actions-up 1.13.0 → 1.14.0

package/dist/core/api/check-updates.js

@@ -2,19 +2,20 @@ import { normalizeVersion } from "../versions/normalize-version.js";
 import { isSemverLike } from "../versions/is-semver-like.js";
 import { createGitHubClient } from "./create-github-client.js";
 import semver from "semver";
-async function checkUpdates(i, o, l) {
-	let u = l?.client ?? createGitHubClient(o), d = l?.includeBranches ?? !1, f = i.filter((e) => e.type === "external" || e.type === "reusable-workflow");
-	if (f.length === 0) return [];
-	let p = /* @__PURE__ */ new Map();
-	for (let e of f) {
-		let t = p.get(e.name) ?? [];
-		t.push(e), p.set(e.name, t);
+async function checkUpdates(i, o, u) {
+	let d = u?.client ?? createGitHubClient(o), f = u?.includeBranches ?? !1, p = u?.style ?? "sha", m = i.filter((e) => e.type === "external" || e.type === "reusable-workflow");
+	if (m.length === 0) return [];
+	let h = /* @__PURE__ */ new Map();
+	for (let e of m) {
+		let t = h.get(e.name) ?? [];
+		t.push(e), h.set(e.name, t);
 	}
-	let m = {
+	let g = {
 		rateLimitError: null,
 		rateLimitHit: !1
-	}, h = await [...p.keys()].reduce((n, i) => n.then(async (n) => {
-		if (m.rateLimitHit) return [...n, {
+	}, _ = await [...h.keys()].reduce((n, i) => n.then(async (n) => {
+		if (g.rateLimitHit) return [...n, {
+			currentRefType: "unknown",
 			publishedAt: null,
 			version: null,
 			actionName: i,
@@ -22,62 +23,69 @@ async function checkUpdates(i, o, l) {
 		}];
 		let a = i.split("/");
 		if (a.length < 2) return [...n, {
+			currentRefType: "unknown",
 			publishedAt: null,
 			version: null,
 			actionName: i,
 			sha: null
 		}];
-		let [o, l] = a;
-		if (!o || !l) return [...n, {
+		let [o, u] = a;
+		if (!o || !u) return [...n, {
+			currentRefType: "unknown",
 			publishedAt: null,
 			version: null,
 			actionName: i,
 			sha: null
 		}];
 		try {
-			let a = p.get(i)[0]?.version;
-			if (a && !isSha(a) && !isSemverLike(a) && await u.getRefType(o, l, a) === "branch" && !d) return [...n, {
-				skipReason: "branch",
-				status: "skipped",
-				publishedAt: null,
-				version: null,
-				actionName: i,
-				sha: null
-			}];
-			let f = await u.getLatestRelease(o, l);
-			if (!f) {
-				let e = await u.getAllReleases(o, l, 1);
-				f = e.find((e) => !e.isPrerelease) ?? e[0] ?? null;
+			let a = h.get(i)[0]?.version, p = deriveCurrentReferenceType(a);
+			if (a && !isSha(a) && !isSemverLike(a)) {
+				let e = await d.getRefType(o, u, a);
+				if (p = e === "branch" || e === "tag" ? e : p, e === "branch" && !f) return [...n, {
+					currentRefType: p,
+					skipReason: "branch",
+					status: "skipped",
+					publishedAt: null,
+					version: null,
+					actionName: i,
+					sha: null
+				}];
+			}
+			let m = await d.getLatestRelease(o, u);
+			if (!m) {
+				let e = await d.getAllReleases(o, u, 1);
+				m = e.find((e) => !e.isPrerelease) ?? e[0] ?? null;
 			}
-			if (f) {
-				let { publishedAt: a, version: s, sha: d } = f, p = !1;
+			if (m) {
+				let { publishedAt: a, version: s, sha: c } = m, f = !1;
 				{
 					let n = normalizeVersion(s), i = !!(s && s.trim() !== ""), a = i && /^v?\d+$/u.test(s.trim()), o = semver.valid(n);
-					p = !i || a || !o || !isSemverLike(s);
+					f = !i || a || !o || !isSemverLike(s);
 				}
-				if (p) {
-					let a = await u.getAllTags(o, l, 30);
+				if (f) {
+					let a = await d.getAllTags(o, u, 30);
 					if (a.length > 0) {
-						let d = a.filter((e) => isSemverLike(e.tag)).map((t) => ({
+						let c = a.filter((e) => isSemverLike(e.tag)).map((t) => ({
 							v: semver.valid(normalizeVersion(t.tag)),
 							raw: t
 						}));
-						if (d.length > 0) {
-							d.sort((e, t) => {
+						if (c.length > 0) {
+							c.sort((e, t) => {
 								let n = semver.rcompare(e.v, t.v);
 								if (n !== 0) return n;
 								let i = /\d+\.\d+/u.test(e.raw.tag) ? 1 : 0;
 								return (/\d+\.\d+/u.test(t.raw.tag) ? 1 : 0) - i;
 							});
-							let t = d[0].raw, a = semver.valid(normalizeVersion(s) ?? void 0);
-							if (!a || semver.gt(d[0].v, a) || semver.eq(d[0].v, a) && /\d+\.\d+/u.test(t.tag)) {
+							let t = c[0].raw, a = semver.valid(normalizeVersion(s) ?? void 0);
+							if (!a || semver.gt(c[0].v, a) || semver.eq(c[0].v, a) && /\d+\.\d+/u.test(t.tag)) {
 								let e = t.tag, r = t.sha?.length ? t.sha : null;
 								if (!r && e) try {
-									r = await u.getTagSha(o, l, e);
+									r = await d.getTagSha(o, u, e);
 								} catch (e) {
 									if (isRateLimitError(e)) throw e;
 								}
 								return [...n, {
+									currentRefType: p,
 									version: e,
 									publishedAt: null,
 									sha: r,
@@ -88,25 +96,26 @@ async function checkUpdates(i, o, l) {
 					}
 				}
 				if (s) {
-					let e = d;
+					let e = c;
 					try {
-						d = await u.getTagSha(o, l, s) ?? e;
+						c = await d.getTagSha(o, u, s) ?? e;
 					} catch (t) {
 						if (isRateLimitError(t)) throw t;
-						d = e;
+						c = e;
 					}
 				}
 				return [...n, {
+					currentRefType: p,
 					status: "ok",
 					publishedAt: a,
 					actionName: i,
 					version: s,
-					sha: d
+					sha: c
 				}];
 			}
-			let m = await u.getAllTags(o, l, 30);
-			if (m.length > 0) {
-				let a = m.filter((e) => isSemverLike(e.tag)).map((t) => ({
+			let g = await d.getAllTags(o, u, 30);
+			if (g.length > 0) {
+				let a = g.filter((e) => isSemverLike(e.tag)).map((t) => ({
 					v: semver.valid(normalizeVersion(t.tag)),
 					raw: t
 				})), s;
@@ -115,34 +124,38 @@ async function checkUpdates(i, o, l) {
 					if (n !== 0) return n;
 					let i = /\d+\.\d+/u.test(e.raw.tag) ? 1 : 0;
 					return (/\d+\.\d+/u.test(t.raw.tag) ? 1 : 0) - i;
-				}), s = a[0].raw) : s = m[0];
-				let d = s.tag, f = s.sha?.length ? s.sha : null;
-				if (!f && d) try {
-					f = await u.getTagSha(o, l, d);
+				}), s = a[0].raw) : s = g[0];
+				let c = s.tag, f = s.sha?.length ? s.sha : null;
+				if (!f && c) try {
+					f = await d.getTagSha(o, u, c);
 				} catch (e) {
 					if (isRateLimitError(e)) throw e;
 				}
 				return [...n, {
+					currentRefType: p,
 					status: "ok",
 					publishedAt: null,
 					actionName: i,
-					version: d,
+					version: c,
 					sha: f
 				}];
 			}
 			return [...n, {
+				currentRefType: p,
 				publishedAt: null,
 				version: null,
 				actionName: i,
 				sha: null
 			}];
 		} catch (e) {
-			return e instanceof Error && e.name === "GitHubRateLimitError" ? (m.rateLimitHit = !0, m.rateLimitError = e, [...n, {
+			return e instanceof Error && e.name === "GitHubRateLimitError" ? (g.rateLimitHit = !0, g.rateLimitError = e, [...n, {
+				currentRefType: "unknown",
 				publishedAt: null,
 				version: null,
 				actionName: i,
 				sha: null
 			}]) : (console.warn(`Failed to check ${i}:`, e), [...n, {
+				currentRefType: "unknown",
 				publishedAt: null,
 				version: null,
 				actionName: i,
@@ -150,12 +163,13 @@ async function checkUpdates(i, o, l) {
 			}]);
 		}
 	}), Promise.resolve([]));
-	if (m.rateLimitError) {
-		let e = !!(o ?? process.env.GITHUB_TOKEN), t = `${m.rateLimitError.message || "GitHub API rate limit exceeded."}\n${e ? "Wait for reset or reduce request rate." : "Please set GITHUB_TOKEN environment variable to increase the limit.\nSee: https://github.com/azat-io/actions-up?tab=readme-ov-file#github-token"}`, n = Error(t);
+	if (g.rateLimitError) {
+		let e = !!(o ?? process.env.GITHUB_TOKEN), t = `${g.rateLimitError.message || "GitHub API rate limit exceeded."}\n${e ? "Wait for reset or reduce request rate." : "Please set GITHUB_TOKEN environment variable to increase the limit.\nSee: https://github.com/azat-io/actions-up?tab=readme-ov-file#github-token"}`, n = Error(t);
 		throw n.name = "GitHubRateLimitError", n;
 	}
-	let g = /* @__PURE__ */ new Map();
-	for (let e of h) g.set(e.actionName, {
+	let v = /* @__PURE__ */ new Map();
+	for (let e of _) v.set(e.actionName, {
+		currentRefType: e.currentRefType,
 		publishedAt: e.publishedAt,
 		actionName: e.actionName,
 		skipReason: e.skipReason,
@@ -163,58 +177,65 @@ async function checkUpdates(i, o, l) {
 		status: e.status,
 		sha: e.sha
 	});
-	let _ = [];
-	for (let e of f) {
-		let t = g.get(e.name);
-		t ? _.push(createUpdate(e, {
+	let y = [];
+	for (let e of m) {
+		let t = v.get(e.name);
+		t ? y.push(createUpdate(e, {
 			publishedAt: t.publishedAt,
 			version: t.version,
 			sha: t.sha
 		}, {
+			currentRefType: t.currentRefType,
 			skipReason: t.skipReason,
-			status: t.status
-		})) : _.push(createUpdate(e, {
+			status: t.status,
+			style: p
+		})) : y.push(createUpdate(e, {
 			publishedAt: null,
 			version: null,
 			sha: null
+		}, {
+			currentRefType: deriveCurrentReferenceType(e.version),
+			style: p
 		}));
 	}
-	return _;
+	return y;
 }
-function createUpdate(t, n, i = {}) {
-	let { version: a, sha: c, publishedAt: l } = n, u = t.version ?? "unknown", d = normalizeVersion(u), f = a ? normalizeVersion(a) : null, p = i.status ?? "ok", m = i.skipReason, h = !1, g = !1;
-	if (p === "skipped") return {
+function createUpdate(t, n, i) {
+	let { version: a, sha: c, publishedAt: l } = n, u = t.version ?? "unknown", d = normalizeVersion(u), f = a ? normalizeVersion(a) : null, p = i.currentRefType, { style: m } = i, h = i.status ?? "ok", g = i.skipReason, _ = !1, v = !1;
+	if (h === "skipped") return {
+		currentRefType: p,
 		currentVersion: u,
 		isBreaking: !1,
 		hasUpdate: !1,
 		latestVersion: a,
 		publishedAt: l,
-		skipReason: m,
+		skipReason: g,
 		latestSha: c,
 		action: t,
-		status: p
+		status: h
 	};
-	if (d && isSha(d)) c ? h = !compareSha(d, c) : f && (h = !0);
+	if (d && isSha(d)) c ? _ = !compareSha(d, c) : f && (_ = !0);
 	else if (d && f) {
 		let e = semver.valid(d), n = semver.valid(f);
 		if (e && n) {
-			if (h = semver.lt(e, n), h) {
+			if (_ = semver.lt(e, n), _) {
 				let t = semver.major(e);
-				g = semver.major(n) > t;
+				v = semver.major(n) > t;
 			}
-			!h && semver.eq(e, n) && !isSha(t.version) && c && (h = !0, g = !1);
-		} else d !== f && (h = !0);
+			!_ && semver.eq(e, n) && !isSha(t.version) && c && m === "sha" && (_ = !0, v = !1);
+		} else d !== f && (_ = !0);
 	}
 	return {
+		currentRefType: p,
 		currentVersion: u,
 		latestVersion: a,
 		publishedAt: l,
-		isBreaking: g,
-		skipReason: m,
+		isBreaking: v,
+		skipReason: g,
 		latestSha: c,
-		hasUpdate: h,
+		hasUpdate: _,
 		action: t,
-		status: p
+		status: h
 	};
 }
 function compareSha(e, t) {
@@ -226,6 +247,9 @@ function isSha(e) {
 	let t = e.replace(/^v/u, "");
 	return /^[0-9a-f]{7,40}$/iu.test(t);
 }
+function deriveCurrentReferenceType(e) {
+	return e ? isSha(e) ? "sha" : isSemverLike(e) ? "tag" : "unknown" : "unknown";
+}
 function isRateLimitError(e) {
 	return e instanceof Error && e.name === "GitHubRateLimitError";
 }

package/dist/core/ast/update/apply-updates.d.ts

@@ -1,6 +1,6 @@
 import { ActionUpdate } from '../../../types/action-update';
 /**
- * Apply updates using SHA with version in comment for readability.
+ * Apply updates using the already-resolved target refs.
  *
  * @param updates - Array of updates to apply.
  */

package/dist/core/ast/update/apply-updates.js

@@ -1,40 +1,53 @@
 import { readFile, writeFile } from "node:fs/promises";
-async function applyUpdates(n) {
-	let r = /* @__PURE__ */ new Map();
-	for (let e of n) {
-		let { file: t } = e.action;
-		if (!t) continue;
-		let n = r.get(t) ?? [];
-		n.push(e), r.set(t, n);
+async function applyUpdates(r) {
+	let i = /* @__PURE__ */ new Map();
+	for (let e of r) {
+		let { file: n } = e.action;
+		if (!n) continue;
+		let r = i.get(n) ?? [];
+		r.push(e), i.set(n, r);
 	}
-	let i = [...r.entries()].map(async ([n, r]) => {
-		let i = await readFile(n, "utf8");
-		for (let e of r) {
-			if (!e.latestSha) continue;
-			function t(e) {
+	let a = [...i.entries()].map(async ([r, i]) => {
+		let a = await readFile(r, "utf8");
+		for (let e of i) {
+			let n = e.targetRef ?? e.latestSha, r = e.targetRefStyle ?? (e.latestSha ? "sha" : null);
+			if (!n || !r) continue;
+			function i(e) {
 				return e.replaceAll(/[$()*+\-./?[\\\]^{|}]/gu, String.raw`\$&`);
 			}
-			let n = t(e.action.name), r = e.currentVersion ? t(e.currentVersion) : "";
-			if (n.includes("\n") || n.includes("\r")) {
+			let o = i(e.action.name), s = e.currentVersion ? i(e.currentVersion) : "";
+			if (o.includes("\n") || o.includes("\r")) {
 				console.error(`Invalid action name: ${e.action.name}`);
 				continue;
 			}
-			if (r && (r.includes("\n") || r.includes("\r"))) {
+			if (s && (s.includes("\n") || s.includes("\r"))) {
 				console.error(`Invalid version: ${e.currentVersion}`);
 				continue;
 			}
-			if (!/^[\da-f]{40}$/iu.test(e.latestSha)) {
-				console.error(`Invalid SHA format: ${e.latestSha}`);
+			if (n.includes("\n") || n.includes("\r") || n.trim() === "") {
+				console.error(`Invalid target ref: ${n}`);
 				continue;
 			}
-			let a = String.raw`['"]?\buses\b['"]?\s*:\s*`, o = String.raw`(?:^[^\S\n]*(?:-[^\S\n]*)?|[{\[,][^\S\n]*)` + a, s = new RegExp(String.raw`(?<prefix>${o})` + String.raw`(?<quote>['"]?)` + String.raw`(?<name>${n})@${r}` + String.raw`\k<quote>` + String.raw`(?<after>[ \t\]}{,]*)` + String.raw`(?<comment>[^\S\r\n]*#[^\r\n]*)?`, "gm");
-			i = i.replace(s, (t, ...n) => {
-				let i = n.at(-3), a = n.at(-2), o = n.at(-1), s = a.indexOf("\n", i + t.length), c = (s === -1 ? a.slice(i + t.length) : a.slice(i + t.length, s)).trim().length > 0, l = o.after.endsWith(" ") ? "" : " ", u = c && !o.comment && r !== "" ? "" : `${l}# ${e.latestVersion}`;
-				return `${`${o.prefix}${o.quote}${o.name}`}@${`${e.latestSha}${o.quote}${o.after}${u}`}`;
+			if (r === "sha" && !/^[\da-f]{40}$/iu.test(n)) {
+				console.error(`Invalid SHA format: ${n}`);
+				continue;
+			}
+			let c = String.raw`['"]?\buses\b['"]?\s*:\s*`, l = String.raw`(?:^[^\S\n]*(?:-[^\S\n]*)?|[{\[,][^\S\n]*)` + c, u = new RegExp(String.raw`(?<prefix>${l})` + String.raw`(?<quote>['"]?)` + String.raw`(?<name>${o})@${s}` + String.raw`\k<quote>` + String.raw`(?<after>[ \t\]}{,]*)` + String.raw`(?<comment>[^\S\r\n]*#[^\r\n]*)?`, "gm");
+			a = a.replace(u, (i, ...a) => {
+				let o = a.at(-3), c = a.at(-2), l = a.at(-1), u = c.indexOf("\n", o + i.length), d = (u === -1 ? c.slice(o + i.length) : c.slice(o + i.length, u)).trim().length > 0, f = l.after.endsWith(" ") ? "" : " ", p = "";
+				if (r === "sha") p = d && !l.comment && s !== "" ? "" : `${f}# ${e.latestVersion}`;
+				else if (l.comment && !looksLikeInlineVersionComment(l.comment)) {
+					let { comment: e } = l;
+					p = e;
+				}
+				return `${`${l.prefix}${l.quote}${l.name}`}@${`${n}${l.quote}${l.after}${p}`}`;
 			});
 		}
-		await writeFile(n, i, "utf8");
+		await writeFile(r, a, "utf8");
 	});
-	await Promise.all(i);
+	await Promise.all(a);
+}
+function looksLikeInlineVersionComment(e) {
+	return /^#\s*[Vv]?\d+(?:\.\d+){0,2}(?:[+-][\w\-.]+)?\s*$/u.test(e.trim());
 }
 export { applyUpdates };