Use the Actions artifacts client to avoid needing the actions-read permission

package.json

@@ -4,6 +4,7 @@
   "description": "Deploy an actions artifact to GitHub Pages",
   "main": "./dist/index.js",
   "dependencies": {
+    "@actions/artifact": "^2.0.0",
     "@actions/core": "^1.10.1",
     "@actions/github": "^6.0.0"
   },

src/internal/api-client.js

@@ -1,47 +1,38 @@
 const core = require('@actions/core')
 const github = require('@actions/github')
+const { DefaultArtifactClient } = require('@actions/artifact')
 
-async function getArtifactMetadata({ githubToken, runId, artifactName }) {
+async function getArtifactMetadata({ artifactName }) {
-  const octokit = github.getOctokit(githubToken)
+  const artifactClient = new DefaultArtifactClient()
 
   try {
-    core.info(`Fetching artifact metadata for ${artifactName} in run ${runId}`)
+    core.info(`Fetching artifact metadata for ${artifactName} in this workflow run`)
 
-    const response = await octokit.request(
+    const response = await artifactClient.listArtifacts()
-      'GET /repos/{owner}/{repo}/actions/runs/{run_id}/artifacts?name={artifactName}',
-      {
-        owner: github.context.repo.owner,
-        repo: github.context.repo.repo,
-        run_id: runId,
-        artifactName: artifactName
-      }
-    )
 
-    const artifactCount = response.data.total_count
+    const filteredArtifacts = response.artifacts.filter(artifact => artifact.name === artifactName)
+
+    const artifactCount = filteredArtifacts.length
     core.debug(`List artifact count: ${artifactCount}`)
 
     if (artifactCount === 0) {
       throw new Error(
-        `No artifacts found for workflow run ${runId}. Ensure artifacts are uploaded with actions/artifact@v4 or later.`
+        'No artifacts found for this workflow run. Ensure artifacts are uploaded with actions/artifact@v4 or later.'
       )
     } else if (artifactCount > 1) {
       throw new Error(
-        `Multiple artifact unexpectedly found for workflow run ${runId}. Artifact count is ${artifactCount}.`
+        `Multiple artifacts unexpectedly found for this workflow run. Artifact count is ${artifactCount}.`
       )
     }
 
-    const artifact = response.data.artifacts[0]
+    const artifact = filteredArtifacts[0]
     core.debug(`Artifact: ${JSON.stringify(artifact)}`)
 
-    const artifactSize = artifact.size_in_bytes
+    if (!artifact.size) {
-    if (!artifactSize) {
       core.warning('Artifact size was not found. Unable to verify if artifact size exceeds the allowed size.')
     }
 
-    return {
+    return artifact
-      id: artifact.id,
-      size: artifactSize
-    }
   } catch (error) {
     core.error(
       'Fetching artifact metadata failed. Is githubstatus.com reporting issues with API requests, Pages or Actions? Please re-run the deployment at a later time.',

src/internal/deployment.js

@@ -63,11 +63,7 @@ class Deployment {
       core.debug(`Action ID: ${this.actionsId}`)
       core.debug(`Actions Workflow Run ID: ${this.workflowRun}`)
 
-      const artifactData = await getArtifactMetadata({
+      const artifactData = await getArtifactMetadata({ artifactName: this.artifactName })
-        githubToken: this.githubToken,
-        runId: this.workflowRun,
-        artifactName: this.artifactName
-      })
 
       if (artifactData?.size > ONE_GIGABYTE) {
         core.warning(