+          # .python-version file contains: 3.10.14
+          # File-based version is read as plain text, not YAML — no float risk
+
+prevention:
+  - "Always quote python-version values in YAML: '3.10' not 3.10."
+  - "Use python-version-file: '.python-version' or pyproject.toml to read version from a non-YAML source."
+  - "Apply the same quoting rule to all setup-* version inputs: '1.20' for Go, '18.10' for Node."
+  - "Run actionlint — it warns about unquoted version strings in matrix definitions."
+  - "Check 'Set up Python' step output in the Actions log — it shows the resolved version string."
+docs:
+  - url: "https://github.com/actions/setup-python/issues/160"
+    label: "actions/setup-python#160 — python-version 3.10 parsed as float 3.1 (109 reactions)"
+  - url: "https://yaml.org/spec/1.2.2/#floating-point-scalars"
+    label: "YAML spec — floating-point scalar parsing rules"
+  - url: "https://github.com/actions/setup-python#supported-version-syntax"
+    label: "actions/setup-python — supported version syntax"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@htekdev/actions-debugger",
-  "version": "1.0.118",
+  "version": "1.0.119",
   "description": "65+ real GitHub Actions errors, queryable by agents. CLI + MCP server + Copilot skills + error database.",
   "type": "module",
   "main": "./dist/index.js",