actions-up 1.4.1 → 1.5.0

package/dist/cli/index.js

@@ -11,11 +11,11 @@ import pc from "picocolors";
 import cac from "cac";
 function run() {
 	let l = cac("actions-up");
-	l.help().version(version).option("--dry-run", "Preview changes without applying them").option("--exclude <regex>", "Exclude actions by regex (repeatable)").option("--yes, -y", "Skip all confirmations").command("", "Update GitHub Actions").action(async (s) => {
+	l.help().version(version).option("--dir <directory>", "Custom directory name (default: .github)").option("--dry-run", "Preview changes without applying them").option("--exclude <regex>", "Exclude actions by regex (repeatable)").option("--yes, -y", "Skip all confirmations").command("", "Update GitHub Actions").action(async (s) => {
 		console.info(pc.cyan("\n🚀 Actions Up!\n"));
 		let c = createSpinner("Scanning GitHub Actions...").start();
 		try {
-			let l = await scanGitHubActions(process.cwd()), u = l.actions.length, d = l.workflows.size, f = l.compositeActions.size;
+			let l = await scanGitHubActions(process.cwd(), s.dir), u = l.actions.length, d = l.workflows.size, f = l.compositeActions.size;
 			if (c.success(`Found ${pc.yellow(u)} actions in ${pc.yellow(d)} workflows and ${pc.yellow(f)} composite actions`), u === 0) {
 				console.info(pc.green("\n✨ No GitHub Actions found in this repository"));
 				return;

package/dist/core/api/check-updates.js

@@ -163,7 +163,6 @@ function createUpdate(e, r, i) {
 	};
 }
 function compareSha(e, n) {
-	if (!e || !n) return !1;
 	let r = e.replace(/^v/u, ""), i = n.replace(/^v/u, ""), a = Math.min(r.length, i.length);
 	return a < 7 ? !1 : r.slice(0, Math.max(0, a)).toLowerCase() === i.slice(0, Math.max(0, a)).toLowerCase();
 }

package/dist/core/api/make-request.js

@@ -19,10 +19,9 @@ async function makeRequest(t, n, r = {}) {
 		}
 		throw e;
 	}
-	let s = await a.json();
 	return {
 		headers: o,
-		data: s
+		data: await a.json()
 	};
 }
 export { makeRequest };

package/dist/core/api/resolve-github-token-sync.js

@@ -19,20 +19,20 @@ function resolveGitHubTokenSync() {
 		if (e) return e;
 	} catch {}
 	try {
-		let t = join(process.cwd(), ".git", "config"), r = readFileSync(t, "utf8"), i = r.match(/^\s*(?:github\.(?:oauth-token|token)|hub\.oauthtoken)\s*=\s*(?<token>\S[^\n\r]*)$/mu)?.groups?.token?.trim();
-		if (i) return i;
-		let a = null;
-		for (let e of r.split(/\r?\n/u)) {
+		let t = readFileSync(join(process.cwd(), ".git", "config"), "utf8"), r = t.match(/^\s*(?:github\.(?:oauth-token|token)|hub\.oauthtoken)\s*=\s*(?<token>\S[^\n\r]*)$/mu)?.groups?.token?.trim();
+		if (r) return r;
+		let i = null;
+		for (let e of t.split(/\r?\n/u)) {
 			let t = e.trim(), n = t.match(/^\[(?<name>[^\]]+)\]$/u);
 			if (n?.groups) {
-				a = n.groups.name.toLowerCase();
+				i = n.groups.name.toLowerCase();
 				continue;
 			}
-			if (a === "github") {
+			if (i === "github") {
 				let e = t.match(/^(?:oauth-token|token)\s*=\s*(?<val>\S[^\n\r]*)$/u);
 				if (e?.groups?.val) return e.groups.val.trim();
 			}
-			if (a === "hub") {
+			if (i === "hub") {
 				let e = t.match(/^oauthtoken\s*=\s*(?<val>\S[^\n\r]*)$/u);
 				if (e?.groups?.val) return e.groups.val.trim();
 			}

package/dist/core/ast/scanners/scan-workflow-ast.js

@@ -5,17 +5,15 @@ import { isPair } from "../guards/is-pair.js";
 import { extractUsesFromSteps } from "../utils/extract-uses-from-steps.js";
 import { findMapPair } from "../utils/find-map-pair.js";
 function scanWorkflowAst(o, s, c) {
-	let l = o.toJSON();
-	if (!isWorkflowStructure(l) || !o.contents || !isYAMLMap(o.contents)) return [];
-	let u = findMapPair(o.contents, "jobs");
-	if (!u?.value || !isYAMLMap(u.value)) return [];
-	let d = [];
-	for (let e of u.value.items) {
+	if (!isWorkflowStructure(o.toJSON()) || !o.contents || !isYAMLMap(o.contents)) return [];
+	let l = findMapPair(o.contents, "jobs");
+	if (!l?.value || !isYAMLMap(l.value)) return [];
+	let u = [];
+	for (let e of l.value.items) {
 		if (!isPair(e) || !e.value || !isNode(e.value) || !isYAMLMap(e.value)) continue;
 		let o = findMapPair(e.value, "steps");
-		if (!o?.value) continue;
-		d.push(...extractUsesFromSteps(o.value, c, s));
+		o?.value && u.push(...extractUsesFromSteps(o.value, c, s));
 	}
-	return d;
+	return u;
 }
 export { scanWorkflowAst };

package/dist/core/ast/update/apply-updates.js

@@ -27,7 +27,7 @@ async function applyUpdates(n) {
 				console.error(`Invalid SHA format: ${e.latestSha}`);
 				continue;
 			}
-			let a = r ? String.raw`(?=[^\S\r\n]|$|#)` : "", o = RegExp(`(^\\s*-?\\s*uses:\\s*)(['"]?)(${n})@${r}\\2${a}([^\\S\\r\\n]*#[^\\r\\n]*)?`, "gm"), s = `$1$2$3@${e.latestSha}$2 # ${e.latestVersion}`;
+			let a = r ? String.raw`(?=[^\S\r\n]|$|#)` : "", o = new RegExp(String.raw`(^\s*-?\s*uses:\s*)(['"]?)(${n})@${r}\2${a}([^\S\r\n]*#[^\r\n]*)?`, "gm"), s = `$1$2$3@${e.latestSha}$2 # ${e.latestVersion}`;
 			i = i.replace(o, s);
 		}
 		await writeFile(n, i, "utf8");

package/dist/core/interactive/pad-string.js

@@ -1,8 +1,6 @@
 import { stripAnsi } from "./strip-ansi.js";
 function padString(t, n) {
-	let r = stripAnsi(t), i = n - r.length;
-	if (i <= 0) return t;
-	let a = " ".repeat(i);
-	return t + a;
+	let r = n - stripAnsi(t).length;
+	return r <= 0 ? t : t + " ".repeat(r);
 }
 export { padString };

package/dist/core/interactive/prompt-update-selection.js

@@ -7,98 +7,97 @@ import pc from "picocolors";
 import { readFile } from "node:fs/promises";
 import enquirer from "enquirer";
 import path from "node:path";
-async function promptUpdateSelection(a) {
-	if (a.length === 0) return null;
-	let s = a.filter((e) => e.hasUpdate);
-	if (s.length === 0) return console.info(pc.green("✓ All actions are up to date!")), null;
-	let u = /* @__PURE__ */ new Map();
-	for (let [e, i] of s.entries()) {
-		let a = i.action.file ?? "unknown file", o = path.relative(path.join(process.cwd(), GITHUB_DIRECTORY), a);
-		o === "" && (o = a);
-		let s = u.get(o) ?? [];
-		s.push({
-			update: i,
+var MIN_ACTION_WIDTH = 56, MIN_CURRENT_WIDTH = 16;
+async function promptUpdateSelection(o) {
+	if (o.length === 0) return null;
+	let c = o.filter((e) => e.hasUpdate);
+	if (c.length === 0) return console.info(pc.green("✓ All actions are up to date!")), null;
+	let p = /* @__PURE__ */ new Map();
+	for (let [e, a] of c.entries()) {
+		let o = a.action.file ?? "unknown file", s = path.relative(path.join(process.cwd(), GITHUB_DIRECTORY), o);
+		s === "" && (s = o);
+		let c = p.get(s) ?? [];
+		c.push({
+			update: a,
 			index: e
-		}), u.set(o, s);
+		}), p.set(s, c);
 	}
-	let p = await Promise.all(s.map(async (e) => {
-		let r = formatVersionOrSha(e.currentVersion), i = e.currentVersion ?? void 0;
+	let g = await Promise.all(c.map(async (e) => {
+		let i = formatVersionOrSha(e.currentVersion), a = e.currentVersion ?? void 0;
 		if (!e.currentVersion || !isSha(e.currentVersion)) return {
-			effectiveForDiff: i,
-			display: r
+			effectiveForDiff: a,
+			display: i
 		};
-		let a = await tryReadInlineVersionComment(e.action.file, e.action.line);
-		if (a) {
-			let s = e.currentVersion.slice(0, 7);
-			r = `${formatVersionOrSha(a)} ${pc.gray(`(${s})`)}`, i = a;
+		let o = await tryReadInlineVersionComment(e.action.file, e.action.line);
+		if (o) {
+			let c = e.currentVersion.slice(0, 7);
+			i = `${formatVersionOrSha(o)} ${pc.gray(`(${c})`)}`, a = o;
 		}
 		return {
-			effectiveForDiff: i,
-			display: r
+			effectiveForDiff: a,
+			display: i
 		};
-	})), m = [], h = stripAnsi("Action").length, g = stripAnsi("Current").length;
-	for (let [e, r] of s.entries()) {
-		let a = r.action.name, o = p[e].display;
-		h = Math.max(h, a.length), g = Math.max(g, stripAnsi(o).length);
+	})), _ = [], v = stripAnsi("Action").length, y = stripAnsi("Current").length;
+	for (let [e, i] of c.entries()) {
+		let o = i.action.name, s = g[e].display;
+		v = Math.max(v, o.length), y = Math.max(y, stripAnsi(s).length);
 	}
-	let _ = Math.max(h, 56), v = Math.max(g, 16), y = [...u.keys()].toSorted();
-	for (let [r, i] of y.entries()) {
-		let a = u.get(i);
-		if (!a) {
-			console.warn(`Unexpected missing group for file: ${i}`);
+	let b = Math.max(v, MIN_ACTION_WIDTH), x = Math.max(y, MIN_CURRENT_WIDTH), S = [...p.keys()].toSorted();
+	for (let [i, a] of S.entries()) {
+		let o = p.get(a);
+		if (!o) {
+			console.warn(`Unexpected missing group for file: ${a}`);
 			continue;
 		}
-		let s = [], c = a;
-		s.push({
+		let c = [], l = o;
+		c.push({
 			current: "Current",
 			action: "Action",
 			target: "Target",
 			arrow: "❯"
 		});
-		for (let { update: r, index: i } of c) {
-			let a = !!r.latestSha, c = p[i].display, l = p[i]?.effectiveForDiff ?? r.currentVersion, u = formatVersion(r.latestVersion, l), d = r.action.name;
-			if (r.latestSha) {
-				let e = r.latestSha.slice(0, 7);
-				u = `${u} ${pc.gray(`(${e})`)}`;
+		for (let { update: i, index: a } of l) {
+			let o = !!i.latestSha, l = g[a].display, u = g[a]?.effectiveForDiff ?? i.currentVersion, d = formatVersion(i.latestVersion, u), f = i.action.name;
+			if (i.latestSha) {
+				let e = i.latestSha.slice(0, 7);
+				d = `${d} ${pc.gray(`(${e})`)}`;
 			}
-			a || (u = pc.gray(u), c = pc.gray(c), d = pc.gray(d)), s.push({
-				action: d,
-				target: u,
+			o || (d = pc.gray(d), l = pc.gray(l), f = pc.gray(f)), c.push({
+				action: f,
+				target: d,
 				arrow: "❯",
-				current: c
+				current: l
 			});
 		}
-		let l = Math.max(_, 56), d = Math.max(v, 16), f = [];
-		for (let [e, r] of s.entries()) {
-			let i = e === 0, a = formatTableRow(r, l, d);
-			if (i) f.push({
-				message: pc.gray(` ○ ${a}`),
+		let u = Math.max(b, MIN_ACTION_WIDTH), m = Math.max(x, MIN_CURRENT_WIDTH), h = [];
+		for (let [e, i] of c.entries()) {
+			let a = e === 0, o = formatTableRow(i, u, m);
+			if (a) h.push({
+				message: pc.gray(` ○ ${o}`),
 				role: "separator",
 				indent: "",
 				name: ""
 			});
 			else {
-				let r = c[e - 1];
-				if (!r) continue;
-				let { update: i, index: o } = r, s = !!i.latestSha, l = s && !i.isBreaking;
-				f.push({
-					message: a,
-					value: String(o),
-					name: String(o),
+				let { update: i, index: a } = l[e - 1], s = !!i.latestSha, c = s && !i.isBreaking;
+				h.push({
+					message: o,
+					value: String(a),
+					name: String(a),
 					disabled: !s,
 					indent: "",
-					enabled: l
+					enabled: c
 				});
 			}
 		}
-		m.push({
-			message: pc.gray(i),
-			value: `label|${i}`,
-			choices: f,
-			name: `label|${i}`,
+		_.push({
+			message: pc.gray(a),
+			value: `label|${a}`,
+			choices: h,
+			name: `label|${a}`,
 			isGroupLabel: !0,
 			enabled: !1
-		}), r < y.length - 1 && m.push({
+		}), i < S.length - 1 && _.push({
 			role: "separator",
 			message: " ",
 			name: ""
@@ -106,22 +105,22 @@ async function promptUpdateSelection(a) {
 	}
 	try {
 		let e = {
-			indicator(e, r) {
-				if (r.isGroupLabel) {
-					let e = (r.choices ?? []).filter((e) => !("role" in e)), i = e.length, a = e.filter((e) => !!e.enabled).length === i ? "●" : "○";
-					return ` ${pc.gray(a)}`;
+			indicator(e, i) {
+				if (i.isGroupLabel) {
+					let e = (i.choices ?? []).filter((e) => !("role" in e)), a = e.length, o = e.filter((e) => !!e.enabled).length === a ? "●" : "○";
+					return ` ${pc.gray(o)}`;
 				}
-				return `   ${r.enabled ? "●" : "○"}`;
+				return `   ${i.enabled ? "●" : "○"}`;
 			},
 			message: `Choose which actions to update (Press ${pc.cyan("<space>")} to select, ${pc.cyan("<a>")} to toggle all, ${pc.cyan("<i>")} to invert selection)`,
-			cancel() {
-				return console.info(pc.yellow("\nSelection cancelled")), null;
-			},
 			styles: {
 				success: pc.reset,
 				em: pc.bgBlack,
 				dark: pc.reset
 			},
+			cancel() {
+				return logSelectionCancelled(), null;
+			},
 			j() {
 				return this.down?.() ?? Promise.resolve([]);
 			},
@@ -132,49 +131,51 @@ async function promptUpdateSelection(a) {
 			type: "multiselect",
 			name: "selected",
 			pointer: "❯",
-			choices: m
-		}, { selected: r } = await enquirer.prompt(e), i = /* @__PURE__ */ new Set();
-		for (let e of r) {
+			choices: _
+		}, { selected: i } = await enquirer.prompt(e), a = /* @__PURE__ */ new Set();
+		for (let e of i) {
 			if (e.startsWith("label|")) {
-				let r = e.slice(6), a = u.get(r) ?? [];
-				for (let { update: e, index: r } of a) e.latestSha && i.add(r);
+				let i = e.slice(6), o = p.get(i) ?? [];
+				for (let { update: e, index: i } of o) e.latestSha && a.add(i);
 				continue;
 			}
-			let r = Number.parseInt(e, 10);
-			Number.isFinite(r) && i.add(r);
+			let i = Number.parseInt(e, 10);
+			Number.isFinite(i) && a.add(i);
 		}
-		let a = [];
-		for (let [e, r] of s.entries()) i.has(e) && r.latestSha && a.push(r);
-		return a.length === 0 ? (console.info(pc.yellow("\nNo actions selected")), null) : a;
+		let o = [];
+		for (let [e, i] of c.entries()) a.has(e) && i.latestSha && o.push(i);
+		return o.length === 0 ? (console.info(pc.yellow("\nNo actions selected")), null) : o;
 	} catch (e) {
-		if (e instanceof Error && (e.message.includes("cancelled") || e.message.includes("ESC") || e.name === "ExitPromptError")) return console.info(pc.yellow("\nSelection cancelled")), null;
+		if (e instanceof Error && (e.message.includes("cancelled") || e.message.includes("ESC") || e.name === "ExitPromptError")) return logSelectionCancelled(), null;
 		throw console.error(pc.red("Unexpected error during selection:"), e), e;
 	}
 }
-async function tryReadInlineVersionComment(e, r) {
+async function tryReadInlineVersionComment(e, i) {
 	try {
-		if (!e || !r || r <= 0) return null;
-		let i = (await readFile(e, "utf8")).split("\n"), a = r - 1;
-		if (a < 0 || a >= i.length) return null;
-		let o = i[a].match(/#\s*(?<version>[Vv]?\d+(?:\.\d+){0,2}(?:[+-][\w\-.]+)?)/u);
-		if (o?.groups?.version) return o.groups.version;
+		if (!e || !i || i <= 0) return null;
+		let a = (await readFile(e, "utf8")).split("\n"), o = i - 1;
+		if (o < 0 || o >= a.length) return null;
+		let s = a[o].match(/#\s*(?<version>[Vv]?\d+(?:\.\d+){0,2}(?:[+-][\w\-.]+)?)/u);
+		if (s?.groups?.version) return s.groups.version;
 	} catch {}
 	return null;
 }
-function formatTableRow(e, r, i) {
+function formatTableRow(e, i, a) {
 	return [
-		padString(e.action, r),
-		padString(e.current, i),
+		padString(e.action, i),
+		padString(e.current, a),
 		e.arrow,
 		e.target
 	].join("  ").replace(/\s+$/u, "");
 }
 function isSha(e) {
-	if (!e) return !1;
-	let r = e.replace(/^v/u, "");
-	return /^[0-9a-f]{7,40}$/iu.test(r);
+	let i = e.replace(/^v/u, "");
+	return /^[0-9a-f]{7,40}$/iu.test(i);
 }
 function formatVersionOrSha(e) {
 	return e ? isSha(e) ? e.slice(0, 7) : e.replace(/^v/u, "") : pc.gray("unknown");
 }
+function logSelectionCancelled() {
+	console.info(`\r\u001B[K${pc.yellow("Selection cancelled")}`);
+}
 export { promptUpdateSelection };

package/dist/core/scan-github-actions.d.ts

@@ -8,10 +8,12 @@ import { ScanResult } from '../types/scan-result';
  *
  * @param rootPath - The root path of the repository to scan. Defaults to
  *   current working directory.
+ * @param ciDirectory - The CI directory name (e.g., '.github' or '.gitea').
+ *   Defaults to '.github'.
  * @returns A promise that resolves to a ScanResult containing:
  *
  *   - Workflows: Map of workflow file paths to their referenced actions
  *   - CompositeActions: Map of composite action names to their directory paths
  *   - Actions: Flat array of all discovered GitHub Actions.
  */
-export declare function scanGitHubActions(rootPath?: string): Promise<ScanResult>;
+export declare function scanGitHubActions(rootPath?: string, ciDirectory?: string): Promise<ScanResult>;

package/dist/core/scan-github-actions.js

@@ -4,97 +4,85 @@ import { scanActionFile } from "./scan-action-file.js";
 import { isYamlFile } from "./fs/is-yaml-file.js";
 import { readFile, readdir, stat } from "node:fs/promises";
 import { isAbsolute, join, relative, resolve } from "node:path";
-async function scanGitHubActions(d = process.cwd()) {
-	let m = {
+async function scanGitHubActions(d = process.cwd(), m = GITHUB_DIRECTORY) {
+	let h = {
 		compositeActions: /* @__PURE__ */ new Map(),
 		workflows: /* @__PURE__ */ new Map(),
 		actions: []
-	}, h = resolve(d);
-	function g(e, o) {
+	}, g = resolve(d);
+	function _(e, o) {
 		let s = relative(e, o);
 		return s !== "" && !s.startsWith("..") && !isAbsolute(s);
 	}
-	let _ = join(h, GITHUB_DIRECTORY);
-	if (!g(h, _)) throw Error("Invalid path: detected path traversal attempt");
-	function v(e) {
+	let v = join(g, m);
+	if (!_(g, v)) throw Error("Invalid path: detected path traversal attempt");
+	function y(e) {
 		return e.includes("..") || e.includes("/") || e.includes("\\") ? (console.warn(`Skipping invalid name: ${e}`), !1) : !0;
 	}
-	let y = join(_, WORKFLOWS_DIRECTORY);
-	if (!g(h, y)) return m;
+	let b = join(v, WORKFLOWS_DIRECTORY);
 	try {
-		if ((await stat(y)).isDirectory()) {
-			let e = (await readdir(y)).filter((e) => v(e) ? isYamlFile(e) : !1).map(async (e) => {
-				let l = join(y, e);
-				if (!g(y, l)) return console.warn(`Skipping file outside workflows directory: ${e}`), {
-					success: !1,
-					actions: [],
-					path: ""
-				};
+		if ((await stat(b)).isDirectory()) {
+			let e = (await readdir(b)).filter((e) => y(e) ? isYamlFile(e) : !1).map(async (e) => {
+				let o = join(b, e);
 				try {
-					let u = await scanWorkflowFile(l);
+					let l = await scanWorkflowFile(o);
 					return {
-						path: `${GITHUB_DIRECTORY}/${WORKFLOWS_DIRECTORY}/${e}`,
+						path: `${m}/${WORKFLOWS_DIRECTORY}/${e}`,
 						success: !0,
-						actions: u
+						actions: l
 					};
 				} catch {
 					return {
-						path: `${GITHUB_DIRECTORY}/${WORKFLOWS_DIRECTORY}/${e}`,
+						path: `${m}/${WORKFLOWS_DIRECTORY}/${e}`,
 						success: !1,
 						actions: []
 					};
 				}
-			}), l = await Promise.all(e);
-			for (let e of l) e.success && e.path && (e.actions.length > 0 ? (m.workflows.set(e.path, e.actions), m.actions.push(...e.actions)) : m.workflows.set(e.path, []));
+			}), o = await Promise.all(e);
+			for (let e of o) e.success && e.path && (e.actions.length > 0 ? (h.workflows.set(e.path, e.actions), h.actions.push(...e.actions)) : h.workflows.set(e.path, []));
 		}
 	} catch {}
-	let b = join(_, ACTIONS_DIRECTORY);
-	if (!g(h, b)) return m;
+	let x = join(v, ACTIONS_DIRECTORY);
 	try {
-		if ((await stat(b)).isDirectory()) {
-			let s = (await readdir(b)).map(async (s) => {
-				if (!v(s)) return null;
-				let c = join(b, s);
-				if (!g(b, c)) return console.warn(`Skipping subdirectory outside actions path: ${s}`), null;
+		if ((await stat(x)).isDirectory()) {
+			let o = (await readdir(x)).map(async (o) => {
+				if (!y(o)) return null;
+				let s = join(x, o);
 				try {
-					if (!(await stat(c)).isDirectory()) return null;
-					let u = join(c, "action.yml");
-					if (!g(c, u)) return null;
-					let d = [];
+					if (!(await stat(s)).isDirectory()) return null;
+					let c = join(s, "action.yml"), u = [];
 					try {
-						d = await scanActionFile(u);
+						u = await scanActionFile(c);
 					} catch {
 						try {
-							if (u = join(c, "action.yaml"), !g(c, u)) return null;
-							d = await scanActionFile(u);
+							c = join(s, "action.yaml"), u = await scanActionFile(c);
 						} catch {
 							return null;
 						}
 					}
 					return {
-						path: `${GITHUB_DIRECTORY}/${ACTIONS_DIRECTORY}/${s}`,
-						name: s,
-						actions: d
+						path: `${m}/${ACTIONS_DIRECTORY}/${o}`,
+						name: o,
+						actions: u
 					};
 				} catch {
 					return null;
 				}
-			}), c = await Promise.all(s);
-			for (let e of c) e && (m.compositeActions.set(e.name, e.path), m.actions.push(...e.actions));
+			}), s = await Promise.all(o);
+			for (let e of s) e && (h.compositeActions.set(e.name, e.path), h.actions.push(...e.actions));
 		}
 	} catch {}
 	try {
-		let e = await getCurrentRepoSlug(h);
+		let e = await getCurrentRepoSlug(g);
 		if (e) {
 			if (process.env.ACTIONS_UP_TEST_THROW === "1") throw Error("test");
 			let o = /* @__PURE__ */ new Set(), s = [];
-			for (let c of m.actions) {
+			for (let c of h.actions) {
 				if (c.type !== "external") continue;
 				let l = c.name.split("/");
 				if (l.length < 3 || `${l[0]}/${l[1]}` !== e) continue;
-				let u = join(h, ...l.slice(2));
-				if (!g(h, u) || o.has(u)) continue;
-				o.add(u), s.push(u);
+				let u = join(g, ...l.slice(2));
+				_(g, u) && (o.has(u) || (o.add(u), s.push(u)));
 			}
 			async function c() {
 				if (s.length === 0) return;
@@ -108,15 +96,14 @@ async function scanGitHubActions(d = process.cwd()) {
 							d = u;
 						}
 						let f = await scanActionFile(d);
-						f.length > 0 && m.actions.push(...f);
+						f.length > 0 && h.actions.push(...f);
 						let p = [];
 						for (let s of f) {
 							if (s.type !== "external") continue;
 							let c = s.name.split("/");
 							if (c.length < 3 || `${c[0]}/${c[1]}` !== e) continue;
-							let l = join(h, ...c.slice(2));
-							if (!g(h, l) || o.has(l)) continue;
-							o.add(l), p.push(l);
+							let l = join(g, ...c.slice(2));
+							_(g, l) && (o.has(l) || (o.add(l), p.push(l)));
 						}
 						return p;
 					} catch {
@@ -129,16 +116,16 @@ async function scanGitHubActions(d = process.cwd()) {
 			await c();
 		}
 	} catch {}
-	return m;
+	return h;
 }
 async function getCurrentRepoSlug(e) {
 	let o = process.env.GITHUB_REPOSITORY;
 	if (o && /^[^\s/]+\/[^\s/]+$/u.test(o)) return o;
 	try {
-		let o = join(e, ".git", "config"), s = await readFile(o, "utf8"), c = s.match(/\[remote "origin"\][\s\S]*?url\s*=\s*(?<url>.+)/u)?.groups?.url?.trim();
-		if (c ||= s.match(/url\s*=\s*(?<url>.+)/u)?.groups?.url?.trim(), !c) return null;
-		let l = c.match(/github\.com[/:](?<owner>[^/]+)\/(?<repo>[^./]+)(?:\.git)?$/u);
-		if (l?.groups) return `${l.groups.owner}/${l.groups.repo}`;
+		let o = await readFile(join(e, ".git", "config"), "utf8"), s = o.match(/\[remote "origin"\][\s\S]*?url\s*=\s*(?<url>.+)/u)?.groups?.url?.trim();
+		if (s ||= o.match(/url\s*=\s*(?<url>.+)/u)?.groups?.url?.trim(), !s) return null;
+		let c = s.match(/github\.com[/:](?<owner>[^/]+)\/(?<repo>[^./]+)(?:\.git)?$/u);
+		if (c?.groups) return `${c.groups.owner}/${c.groups.repo}`;
 	} catch {}
 	return null;
 }

package/dist/package.js

@@ -1,2 +1,2 @@
-const version = "1.4.1";
+const version = "1.5.0";
 export { version };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "actions-up",
-  "version": "1.4.1",
+  "version": "1.5.0",
   "description": "Interactive CLI tool to update GitHub Actions to latest versions with SHA pinning",
   "keywords": [
     "github-actions",
@@ -40,7 +40,7 @@
     "enquirer": "^2.4.1",
     "nanospinner": "^1.2.2",
     "picocolors": "^1.1.1",
-    "semver": "^7.7.2",
+    "semver": "^7.7.3",
     "yaml": "^2.8.1"
   },
   "engines": {

package/readme.md

@@ -122,6 +122,14 @@ Check for updates without making any changes:
 npx actions-up --dry-run
 ```
 
+### Custom Directory
+
+By default, Actions Up scans the `.github` directory. You can specify a different directory (e.g., for Gitea):
+
+```bash
+npx actions-up --dir .gitea
+```
+
 ## GitHub Actions Integration
 
 ### Automated PR Checks