v1.6.6

• inputs and secrets objects are now typed looking at workflow_call event at on:. See the document for more details.
  • inputs object is typed with definitions at on.workflow_call.inputs. When the workflow is not callable, it is typed at {} (empty object) so any inputs.* access causes a type error.
  • secrets object is typed with definitions at on.workflow_call.secrets.

  on:
    workflow_call:
      # `inputs` object is typed {url: string; lucky_number: number}
      inputs:
        url:
          description: 'your URL'
          type: string
        lucky_number:
          description: 'your lucky number'
          type: number
      # `secrets` object is typed {user: string; credential: string}
      secrets:
        user:
          description: 'your user name'
        credential:
          description: 'your credential'
  jobs:
    test:
      runs-on: ubuntu-20.04
      steps:
        - name: Send data
          # ERROR: uri is typo of url
          run: curl ${{ inputs.uri }} -d ${{ inputs.lucky_number }}
          env:
            # ERROR: credentials is typo of credential
            TOKEN: ${{ secrets.credentials }}

• id-token is added to permissions (thanks @cmmarslender, #62).
• Report an error on nested workflow calls since it is not allowed.

  on:
    # This workflow is reusable
    workflow_call:
  
  jobs:
    test:
      # ERROR: Nested workflow call is not allowed
      uses: owner/repo/path/to/workflow.yml@ref

• Parse uses: at reusable workflow call more strictly following {owner}/{repo}/{path}@{ref} format.
• Popular actions data set was updated to the latest (#61).
• Dependencies of playground were updated to the latest (including eslint v8).