Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump @actions/core from 1.10.0 to 1.10.1 #286

Merged
merged 1 commit into from
Oct 8, 2023
Merged

chore(deps): bump @actions/core from 1.10.0 to 1.10.1 #286

merged 1 commit into from
Oct 8, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 12, 2023

Bumps @actions/core from 1.10.0 to 1.10.1.

Changelog

Sourced from @​actions/core's changelog.

1.10.1

  • Fix error message reference in oidc utils #1511
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump @actions/core from 1.10.0 to 1.10.1
b5a3458 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.10.0 to 1.10.1.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 12, 2023
@github-actions
Copy link

Current branch is dependabot/npm_and_yarn/actions/core-1.10.1.
(execution 6155349206 / attempt 1)

@github-actions
Copy link

Comment Pull Request - GitHub Actions

What is it ?

A GitHub action that comments with a given message the pull request linked to the pushed branch.
You can even put dynamic data thanks to Contexts and expression syntax.

Usage

Classic usage

on: pull_request

jobs:
  example_comment_pr:
    runs-on: ubuntu-latest
    name: An example job to comment a PR
    steps:
      - name: Checkout
        uses: actions/checkout@v3

      - name: Comment PR
        uses: thollander/actions-comment-pull-request@v2
        with:
          message: |
            Hello world ! :wave:

Comment a file content

Thanks to the filePath input, a file content can be commented.
You can either pass an absolute filePath or a relative one that will be by default retrieved from GITHUB_WORKSPACE.
(Note that if both a message and filePath are provided, message will take precedence.)

- name: PR comment with file
  uses: thollander/actions-comment-pull-request@v2
  with:
    filePath: /path/to/file.txt

Setting reactions

You can also set some reactions on your comments through the reactions input.
It takes only valid reactions and adds it to the comment you've just created. (See https://docs.github.com/en/rest/reactions#reaction-types)

- name: PR comment with reactions
  uses: thollander/actions-comment-pull-request@v2
  with:
    message: |
      Hello world ! :wave:
    reactions: eyes, rocket

Specifying which pull request to comment on

You can explicitly input which pull request should be commented on by passing the pr_number input.
That is particularly useful for manual workflow for instance (workflow_run).

...
- name: Comment PR
  uses: thollander/actions-comment-pull-request@v2
  with:
    message: |
      Hello world ! :wave:
    pr_number: 123 # This will comment on pull request #123

Update a comment

Editing an existing comment is also possible thanks to the comment_tag input.

Thanks to this parameter, it will be possible to identify your comment and then to upsert on it.
If the comment is not found at first, it will create a new comment.

That is particularly interesting while committing multiple times in a PR and that you just want to have the last execution report printed. It avoids flooding the PR.

...
- name: Comment PR with execution number
  uses: thollander/actions-comment-pull-request@v2
  with:
    message: |
      _(execution **${{ github.run_id }}** / attempt **${{ github.run_attempt }}**)_
    comment_tag: execution

Note: the input mode can be used to either upsert (by default) or recreate the comment (= delete and create)

Delete a comment

Deleting an existing comment is also possible thanks to the comment_tag input combined with mode: delete.

This will delete the comment at the end of the job.

...
- name: Write a comment that will be deleted at the end of the job
  uses: thollander/actions-comment-pull-request@v2
  with:
    message: |
      The PR is being built...
    comment_tag: to_delete
    mode: delete

Inputs

Action inputs

Name Description Required Default
GITHUB_TOKEN Token that is used to create comments. Defaults to ${{ github.token }}
message Comment body
filePath Path of the file that should be commented
reactions List of reactions for the comment (comma separated). See https://docs.github.com/en/rest/reactions#reaction-types
pr_number The number of the pull request where to create the comment current pull-request/issue number (deduced from context)
comment_tag A tag on your comment that will be used to identify a comment in case of replacement
mode Mode that will be used to update comment (upsert/recreate/delete) upsert
create_if_not_exists Whether a comment should be created even if comment_tag is not found true

Permissions

Depending on the permissions granted to your token, you may lack some rights.
To run successfully, this actions needs at least :

permissions: 
   pull-requests: write

Add this in case you get Resource not accessible by integration error.
See jobs.<job_id>.permissions for more information.

Note that, if the PR comes from a fork, it will have only read permission despite the permissions given in the action for the pull_request event.
In this case, you may use the pull_request_target event. With this event, permissions can be given without issue (the difference is that it will execute the action from the target branch and not from the origin PR).

Contributing

Build

The build steps transpiles the src/main.ts to lib/index.js which is used in a NodeJS environment.
It is handled by vercel/ncc compiler.

$ npm run build

@github-actions
Copy link

Content of file referenced with absolute path

@thollander thollander merged commit f34bce5 into main Oct 8, 2023
3 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/actions/core-1.10.1 branch October 8, 2023 09:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thollander thollander thollander approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@thollander