actions-up 1.12.0 → 1.13.0

package/dist/core/scan-github-actions.js

@@ -2,17 +2,17 @@ import { ACTIONS_DIRECTORY, GITHUB_DIRECTORY, WORKFLOWS_DIRECTORY } from "./cons
 import { isYamlFile } from "./fs/is-yaml-file.js";
 import { scanWorkflowFile } from "./scan-workflow-file.js";
 import { scanActionFile } from "./scan-action-file.js";
-import { readFile, readdir, stat } from "node:fs/promises";
 import { isAbsolute, join, relative, resolve } from "node:path";
-async function scanGitHubActions(d = process.cwd(), m = GITHUB_DIRECTORY) {
+import { readFile, readdir, stat } from "node:fs/promises";
+async function scanGitHubActions(p = process.cwd(), m = GITHUB_DIRECTORY) {
 	let h = {
 		compositeActions: /* @__PURE__ */ new Map(),
 		workflows: /* @__PURE__ */ new Map(),
 		actions: []
-	}, g = resolve(d);
-	function _(e, o) {
-		let s = relative(e, o);
-		return s !== "" && !s.startsWith("..") && !isAbsolute(s);
+	}, g = resolve(p);
+	function _(e, a) {
+		let o = relative(e, a);
+		return o !== "" && !o.startsWith("..") && !isAbsolute(o);
 	}
 	let v = join(g, m);
 	function y(e) {
@@ -20,8 +20,8 @@ async function scanGitHubActions(d = process.cwd(), m = GITHUB_DIRECTORY) {
 	}
 	async function b(e) {
 		try {
-			let o = await stat(e);
-			return typeof o.isFile == "function" ? o.isFile() : !1;
+			let a = await stat(e);
+			return typeof a.isFile == "function" ? a.isFile() : !1;
 		} catch {
 			return !1;
 		}
@@ -30,13 +30,13 @@ async function scanGitHubActions(d = process.cwd(), m = GITHUB_DIRECTORY) {
 	try {
 		if ((await stat(x)).isDirectory()) {
 			let e = (await readdir(x)).filter((e) => y(e) ? isYamlFile(e) : !1).map(async (e) => {
-				let o = join(x, e);
+				let a = join(x, e);
 				try {
-					let c = await scanWorkflowFile(o);
+					let s = await scanWorkflowFile(a);
 					return {
 						path: `${m}/${WORKFLOWS_DIRECTORY}/${e}`,
 						success: !0,
-						actions: c
+						actions: s
 					};
 				} catch {
 					return {
@@ -45,111 +45,111 @@ async function scanGitHubActions(d = process.cwd(), m = GITHUB_DIRECTORY) {
 						actions: []
 					};
 				}
-			}), o = await Promise.all(e);
-			for (let e of o) e.success && e.path && (e.actions.length > 0 ? (h.workflows.set(e.path, e.actions), h.actions.push(...e.actions)) : h.workflows.set(e.path, []));
+			}), a = await Promise.all(e);
+			for (let e of a) e.success && e.path && (e.actions.length > 0 ? (h.workflows.set(e.path, e.actions), h.actions.push(...e.actions)) : h.workflows.set(e.path, []));
 		}
 	} catch {}
 	try {
-		let e = join(g, "action.yml"), o = join(g, "action.yaml"), s = null, c = [];
+		let e = join(g, "action.yml"), a = join(g, "action.yaml"), o = null, s = [];
 		if (await b(e)) try {
-			c = await scanActionFile(e), s = e;
+			s = await scanActionFile(e), o = e;
 		} catch {
-			s = null;
+			o = null;
 		}
-		if (!s && await b(o)) try {
-			c = await scanActionFile(o), s = o;
+		if (!o && await b(a)) try {
+			s = await scanActionFile(a), o = a;
 		} catch {
-			s = null;
+			o = null;
 		}
-		if (s) {
-			let e = relative(g, s);
-			h.compositeActions.set(e, e), c.length > 0 && h.actions.push(...c);
+		if (o) {
+			let e = relative(g, o);
+			h.compositeActions.set(e, e), s.length > 0 && h.actions.push(...s);
 		}
 	} catch {}
 	let S = join(v, ACTIONS_DIRECTORY);
 	try {
 		if ((await stat(S)).isDirectory()) {
-			let o = (await readdir(S)).map(async (o) => {
-				if (!y(o)) return null;
-				let s = join(S, o);
+			let a = (await readdir(S)).map(async (a) => {
+				if (!y(a)) return null;
+				let o = join(S, a);
 				try {
-					if (!(await stat(s)).isDirectory()) return null;
-					let c = join(s, "action.yml"), l = [];
+					if (!(await stat(o)).isDirectory()) return null;
+					let s = join(o, "action.yml"), c = [];
 					try {
-						l = await scanActionFile(c);
+						c = await scanActionFile(s);
 					} catch {
 						try {
-							c = join(s, "action.yaml"), l = await scanActionFile(c);
+							s = join(o, "action.yaml"), c = await scanActionFile(s);
 						} catch {
 							return null;
 						}
 					}
 					return {
-						path: `${m}/${ACTIONS_DIRECTORY}/${o}`,
-						name: o,
-						actions: l
+						path: `${m}/${ACTIONS_DIRECTORY}/${a}`,
+						name: a,
+						actions: c
 					};
 				} catch {
 					return null;
 				}
-			}), s = await Promise.all(o);
-			for (let e of s) e && (h.compositeActions.set(e.name, e.path), h.actions.push(...e.actions));
+			}), o = await Promise.all(a);
+			for (let e of o) e && (h.compositeActions.set(e.name, e.path), h.actions.push(...e.actions));
 		}
 	} catch {}
 	try {
 		let e = await getCurrentRepoSlug(g);
 		if (e) {
 			if (process.env.ACTIONS_UP_TEST_THROW === "1") throw Error("test");
-			let o = /* @__PURE__ */ new Set(), s = [];
-			for (let c of h.actions) {
-				if (c.type !== "external") continue;
-				let l = c.name.split("/");
-				if (l.length < 3 || `${l[0]}/${l[1]}` !== e) continue;
-				let u = join(g, ...l.slice(2));
-				_(g, u) && (o.has(u) || (o.add(u), s.push(u)));
+			let a = /* @__PURE__ */ new Set(), o = [];
+			for (let s of h.actions) {
+				if (s.type !== "external") continue;
+				let c = s.name.split("/");
+				if (c.length < 3 || `${c[0]}/${c[1]}` !== e) continue;
+				let l = join(g, ...c.slice(2));
+				_(g, l) && (a.has(l) || (a.add(l), o.push(l)));
 			}
-			async function c() {
-				if (s.length === 0) return;
-				let l = s.splice(0), d = await Promise.all(l.map(async (s) => {
+			async function s() {
+				if (o.length === 0) return;
+				let c = o.splice(0), u = await Promise.all(c.map(async (o) => {
 					try {
-						let c = join(s, "action.yml"), l = join(s, "action.yaml"), d = c;
+						let s = join(o, "action.yml"), c = join(o, "action.yaml"), u = s;
 						try {
-							if (!(await stat(c)).isFile()) throw Error("not a file");
+							if (!(await stat(s)).isFile()) throw Error("not a file");
 						} catch {
-							if (!(await stat(l)).isFile()) throw Error("not a file");
-							d = l;
+							if (!(await stat(c)).isFile()) throw Error("not a file");
+							u = c;
 						}
-						let f = await scanActionFile(d);
-						f.length > 0 && h.actions.push(...f);
-						let p = [];
-						for (let s of f) {
-							if (s.type !== "external") continue;
-							let c = s.name.split("/");
-							if (c.length < 3 || `${c[0]}/${c[1]}` !== e) continue;
-							let l = join(g, ...c.slice(2));
-							_(g, l) && (o.has(l) || (o.add(l), p.push(l)));
+						let d = await scanActionFile(u);
+						d.length > 0 && h.actions.push(...d);
+						let f = [];
+						for (let o of d) {
+							if (o.type !== "external") continue;
+							let s = o.name.split("/");
+							if (s.length < 3 || `${s[0]}/${s[1]}` !== e) continue;
+							let c = join(g, ...s.slice(2));
+							_(g, c) && (a.has(c) || (a.add(c), f.push(c)));
 						}
-						return p;
+						return f;
 					} catch {
 						return [];
 					}
 				}));
-				for (let e of d) for (let o of e) s.push(o);
-				await c();
+				for (let e of u) for (let a of e) o.push(a);
+				await s();
 			}
-			await c();
+			await s();
 		}
 	} catch {}
 	return h;
 }
 async function getCurrentRepoSlug(e) {
-	let o = process.env.GITHUB_REPOSITORY;
-	if (o && /^[^\s/]+\/[^\s/]+$/u.test(o)) return o;
+	let a = process.env.GITHUB_REPOSITORY;
+	if (a && /^[^\s/]+\/[^\s/]+$/u.test(a)) return a;
 	try {
-		let o = await readFile(join(e, ".git", "config"), "utf8"), s = o.match(/\[remote "origin"\][\s\S]*?url\s*=\s*(?<url>.+)/u)?.groups?.url?.trim();
-		if (s ||= o.match(/url\s*=\s*(?<url>.+)/u)?.groups?.url?.trim(), !s) return null;
-		let c = s.match(/github\.com[/:](?<owner>[^/]+)\/(?<repo>[^./]+)(?:\.git)?$/u);
-		if (c?.groups) return `${c.groups.owner}/${c.groups.repo}`;
+		let a = await readFile(join(e, ".git", "config"), "utf8"), o = a.match(/\[remote "origin"\][\s\S]*?url\s*=\s*(?<url>.+)/u)?.groups?.url?.trim();
+		if (o ||= a.match(/url\s*=\s*(?<url>.+)/u)?.groups?.url?.trim(), !o) return null;
+		let s = o.match(/github\.com[/:](?<owner>[^/]+)\/(?<repo>[^./]+)(?:\.git)?$/u);
+		if (s?.groups) return `${s.groups.owner}/${s.groups.repo}`;
 	} catch {}
 	return null;
 }

package/dist/core/versions/get-update-level.d.ts

@@ -1,4 +1,6 @@
-/** Update level for a version change. */
+/**
+ * Update level for a version change.
+ */
 type UpdateLevel = 'unknown' | 'major' | 'minor' | 'patch' | 'none';
 /**
  * Determine the update level between two version strings.

package/dist/package.js

@@ -1,2 +1,2 @@
-const version = "1.12.0";
+const version = "1.13.0";
 export { version };

package/dist/types/action-update.d.ts

@@ -1,30 +1,50 @@
 import { GitHubAction } from './github-action';
-/** Update information for a GitHub Action. */
+/**
+ * Update information for a GitHub Action.
+ */
 export interface ActionUpdate {
-  /** Reason for skipping the update check. */
+  /**
+   * Reason for skipping the update check.
+   */
   skipReason?: 'unknown' | 'branch'
 
-  /** Current version string. */
+  /**
+   * Current version string.
+   */
   currentVersion: string | null
 
-  /** Latest available version. */
+  /**
+   * Latest available version.
+   */
   latestVersion: string | null
 
-  /** Status of the check for this action. */
+  /**
+   * Status of the check for this action.
+   */
   status?: 'skipped' | 'ok'
 
-  /** SHA hash of the latest version. */
+  /**
+   * SHA hash of the latest version.
+   */
   latestSha: string | null
 
-  /** Publication date of the latest version (null if unknown). */
+  /**
+   * Publication date of the latest version (null if unknown).
+   */
   publishedAt: Date | null
 
-  /** The original action from scanning. */
+  /**
+   * The original action from scanning.
+   */
   action: GitHubAction
 
-  /** Whether this is a major version change. */
+  /**
+   * Whether this is a major version change.
+   */
   isBreaking: boolean
 
-  /** Whether an update is available. */
+  /**
+   * Whether an update is available.
+   */
   hasUpdate: boolean
 }

package/dist/types/composite-action-runs.d.ts

@@ -1,12 +1,20 @@
 import { CompositeActionStep } from './composite-action-step';
-/** Represents the runs configuration for a composite action. */
+/**
+ * Represents the runs configuration for a composite action.
+ */
 export interface CompositeActionRuns {
-  /** Array of steps to execute. */
+  /**
+   * Array of steps to execute.
+   */
   steps?: CompositeActionStep[]
 
-  /** Allow additional properties. */
+  /**
+   * Allow additional properties.
+   */
   [key: string]: unknown
 
-  /** Must be 'composite' for composite actions. */
+  /**
+   * Must be 'composite' for composite actions.
+   */
   using?: string
 }

package/dist/types/composite-action-step.d.ts

@@ -1,23 +1,39 @@
-/** Represents a step in a composite GitHub Action. */
+/**
+ * Represents a step in a composite GitHub Action.
+ */
 export interface CompositeActionStep {
-  /** Environment variables for this step. */
+  /**
+   * Environment variables for this step.
+   */
   env?: Record<string, unknown>
 
-  /** Working directory for the step. */
+  /**
+   * Working directory for the step.
+   */
   'working-directory'?: string
 
-  /** Allow additional properties. */
+  /**
+   * Allow additional properties.
+   */
   [key: string]: unknown
 
-  /** Shell to use for the run command. */
+  /**
+   * Shell to use for the run command.
+   */
   shell?: string
 
-  /** Action to use for this step. */
+  /**
+   * Action to use for this step.
+   */
   uses?: string
 
-  /** Display name for this step. */
+  /**
+   * Display name for this step.
+   */
   name?: string
 
-  /** Shell command to run for this step. */
+  /**
+   * Shell command to run for this step.
+   */
   run?: string
 }

package/dist/types/composite-action-structure.d.ts

@@ -1,21 +1,35 @@
 import { CompositeActionRuns } from './composite-action-runs';
-/** Represents the structure of a composite GitHub Action file. */
+/**
+ * Represents the structure of a composite GitHub Action file.
+ */
 export interface CompositeActionStructure {
-  /** Output values from the action. */
+  /**
+   * Output values from the action.
+   */
   outputs?: Record<string, unknown>
 
-  /** Input parameters for the action. */
+  /**
+   * Input parameters for the action.
+   */
   inputs?: Record<string, unknown>
 
-  /** Runs configuration for composite actions. */
+  /**
+   * Runs configuration for composite actions.
+   */
   runs?: CompositeActionRuns
 
-  /** Allow additional properties. */
+  /**
+   * Allow additional properties.
+   */
   [key: string]: unknown
 
-  /** Description of what the action does. */
+  /**
+   * Description of what the action does.
+   */
   description?: string
 
-  /** Display name of the action. */
+  /**
+   * Display name of the action.
+   */
   name?: string
 }

package/dist/types/github-action.d.ts

@@ -1,26 +1,44 @@
-/** Represents a GitHub Action used in workflows or composite actions. */
+/**
+ * Represents a GitHub Action used in workflows or composite actions.
+ */
 export interface GitHubAction {
-  /** Type of the GitHub Action. */
+  /**
+   * Type of the GitHub Action.
+   */
   type: 'reusable-workflow' | 'composite' | 'external' | 'docker' | 'local'
 
-  /** Version or tag of the action (e.g., 'v1', 'main', commit SHA). */
+  /**
+   * Version or tag of the action (e.g., 'v1', 'main', commit SHA).
+   */
   version?: string | null
 
-  /** Line number where the action is used in the file. */
+  /**
+   * Line number where the action is used in the file.
+   */
   line?: number
 
-  /** Path to the file where this action is used. */
+  /**
+   * Path to the file where this action is used.
+   */
   file?: string
 
-  /** Original `uses` string from workflow, if available. */
+  /**
+   * Original `uses` string from workflow, if available.
+   */
   uses?: string
 
-  /** Name of the job where this action is used (for workflows). */
+  /**
+   * Name of the job where this action is used (for workflows).
+   */
   job?: string
 
-  /** Full name of the action (e.g., 'actions/checkout'). */
+  /**
+   * Full name of the action (e.g., 'actions/checkout').
+   */
   name: string
 
-  /** Original `ref` string from workflow, if available. */
+  /**
+   * Original `ref` string from workflow, if available.
+   */
   ref?: string
 }

package/dist/types/github-client-context.d.ts

@@ -6,27 +6,43 @@ import { TagInfo } from './tag-info';
  * number of API requests during a single run.
  */
 export interface GitHubClientContext {
-  /** Lightweight caches keyed by owner/repo (+ extra payload). */
+  /**
+   * Lightweight caches keyed by owner/repo (+ extra payload).
+   */
   caches: {
-    /** Cache of reference type detections (branch/tag/null). */
+    /**
+     * Cache of reference type detections (branch/tag/null).
+     */
     refType: Map<string, 'branch' | 'tag' | null>
 
-    /** Cache of resolved tag metadata (message/date/SHA). */
+    /**
+     * Cache of resolved tag metadata (message/date/SHA).
+     */
     tagInfo: Map<string, TagInfo | null>
 
-    /** Cache of resolved tag commit SHAs. */
+    /**
+     * Cache of resolved tag commit SHAs.
+     */
     tagSha: Map<string, string | null>
   }
 
-  /** Remaining requests available per current rate-limit window. */
+  /**
+   * Remaining requests available per current rate-limit window.
+   */
   rateLimitRemaining: number
 
-  /** GitHub token, if available. */
+  /**
+   * GitHub token, if available.
+   */
   token: undefined | string
 
-  /** Scheduled time when rate limit resets. */
+  /**
+   * Scheduled time when rate limit resets.
+   */
   rateLimitReset: Date
 
-  /** GitHub REST API base URL. */
+  /**
+   * GitHub REST API base URL.
+   */
   baseUrl: string
 }

package/dist/types/github-client.d.ts

@@ -8,35 +8,51 @@ import { TagInfo } from './tag-info';
  * normalized, serializable data structures.
  */
 export interface GitHubClient {
-  /** Detect whether a reference is a tag or a branch (or unknown). */
+  /**
+   * Detect whether a reference is a tag or a branch (or unknown).
+   */
   getRefType(
     owner: string,
     repo: string,
     reference: string,
   ): Promise<'branch' | 'tag' | null>
 
-  /** List releases with minimal enrichment. */
+  /**
+   * List releases with minimal enrichment.
+   */
   getAllReleases(
     owner: string,
     repo: string,
     limit?: number,
   ): Promise<ReleaseInfo[]>
 
-  /** Fetch tag metadata (message/date) and the resolved commit SHA. */
+  /**
+   * Fetch tag metadata (message/date) and the resolved commit SHA.
+   */
   getTagInfo(owner: string, repo: string, tag: string): Promise<TagInfo | null>
 
-  /** Resolve commit SHA for a tag without fetching commit data. */
+  /**
+   * Resolve commit SHA for a tag without fetching commit data.
+   */
   getTagSha(owner: string, repo: string, tag: string): Promise<string | null>
 
-  /** List repository tags (name + commit SHA). */
+  /**
+   * List repository tags (name + commit SHA).
+   */
   getAllTags(owner: string, repo: string, limit?: number): Promise<TagInfo[]>
 
-  /** Fetch the latest release or null when no latest release exists. */
+  /**
+   * Fetch the latest release or null when no latest release exists.
+   */
   getLatestRelease(owner: string, repo: string): Promise<ReleaseInfo | null>
 
-  /** Current rate limit snapshot. */
+  /**
+   * Current rate limit snapshot.
+   */
   getRateLimitStatus(): { remaining: number; resetAt: Date }
 
-  /** True when remaining requests are below a threshold. */
+  /**
+   * True when remaining requests are below a threshold.
+   */
   shouldWaitForRateLimit(threshold?: number): boolean
 }

package/dist/types/release-info.d.ts

@@ -1,23 +1,39 @@
-/** Normalized release information used across the tool. */
+/**
+ * Normalized release information used across the tool.
+ */
 export interface ReleaseInfo {
-  /** Release description (body) or null when absent. */
+  /**
+   * Release description (body) or null when absent.
+   */
   description: string | null
 
-  /** True when the release is marked as prerelease. */
+  /**
+   * True when the release is marked as prerelease.
+   */
   isPrerelease: boolean
 
-  /** Commit SHA associated with the release tag (may be null). */
+  /**
+   * Commit SHA associated with the release tag when known (may be provisional).
+   */
   sha: string | null
 
-  /** Publication date of the release. */
+  /**
+   * Publication date of the release.
+   */
   publishedAt: Date
 
-  /** Tag name (e.g. V1.2.3). */
+  /**
+   * Tag name (e.g. V1.2.3).
+   */
   version: string
 
-  /** Release name or tag name when name is not provided. */
+  /**
+   * Release name or tag name when name is not provided.
+   */
   name: string
 
-  /** HTML URL of the release page. */
+  /**
+   * HTML URL of the release page.
+   */
   url: string
 }

package/dist/types/scan-result.d.ts

@@ -1,12 +1,20 @@
 import { GitHubAction } from './github-action';
-/** Result of scanning a repository for GitHub Actions usage. */
+/**
+ * Result of scanning a repository for GitHub Actions usage.
+ */
 export interface ScanResult {
-  /** Map of workflow files to their used GitHub Actions. */
+  /**
+   * Map of workflow files to their used GitHub Actions.
+   */
   workflows: Map<string, GitHubAction[]>
 
-  /** Map of composite action names to their file paths. */
+  /**
+   * Map of composite action names to their file paths.
+   */
   compositeActions: Map<string, string>
 
-  /** List of all unique GitHub Actions found in the repository. */
+  /**
+   * List of all unique GitHub Actions found in the repository.
+   */
   actions: GitHubAction[]
 }