Bump @octokit/plugin-paginate-rest from 9.0.0 to 9.2.2

Bumps [@octokit/plugin-paginate-rest](https://github.com/octokit/plugin-paginate-rest.js) from 9.0.0 to 9.2.2.
- [Release notes](https://github.com/octokit/plugin-paginate-rest.js/releases)
- [Commits](https://github.com/octokit/plugin-paginate-rest.js/compare/v9.0.0...v9.2.2)

---
updated-dependencies:
- dependency-name: "@octokit/plugin-paginate-rest"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

.eslintrc.yml

@@ -5,9 +5,12 @@ extends:
   - eslint:recommended
   - plugin:@typescript-eslint/eslint-recommended
   - plugin:@typescript-eslint/recommended
-  - prettier/@typescript-eslint
+  - prettier
+parserOptions:
+  project: ['tsconfig.eslint.json']
 rules:
   # '@typescript-eslint/explicit-function-return-type': 0
   '@typescript-eslint/no-use-before-define':
     - 2
     - functions: false
+  '@typescript-eslint/no-unnecessary-condition': error

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,8 @@
+blank_issues_enabled: true
+contact_links:
+  - name: Ask a question or provide feedback about using this action
+    about: For general Q&A and feedback, see the Discussions tab.
+    url: https://github.com/actions/github-script/discussions
+  - name: Ask a question or provide feedback about GitHub Actions
+    about: Please check out the GitHub community forum for discussions about GitHub Actions
+    url: https://github.com/orgs/community/discussions/categories/actions

.github/actions/install-dependencies/action.yml

@@ -0,0 +1,12 @@
+name: 'Install dependencies'
+description: 'Set up node and install dependencies'
+runs:
+  using: 'composite'
+  steps:
+    - uses: actions/setup-node@v4
+      with:
+        node-version: '20.x'
+        cache: npm
+
+    - run: npm ci
+      shell: bash

.github/dependabot.yml

@@ -0,0 +1,16 @@
+version: 2
+updates:
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
+
+  - package-ecosystem: 'github-actions'
+    directory: '/.github/actions/install-dependencies'
+    schedule:
+      interval: 'weekly'
+
+  - package-ecosystem: 'npm'
+    directory: '/'
+    schedule:
+      interval: 'weekly'

.github/workflows/check-dist.yml

@@ -0,0 +1,45 @@
+# `dist/index.js` is a special file in Actions.
+# When you reference an action with `uses:` in a workflow,
+# `index.js` is the code that will run.
+# For our project, we generate this file through a build process
+# from other source files.
+# We need to make sure the checked-in `index.js` actually matches what we expect it to be.
+name: Check dist/
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  check-dist:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: ./.github/actions/install-dependencies
+
+      - name: Rebuild the dist/ directory
+        run: npm run build
+
+      - name: Compare the expected and actual dist/ directories
+        run: |
+          if [ "$(git diff --ignore-space-at-eol dist/ | wc -l)" -gt "0" ]; then
+            echo "Detected uncommitted changes after build.  See status below:"
+            git diff
+            exit 1
+          fi
+        id: diff
+
+      # If index.js was different than expected, upload the expected version as an artifact
+      - uses: actions/upload-artifact@v4
+        if: ${{ failure() && steps.diff.conclusion == 'failure' }}
+        with:
+          name: dist
+          path: dist/

.github/workflows/ci.yml

@@ -1,21 +1,19 @@
 name: CI
 
 on:
-  push: {branches: main}
-  pull_request: {branches: main}
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+permissions:
+  contents: read
 
 jobs:
   ci:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v1
-        with: {node-version: 13.x}
-      - uses: actions/cache@v1
-        with:
-          path: ~/.npm
-          key: ${{runner.os}}-npm-${{hashFiles('**/package-lock.json')}}
-          restore-keys: ${{runner.os}}-npm-
-      - run: npm ci
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/install-dependencies
       - run: npm run style:check
       - run: npm test

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,72 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "main" ]
+  schedule:
+    - cron: '32 12 * * 3'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        
+        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+        
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines. 
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    # - run: |
+    #   echo "Run, Build Application using script"
+    #   ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3

.github/workflows/integration.yml

@@ -1,14 +1,20 @@
 name: Integration
 
 on:
-  push: {branches: main}
-  pull_request: {branches: main}
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+permissions:
+  contents: read
 
 jobs:
   test-return:
+    name: 'Integration test: return'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - id: output-set
         uses: ./
         with:
@@ -16,42 +22,307 @@ jobs:
           result-encoding: string
           input-value: output
       - run: |
-          if [[ "${{steps.output-set.outputs.result}}" != "output" ]]; then
+          echo "- Validating output is produced"
+          expected="output"
+          if [[ "${{steps.output-set.outputs.result}}" != "$expected" ]]; then
+            echo $'::error::\u274C' "Expected '$expected', got ${{steps.output-set.outputs.result}}"
             exit 1
           fi
+          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
 
   test-relative-require:
+    name: 'Integration test: relative-path require'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - id: output-set
+      - uses: actions/checkout@v4
+      - id: relative-require
         uses: ./
         with:
           script: return require('./package.json').name
           result-encoding: string
-          input-value: output
       - run: |
-          if [[ "${{steps.output-set.outputs.result}}" != "github-script" ]]; then
+          echo "- Validating relative require output"
+          if [[ "${{steps.relative-require.outputs.result}}" != "@actions/github-script" ]]; then
+            echo $'::error::\u274C' "Expected '$expected', got ${{steps.relative-require.outputs.result}}"
             exit 1
           fi
+          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
 
   test-npm-require:
+    name: 'Integration test: npm package require'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/cache@v1
-        with:
-          path: ~/.npm
-          key: ${{runner.os}}-npm-${{hashFiles('**/package-lock.json')}}
-          restore-keys: ${{runner.os}}-npm-
-      - run: npm ci
-      - id: output-set
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/install-dependencies
+      - id: npm-require
         uses: ./
         with:
           script: return require('@actions/core/package.json').name
           result-encoding: string
-          input-value: output
       - run: |
-          if [[ "${{steps.output-set.outputs.result}}" != "@actions/core" ]]; then
+          echo "- Validating npm require output"
+          expected="@actions/core"
+          if [[ "${{steps.npm-require.outputs.result}}" != "$expected" ]]; then
+            echo $'::error::\u274C' "Expected '$expected', got ${{steps.npm-require.outputs.result}}"
+            exit 1
+          fi
+          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
+
+  test-previews:
+    name: 'Integration test: GraphQL previews option'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/install-dependencies
+      - id: previews-default
+        name: Default previews not set
+        uses: ./
+        with:
+          script: |
+            const endpoint = github.request.endpoint
+            return endpoint({url: "/graphql"}).headers.accept
+          result-encoding: string
+      - id: previews-set-single
+        name: Previews set to a single value
+        uses: ./
+        with:
+          previews: foo
+          script: |
+            const endpoint = github.request.endpoint
+            return endpoint({url: "/graphql"}).headers.accept
+          result-encoding: string
+      - id: previews-set-multiple
+        name: Previews set to comma-separated list
+        uses: ./
+        with:
+          previews: foo,bar,baz
+          script: |
+            const endpoint = github.request.endpoint
+            return endpoint({url: "/graphql"}).headers.accept
+          result-encoding: string
+      - run: |
+          echo "- Validating previews default"
+          expected="application/vnd.github.v3+json"
+          if [[ "${{steps.previews-default.outputs.result}}" != $expected ]]; then
+            echo $'::error::\u274C' "Expected '$expected', got ${{steps.previews-default.outputs.result}}"
+            exit 1
+          fi
+          echo "- Validating previews set to a single value"
+          expected="application/vnd.github.foo-preview+json"
+          if [[ "${{steps.previews-set-single.outputs.result}}" != $expected ]]; then
+            echo $'::error::\u274C' "Expected '$expected', got ${{steps.previews-set-single.outputs.result}}"
+            exit 1
+          fi
+          echo "- Validating previews set to multiple values"
+          expected="application/vnd.github.foo-preview+json,application/vnd.github.bar-preview+json,application/vnd.github.baz-preview+json"
+          if [[ "${{steps.previews-set-multiple.outputs.result}}" != $expected ]]; then
+            echo $'::error::\u274C' "Expected '$expected', got ${{steps.previews-set-multiple.outputs.result}}"
+            exit 1
+          fi
+          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
+
+  test-user-agent:
+    name: 'Integration test: user-agent option'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/install-dependencies
+      - id: user-agent-default
+        name: Default user-agent not set
+        uses: ./
+        with:
+          script: |
+            const endpoint = github.request.endpoint
+            return endpoint({}).headers['user-agent']
+          result-encoding: string
+      - id: user-agent-set
+        name: User-agent set
+        uses: ./
+        with:
+          user-agent: foobar
+          script: |
+            const endpoint = github.request.endpoint
+            return endpoint({}).headers['user-agent']
+          result-encoding: string
+      - id: user-agent-empty
+        name: User-agent set to an empty string
+        uses: ./
+        with:
+          user-agent: ''
+          script: |
+            const endpoint = github.request.endpoint
+            return endpoint({}).headers['user-agent']
+          result-encoding: string
+      - run: |
+          echo "- Validating user-agent default"
+          expected="actions/github-script octokit-core.js/"
+          if [[ "${{steps.user-agent-default.outputs.result}}" != "$expected"* ]]; then
+            echo $'::error::\u274C' "Expected user-agent to start with '$expected', got ${{steps.user-agent-default.outputs.result}}"
+            exit 1
+          fi
+          echo "- Validating user-agent set to a value"
+          expected="foobar octokit-core.js/"
+          if [[ "${{steps.user-agent-set.outputs.result}}" != "$expected"* ]]; then
+            echo $'::error::\u274C' "Expected user-agent to start with '$expected', got ${{steps.user-agent-set.outputs.result}}"
+            exit 1
+          fi
+          echo "- Validating user-agent set to an empty string"
+          expected="octokit-core.js/"
+          if [[ "${{steps.user-agent-empty.outputs.result}}" != "$expected"* ]]; then
+            echo $'::error::\u274C' "Expected user-agent to start with '$expected', got ${{steps.user-agent-empty.outputs.result}}"
+            exit 1
+          fi
+          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
+
+  test-debug:
+    strategy:
+      matrix:
+        environment: ['', 'debug-integration-test']
+    environment: ${{ matrix.environment }}
+    name: "Integration test: debug option (runner.debug mode ${{ matrix.environment && 'enabled' || 'disabled' }})"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/install-dependencies
+      - id: debug-default
+        name: Default debug not set
+        uses: ./
+        with:
+          script: |
+            const log = github.log
+            return {
+              runnerDebugMode: core.isDebug(),
+              debug: log.debug === console.debug,
+              info: log.info === console.info
+            }
+      - id: debug-true
+        name: Debug set to true
+        uses: ./
+        with:
+          debug: true
+          script: |
+            const log = github.log
+            return {
+              runnerDebugMode: core.isDebug(),
+              debug: log.debug === console.debug,
+              info: log.info === console.info
+            }
+      - id: debug-false
+        name: Debug set to false
+        uses: ./
+        with:
+          debug: false
+          script: |
+            const log = github.log
+            return {
+              runnerDebugMode: core.isDebug(),
+              debug: log.debug === console.debug,
+              info: log.info === console.info
+            }
+      - id: evaluate-tests
+        name: Evaluate test outputs
+        env:
+          RDMODE: ${{ runner.debug == '1' }}
+        run: |
+          # tests table, pipe separated: label | output | expected
+          # leading and trailing spaces on any field are trimmed
+          tests=$(cat << 'TESTS'
+            Validating debug default |\
+              ${{ steps.debug-default.outputs.result }} |\
+              {"runnerDebugMode":${{ env.RDMODE }},"debug":${{ env.RDMODE }},"info":${{ env.RDMODE }}}
+            Validating debug set to true |\
+              ${{ steps.debug-true.outputs.result }} |\
+              {"runnerDebugMode":${{ env.RDMODE }},"debug":true,"info":true}
+            Validating debug set to false |\
+              ${{ steps.debug-false.outputs.result }} |\
+              {"runnerDebugMode":${{ env.RDMODE }},"debug":false,"info":false}
+          TESTS
+          )
+
+          strim() { shopt -s extglob; lt="${1##+( )}"; echo "${lt%%+( )}"; }
+          while IFS='|' read label output expected; do
+            label="$(strim "$label")"; output="$(strim "$output")"; expected="$(strim "$expected")"
+            echo -n "- $label:"
+            if [[ "$output" != "$expected" ]]; then
+              echo $'\n::error::\u274C' "Expected '$expected', got '$output'"
+              exit 1
+            fi
+            echo $' \u2705'
+          done <<< "$tests"
+
+          echo $'\u2705 Test passed' | tee -a $GITHUB_STEP_SUMMARY
+
+  test-base-url:
+    name: 'Integration test: base-url option'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/install-dependencies
+
+      - id: base-url-default
+        name: API URL with base-url not set
+        uses: ./
+        with:
+          script: |
+            const endpoint = github.request.endpoint
+            return endpoint({}).url
+          result-encoding: string
+
+      - id: base-url-default-graphql
+        name: GraphQL URL with base-url not set
+        uses: ./
+        with:
+          script: |
+            const endpoint = github.request.endpoint
+            return endpoint({url: "/graphql"}).url
+          result-encoding: string
+
+      - id: base-url-set
+        name: API URL with base-url set
+        uses: ./
+        with:
+          base-url: https://my.github-enterprise-server.com/api/v3
+          script: |
+            const endpoint = github.request.endpoint
+            return endpoint({}).url
+          result-encoding: string
+
+      - id: base-url-set-graphql
+        name: GraphQL URL with base-url set
+        uses: ./
+        with:
+          base-url: https://my.github-enterprise-server.com/api/v3
+          script: |
+            const endpoint = github.request.endpoint
+            return endpoint({url: "/graphql"}).url
+          result-encoding: string
+
+      - run: |
+          echo "- Validating API URL default"
+          expected="https://api.github.com/"
+          actual="${{steps.base-url-default.outputs.result}}"
+          if [[ "$expected" != "$actual" ]]; then
+            echo $'::error::\u274C' "Expected base-url to equal '$expected', got $actual"
+            exit 1
+          fi
+          echo "- Validating GraphQL URL default"
+          expected="https://api.github.com/graphql"
+          actual="${{steps.base-url-default-graphql.outputs.result}}"
+          if [[ "$expected" != "$actual" ]]; then
+            echo $'::error::\u274C' "Expected base-url to equal '$expected', got $actual"
+            exit 1
+          fi
+          echo "- Validating base-url set to a value"
+          expected="https://my.github-enterprise-server.com/api/v3/"
+          actual="${{steps.base-url-set.outputs.result}}"
+          if [[ "$expected" != "$actual" ]]; then
+            echo $'::error::\u274C' "Expected base-url to equal '$expected', got $actual"
+            exit 1
+          fi
+          echo "- Validating GraphQL URL with base-url set to a value"
+          expected="https://my.github-enterprise-server.com/api/v3/graphql"
+          actual="${{steps.base-url-set-graphql.outputs.result}}"
+          if [[ "$expected" != "$actual" ]]; then
+            echo $'::error::\u274C' "Expected base-url to equal '$expected', got $actual"
             exit 1
           fi

.github/workflows/licensed.yml

@@ -1,27 +1,30 @@
 name: Licensed
 
 on:
-  push: {branches: main}
-  pull_request: {branches: main}
-  repository_dispatch:
-  workflow_dispatch:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+permissions:
+  contents: read
 
 jobs:
   test:
     runs-on: ubuntu-latest
     name: Check licenses
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/cache@v1
+      - uses: actions/checkout@v4
         with:
-          path: ~/.npm
-          key: ${{runner.os}}-npm-${{hashFiles('**/package-lock.json')}}
-          restore-keys: ${{runner.os}}-npm-
-      - run: npm ci
-      - name: Install licensed
-        run: |-
-          cd $RUNNER_TEMP
-          curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/2.9.2/licensed-2.9.2-linux-x64.tar.gz
-          sudo tar -xzf licensed.tar.gz
-          sudo mv licensed /usr/local/bin/licensed
+          fetch-depth: 0 # prefer to use a full fetch for licensed workflows
+      - uses: ruby/setup-ruby@28c4deda893d5a96a6b2d958c5b47fc18d65c9d3 # v1.213.0
+        with:
+          ruby-version: ruby
+      - uses: github/setup-licensed@v1
+        with:
+          version: '4.x'
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: ./.github/actions/install-dependencies
       - run: licensed status

.github/workflows/publish-immutable-actions.yml

@@ -0,0 +1,20 @@
+name: 'Publish Immutable Action Version'
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+      packages: write
+
+    steps:
+      - name: Checking out
+        uses: actions/checkout@v4
+      - name: Publish
+        id: publish
+        uses: actions/publish-immutable-action@0.0.4

.github/workflows/pull-request-test.yml

@@ -2,40 +2,44 @@ name: Pull Request Test
 
 on:
   pull_request:
-    branches: main
+    branches: [main]
     types: [opened, synchronize]
 
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   pull-request-test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
       - uses: ./
         with:
           script: |
             // Get the existing comments.
-            const {data: comments} = await github.issues.listComments({
+            const {data: comments} = await github.rest.issues.listComments({
               owner: context.repo.owner,
               repo: context.repo.repo,
               issue_number: context.payload.number,
             })
 
-            // Find any comment already made by the bot.                                                                                                    
-            const botComment = comments.find(comment => comment.user.id === 41898282)                                                                       
-            const commentBody = "Hello from actions/github-script! (${{ github.sha }})"                  
+            // Find any comment already made by the bot.
+            const botComment = comments.find(comment => comment.user.id === 41898282)
+            const commentBody = "Hello from actions/github-script! (${{ github.sha }})"
 
             if (context.payload.pull_request.head.repo.full_name !== 'actions/github-script') {
               console.log('Not attempting to write comment on PR from fork');
             } else {
               if (botComment) {
-                await github.issues.updateComment({
+                await github.rest.issues.updateComment({
                   owner: context.repo.owner,
                   repo: context.repo.repo,
                   comment_id: botComment.id,
                   body: commentBody
                 })
               } else {
-                await github.issues.createComment({
+                await github.rest.issues.createComment({
                   owner: context.repo.owner,
                   repo: context.repo.repo,
                   issue_number: context.payload.number,

.github/workflows/stale.yml

@@ -1,31 +0,0 @@
-name: Stale Issues & PRs
-
-on:
-  schedule:
-    - cron: '0 0 * * *'
-  workflow_dispatch:
-
-jobs:
-  mark_stale:
-    name: Mark issues and PRs as stale
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/stale@v3
-        with:
-          repo-token: ${{ secrets.GITHUB_TOKEN }}
-          exempt-issue-labels: Not Stale
-          exempt-pr-labels: Not Stale
-          stale-issue-message: >
-            This issue is stale because it has been open for 60 days with no
-            activity. Remove the "Stale" label or comment on the issue, or it
-            will be closed in 7 days.
-          stale-pr-message: >
-            This pull request is stale because it has been open for 60 days
-            with no activity. Remove the "Stale" label or comment on the pull
-            request, or it will be closed in 7 days.
-          close-issue-message: >
-            This issue has been marked as stale and closed due to no activity
-            on it.
-          close-pr-message: >
-            This pull request has been marked as stale and closed due to no
-            activity on it.

.gitignore

@@ -1,2 +1 @@
-/node_modules/
-!/.vscode/
+/node_modules/

.husky/pre-commit

@@ -0,0 +1 @@
+npm run pre-commit && git add dist/

.licenses/npm/@actions/core.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@actions/core"
-version: 1.2.7
+version: 1.10.1
 type: npm
 summary: Actions core lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/core

.licenses/npm/@actions/exec.dep.yml

@@ -0,0 +1,20 @@
+---
+name: "@actions/exec"
+version: 1.1.1
+type: npm
+summary: Actions exec lib
+homepage: https://github.com/actions/toolkit/tree/main/packages/exec
+license: mit
+licenses:
+- sources: LICENSE.md
+  text: |-
+    The MIT License (MIT)
+
+    Copyright 2019 GitHub
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+notices: []

.licenses/npm/@actions/github.dep.yml

@@ -1,30 +1,20 @@
 ---
 name: "@actions/github"
-version: 4.0.0
+version: 6.0.0
 type: npm
 summary: Actions github lib
-homepage: https://github.com/actions/toolkit/tree/master/packages/github
+homepage: https://github.com/actions/toolkit/tree/main/packages/github
 license: mit
 licenses:
-- sources: Auto-generated MIT license text
-  text: |
-    MIT License
+- sources: LICENSE.md
+  text: |-
+    The MIT License (MIT)
 
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
+    Copyright 2019 GitHub
 
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE.
+    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 notices: []

.licenses/npm/@actions/glob.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@actions/glob"
-version: 0.1.1
+version: 0.4.0
 type: npm
 summary: Actions glob lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/glob

.licenses/npm/@actions/http-client.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@actions/http-client"
-version: 1.0.8
+version: 2.2.0
 type: npm
 summary: Actions Http Client
-homepage: https://github.com/actions/http-client#readme
+homepage: https://github.com/actions/toolkit/tree/main/packages/http-client
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@actions/io.dep.yml

@@ -1,30 +1,20 @@
 ---
 name: "@actions/io"
-version: 1.0.2
+version: 1.1.3
 type: npm
 summary: Actions io lib
-homepage: https://github.com/actions/toolkit/tree/master/packages/io
+homepage: https://github.com/actions/toolkit/tree/main/packages/io
 license: mit
 licenses:
-- sources: Auto-generated MIT license text
-  text: |
-    MIT License
+- sources: LICENSE.md
+  text: |-
+    The MIT License (MIT)
 
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
+    Copyright 2019 GitHub
 
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE.
+    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 notices: []

.licenses/npm/@fastify/busboy.dep.yml

@@ -0,0 +1,30 @@
+---
+name: "@fastify/busboy"
+version: 2.0.0
+type: npm
+summary: A streaming parser for HTML form data for node.js
+homepage:
+license: mit
+licenses:
+- sources: LICENSE
+  text: |-
+    Copyright Brian White. All rights reserved.
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to
+    deal in the Software without restriction, including without limitation the
+    rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+    sell copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in
+    all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+    FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+    IN THE SOFTWARE.
+notices: []

.licenses/npm/@octokit/auth-token.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@octokit/auth-token"
-version: 2.4.3
+version: 4.0.0
 type: npm
 summary: GitHub API token authentication for browsers and Node.js
-homepage: https://github.com/octokit/auth-token.js#readme
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/core.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@octokit/core"
-version: 3.2.1
+version: 5.0.1
 type: npm
 summary: Extendable client for GitHub's REST & GraphQL APIs
-homepage: https://github.com/octokit/core.js#readme
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/endpoint.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@octokit/endpoint"
-version: 6.0.9
+version: 9.0.0
 type: npm
 summary: Turns REST API endpoints into generic request options
-homepage: https://github.com/octokit/endpoint.js#readme
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/graphql.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@octokit/graphql"
-version: 4.5.7
+version: 7.0.1
 type: npm
 summary: GitHub GraphQL API client for browsers and Node
-homepage: https://github.com/octokit/graphql.js#readme
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/openapi-types-18.0.0.dep.yml

@@ -0,0 +1,20 @@
+---
+name: "@octokit/openapi-types"
+version: 18.0.0
+type: npm
+summary: Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com
+homepage:
+license: mit
+licenses:
+- sources: LICENSE
+  text: |-
+    Copyright 2020 Gregor Martynus
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+- sources: README.md
+  text: "[MIT](LICENSE)"
+notices: []

.licenses/npm/@octokit/openapi-types-19.0.0.dep.yml

@@ -0,0 +1,20 @@
+---
+name: "@octokit/openapi-types"
+version: 19.0.0
+type: npm
+summary: Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com
+homepage:
+license: mit
+licenses:
+- sources: LICENSE
+  text: |-
+    Copyright 2020 Gregor Martynus
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+- sources: README.md
+  text: "[MIT](LICENSE)"
+notices: []

.licenses/npm/@octokit/plugin-paginate-rest.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@octokit/plugin-paginate-rest"
-version: 2.6.0
+version: 9.0.0
 type: npm
 summary: Octokit plugin to paginate REST API endpoint responses
-homepage: https://github.com/octokit/plugin-paginate-rest.js#readme
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/plugin-request-log.dep.yml

@@ -0,0 +1,20 @@
+---
+name: "@octokit/plugin-request-log"
+version: 4.0.0
+type: npm
+summary: Log all requests and request errors
+homepage:
+license: mit
+licenses:
+- sources: LICENSE
+  text: |
+    MIT License Copyright (c) 2020 Octokit contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice (including the next paragraph) shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+- sources: README.md
+  text: "[MIT](LICENSE)"
+notices: []

.licenses/npm/@octokit/plugin-rest-endpoint-methods.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@octokit/plugin-rest-endpoint-methods"
-version: 4.2.1
+version: 10.0.1
 type: npm
 summary: Octokit plugin adding one method for all of api.github.com REST API endpoints
-homepage: https://github.com/octokit/plugin-rest-endpoint-methods.js#readme
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/plugin-retry.dep.yml

@@ -0,0 +1,34 @@
+---
+name: "@octokit/plugin-retry"
+version: 6.0.1
+type: npm
+summary: Automatic retry plugin for octokit
+homepage:
+license: mit
+licenses:
+- sources: LICENSE
+  text: |
+    MIT License
+
+    Copyright (c) 2018 Octokit contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+- sources: README.md
+  text: "[MIT](LICENSE)"
+notices: []

.licenses/npm/@octokit/request-error.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@octokit/request-error"
-version: 2.0.3
+version: 5.0.0
 type: npm
 summary: Error class for Octokit request errors
-homepage: https://github.com/octokit/request-error.js#readme
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/request.dep.yml

@@ -1,10 +1,10 @@
 ---
 name: "@octokit/request"
-version: 5.4.10
+version: 8.1.1
 type: npm
-summary: Send parameterized requests to GitHub’s APIs with sensible defaults in browsers
+summary: Send parameterized requests to GitHub's APIs with sensible defaults in browsers
   and Node
-homepage: https://github.com/octokit/request.js#readme
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/types-11.1.0.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@octokit/types"
-version: 5.5.0
+version: 11.1.0
 type: npm
 summary: Shared TypeScript definitions for Octokit projects
-homepage: https://github.com/octokit/types.ts#readme
+homepage:
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/types-12.0.0.dep.yml

@@ -0,0 +1,20 @@
+---
+name: "@octokit/types"
+version: 12.0.0
+type: npm
+summary: Shared TypeScript definitions for Octokit projects
+homepage:
+license: mit
+licenses:
+- sources: LICENSE
+  text: |
+    MIT License Copyright (c) 2019 Octokit contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice (including the next paragraph) shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+- sources: README.md
+  text: "[MIT](LICENSE)"
+notices: []

.licenses/npm/@types/node.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@types/node"
-version: 14.6.0
+version: 20.9.0
 type: npm
-summary: TypeScript definitions for Node.js
-homepage: https://github.com/DefinitelyTyped/DefinitelyTyped#readme
+summary: TypeScript definitions for node
+homepage: https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/before-after-hook.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: before-after-hook
-version: 2.1.0
+version: 2.2.2
 type: npm
 summary: asynchronous before/error/after hooks for internal functionality
 homepage: https://github.com/gr2m/before-after-hook#readme

.licenses/npm/bottleneck.dep.yml

@@ -0,0 +1,31 @@
+---
+name: bottleneck
+version: 2.19.5
+type: npm
+summary: Distributed task scheduler and rate limiter
+homepage: 
+license: mit
+licenses:
+- sources: LICENSE
+  text: |
+    The MIT License (MIT)
+
+    Copyright (c) 2014 Simon Grondin
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of
+    this software and associated documentation files (the "Software"), to deal in
+    the Software without restriction, including without limitation the rights to
+    use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+    the Software, and to permit persons to whom the Software is furnished to do so,
+    subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+    FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+    COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+    IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+    CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+notices: []

.licenses/npm/minimatch.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: minimatch
-version: 3.0.4
+version: 3.1.2
 type: npm
 summary: a glob matcher in javascript
-homepage: https://github.com/isaacs/minimatch#readme
+homepage:
 license: isc
 licenses:
 - sources: LICENSE

.licenses/npm/node-fetch.dep.yml

@@ -1,56 +0,0 @@
----
-name: node-fetch
-version: 2.6.1
-type: npm
-summary: A light-weight module that brings window.fetch to node.js
-homepage: https://github.com/bitinn/node-fetch
-license: mit
-licenses:
-- sources: LICENSE.md
-  text: |+
-    The MIT License (MIT)
-
-    Copyright (c) 2016 David Frank
-
-    Permission is hereby granted, free of charge, to any person obtaining a copy
-    of this software and associated documentation files (the "Software"), to deal
-    in the Software without restriction, including without limitation the rights
-    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-    copies of the Software, and to permit persons to whom the Software is
-    furnished to do so, subject to the following conditions:
-
-    The above copyright notice and this permission notice shall be included in all
-    copies or substantial portions of the Software.
-
-    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-    SOFTWARE.
-
-- sources: README.md
-  text: |-
-    MIT
-
-    [npm-image]: https://flat.badgen.net/npm/v/node-fetch
-    [npm-url]: https://www.npmjs.com/package/node-fetch
-    [travis-image]: https://flat.badgen.net/travis/bitinn/node-fetch
-    [travis-url]: https://travis-ci.org/bitinn/node-fetch
-    [codecov-image]: https://flat.badgen.net/codecov/c/github/bitinn/node-fetch/master
-    [codecov-url]: https://codecov.io/gh/bitinn/node-fetch
-    [install-size-image]: https://flat.badgen.net/packagephobia/install/node-fetch
-    [install-size-url]: https://packagephobia.now.sh/result?p=node-fetch
-    [discord-image]: https://img.shields.io/discord/619915844268326952?color=%237289DA&label=Discord&style=flat-square
-    [discord-url]: https://discord.gg/Zxbndcm
-    [opencollective-image]: https://opencollective.com/node-fetch/backers.svg
-    [opencollective-url]: https://opencollective.com/node-fetch
-    [whatwg-fetch]: https://fetch.spec.whatwg.org/
-    [response-init]: https://fetch.spec.whatwg.org/#responseinit
-    [node-readable]: https://nodejs.org/api/stream.html#stream_readable_streams
-    [mdn-headers]: https://developer.mozilla.org/en-US/docs/Web/API/Headers
-    [LIMITS.md]: https://github.com/bitinn/node-fetch/blob/master/LIMITS.md
-    [ERROR-HANDLING.md]: https://github.com/bitinn/node-fetch/blob/master/ERROR-HANDLING.md
-    [UPGRADE-GUIDE.md]: https://github.com/bitinn/node-fetch/blob/master/UPGRADE-GUIDE.md
-notices: []

.licenses/npm/undici-types.dep.yml

@@ -0,0 +1,30 @@
+---
+name: undici-types
+version: 5.26.5
+type: npm
+summary: A stand-alone types package for Undici
+homepage: https://undici.nodejs.org
+license: mit
+licenses:
+- sources: Auto-generated MIT license text
+  text: |
+    MIT License
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+notices: []

.licenses/npm/undici.dep.yml

@@ -0,0 +1,34 @@
+---
+name: undici
+version: 5.28.5
+type: npm
+summary: An HTTP/1.1 client, written from scratch for Node.js
+homepage: https://undici.nodejs.org
+license: mit
+licenses:
+- sources: LICENSE
+  text: |
+    MIT License
+
+    Copyright (c) Matteo Collina and Undici contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+- sources: README.md
+  text: MIT
+notices: []

.licenses/npm/universal-user-agent.dep.yml

@@ -4,7 +4,7 @@ version: 6.0.0
 type: npm
 summary: Get a user agent string in both browser and node
 homepage: https://github.com/gr2m/universal-user-agent#readme
-license: other
+license: isc
 licenses:
 - sources: LICENSE.md
   text: |

.licenses/npm/uuid.dep.yml

@@ -0,0 +1,20 @@
+---
+name: uuid
+version: 8.3.2
+type: npm
+summary: RFC4122 (v1, v4, and v5) UUIDs
+homepage: 
+license: mit
+licenses:
+- sources: LICENSE.md
+  text: |
+    The MIT License (MIT)
+
+    Copyright (c) 2010-2020 Robert Kieffer and other contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+notices: []

.npmrc

@@ -0,0 +1 @@
+engine-strict=true

.vscode/settings.json

@@ -1,10 +0,0 @@
-{
-  "editor.formatOnSave": true,
-  "editor.codeActionsOnSave": {
-    "source.organizeImports": true
-  },
-  "files.exclude": {
-    "**/dist": true,
-    "**/node_modules": true
-  }
-}

CODEOWNERS

@@ -1 +1 @@
-* @actions/actions-experience
+* @actions/actions-launch

README.md

@@ -1,23 +1,23 @@
 # actions/github-script
 
-[![.github/workflows/integration.yml](https://github.com/actions/github-script/workflows/Integration/badge.svg?event=push&branch=main)](https://github.com/actions/github-script/actions?query=workflow%3AIntegration+branch%3Amain+event%3Apush)
-[![.github/workflows/ci.yml](https://github.com/actions/github-script/workflows/CI/badge.svg?event=push&branch=main)](https://github.com/actions/github-script/actions?query=workflow%3ACI+branch%3Amain+event%3Apush)
-[![.github/workflows/licensed.yml](https://github.com/actions/github-script/workflows/Licensed/badge.svg?event=push&branch=main)](https://github.com/actions/github-script/actions?query=workflow%3ALicensed+branch%3Amain+event%3Apush)
+[![Integration](https://github.com/actions/github-script/actions/workflows/integration.yml/badge.svg?branch=main&event=push)](https://github.com/actions/github-script/actions/workflows/integration.yml)
+[![CI](https://github.com/actions/github-script/actions/workflows/ci.yml/badge.svg?branch=main&event=push)](https://github.com/actions/github-script/actions/workflows/ci.yml)
+[![Licensed](https://github.com/actions/github-script/actions/workflows/licensed.yml/badge.svg?branch=main&event=push)](https://github.com/actions/github-script/actions/workflows/licensed.yml)
 
 This action makes it easy to quickly write a script in your workflow that
 uses the GitHub API and the workflow run context.
 
-In order to use this action, a `script` input is provided. The value of that
-input should be the body of an asynchronous function call. The following
-arguments will be provided:
+To use this action, provide an input named `script` that contains the body of an asynchronous JavaScript function call.
+The following arguments will be provided:
 
-- `github` A pre-authenticated
-  [octokit/rest.js](https://octokit.github.io/rest.js) client with pagination plugins
+- `octokit` (and `github`) A pre-authenticated
+  [octokit/rest.js](https://octokit.github.io/rest.js) client _instance_ with pagination plugins
 - `context` An object containing the [context of the workflow
   run](https://github.com/actions/toolkit/blob/main/packages/github/src/context.ts)
 - `core` A reference to the [@actions/core](https://github.com/actions/toolkit/tree/main/packages/core) package
 - `glob` A reference to the [@actions/glob](https://github.com/actions/toolkit/tree/main/packages/glob) package
 - `io` A reference to the [@actions/io](https://github.com/actions/toolkit/tree/main/packages/io) package
+- `exec` A reference to the [@actions/exec](https://github.com/actions/toolkit/tree/main/packages/exec) package
 - `require` A proxy wrapper around the normal Node.js `require` to enable
   requiring relative paths (relative to the current working directory) and
   requiring npm packages installed in the current working directory. If for
@@ -26,13 +26,34 @@ arguments will be provided:
   our wrapping applied.
 
 Since the `script` is just a function body, these values will already be
-defined, so you don't have to (see examples below).
+defined, so you don't have to import them (see examples below).
 
 See [octokit/rest.js](https://octokit.github.io/rest.js/) for the API client
 documentation.
 
-**Note** This action is still a bit of an experiment—the API may change in
-future versions. 🙂
+## Breaking Changes
+
+### V7
+
+Version 7 of this action updated the runtime to Node 20 - https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions
+
+All scripts are now run with Node 20 instead of Node 16 and are affected by any breaking changes between Node 16 and 20
+
+The `previews` input now only applies to GraphQL API calls as REST API previews are no longer necessary - https://github.blog/changelog/2021-10-14-rest-api-preview-promotions/.
+
+### V6
+
+Version 6 of this action updated the runtime to Node 16 - https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runs-for-javascript-actions
+
+All scripts are now run with Node 16 instead of Node 12 and are affected by any breaking changes between Node 12 and 16.
+
+### V5
+
+Version 5 of this action includes the version 5 of `@actions/github` and `@octokit/plugin-rest-endpoint-methods`. As part of this update, the Octokit context available via `github` no longer has REST methods directly. These methods are available via `github.rest.*` - https://github.com/octokit/plugin-rest-endpoint-methods.js/releases/tag/v5.0.0
+
+For example, `github.issues.createComment` in V4 becomes `github.rest.issues.createComment` in V5
+
+`github.request`, `github.paginate`, and `github.graphql` are unchanged.
 
 ## Development
 
@@ -44,7 +65,7 @@ The return value of the script will be in the step's outputs under the
 "result" key.
 
 ```yaml
-- uses: actions/github-script@v4
+- uses: actions/github-script@v7
   id: set-result
   with:
     script: return "Hello!"
@@ -63,14 +84,54 @@ output of a github-script step. For some workflows, string encoding is preferred
 `result-encoding` input:
 
 ```yaml
-- uses: actions/github-script@v4
+- uses: actions/github-script@v7
   id: my-script
   with:
-    github-token: ${{secrets.GITHUB_TOKEN}}
     result-encoding: string
     script: return "I will be string (not JSON) encoded!"
 ```
 
+## Retries
+
+By default, requests made with the `github` instance will not be retried. You can configure this with the `retries` option:
+
+```yaml
+- uses: actions/github-script@v7
+  id: my-script
+  with:
+    result-encoding: string
+    retries: 3
+    script: |
+      octokit.rest.issues.get({
+        issue_number: context.issue.number,
+        owner: context.repo.owner,
+        repo: context.repo.repo,
+      })
+```
+
+In this example, request failures from `octokit.rest.issues.get()` will be retried up to 3 times.
+
+You can also configure which status codes should be exempt from retries via the `retry-exempt-status-codes` option:
+
+```yaml
+- uses: actions/github-script@v7
+  id: my-script
+  with:
+    result-encoding: string
+    retries: 3
+    retry-exempt-status-codes: 400,401
+    script: |
+      octokit.rest.issues.get({
+        issue_number: context.issue.number,
+        owner: context.repo.owner,
+        repo: context.repo.repo,
+      })
+```
+
+By default, the following status codes will not be retried: `400, 401, 403, 404, 422` [(source)](https://github.com/octokit/plugin-retry.js/blob/9a2443746c350b3beedec35cf26e197ea318a261/src/index.ts#L14).
+
+These retries are implemented using the [octokit/plugin-retry.js](https://github.com/octokit/plugin-retry.js) plugin. The retries use [exponential backoff](https://en.wikipedia.org/wiki/Exponential_backoff) to space out retries. ([source](https://github.com/octokit/plugin-retry.js/blob/9a2443746c350b3beedec35cf26e197ea318a261/src/error-request.ts#L13))
+
 ## Examples
 
 Note that `github-token` is optional in this action, and the input is there
@@ -82,7 +143,7 @@ By default, github-script will use the token provided to your workflow.
 
 ```yaml
 - name: View context attributes
-  uses: actions/github-script@v4
+  uses: actions/github-script@v7
   with:
     script: console.log(context)
 ```
@@ -98,11 +159,10 @@ jobs:
   comment:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/github-script@v4
+      - uses: actions/github-script@v7
         with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
-            github.issues.createComment({
+            octokit.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
@@ -121,11 +181,10 @@ jobs:
   apply-label:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/github-script@v4
+      - uses: actions/github-script@v7
         with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
-            github.issues.addLabels({
+            octokit.rest.issues.addLabels({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
@@ -135,26 +194,27 @@ jobs:
 
 ### Welcome a first-time contributor
 
+You can format text in comments using the same [Markdown syntax](https://docs.github.com/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax) as the GitHub web interface:
+
 ```yaml
-on: pull_request
+on: pull_request_target
 
 jobs:
   welcome:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/github-script@v4
+      - uses: actions/github-script@v7
         with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
             // Get a list of all issues created by the PR opener
             // See: https://octokit.github.io/rest.js/#pagination
             const creator = context.payload.sender.login
-            const opts = github.issues.listForRepo.endpoint.merge({
+            const opts = octokit.rest.issues.listForRepo.endpoint.merge({
               ...context.issue,
               creator,
               state: 'all'
             })
-            const issues = await github.paginate(opts)
+            const issues = await octokit.paginate(opts)
 
             for (const issue of issues) {
               if (issue.number === context.issue.number) {
@@ -166,11 +226,13 @@ jobs:
               }
             }
 
-            await github.issues.createComment({
+            await octokit.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,
-              body: 'Welcome, new contributor!'
+              body: `**Welcome**, new contributor!
+
+                Please make sure you've read our [contributing guide](CONTRIBUTING.md) and we look forward to reviewing your Pull request shortly ✨`
             })
 ```
 
@@ -186,12 +248,11 @@ jobs:
   diff:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/github-script@v4
+      - uses: actions/github-script@v7
         with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
             const diff_url = context.payload.pull_request.diff_url
-            const result = await github.request(diff_url)
+            const result = await octokit.request(diff_url)
             console.log(result)
 ```
 
@@ -211,9 +272,8 @@ jobs:
   list-issues:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/github-script@v4
+      - uses: actions/github-script@v7
         with:
-          github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
             const query = `query($owner:String!, $name:String!, $label:String!) {
               repository(owner:$owner, name:$name){
@@ -229,7 +289,7 @@ jobs:
               name: context.repo.repo,
               label: 'wontfix'
             }
-            const result = await github.graphql(query, variables)
+            const result = await octokit.graphql(query, variables)
             console.log(result)
 ```
 
@@ -245,18 +305,18 @@ jobs:
   echo-input:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/github-script@v4
+      - uses: actions/checkout@v4
+      - uses: actions/github-script@v7
         with:
           script: |
             const script = require('./path/to/script.js')
-            console.log(script({github, context}))
+            console.log(script({octokit, context}))
 ```
 
 And then export a function from your module:
 
 ```javascript
-module.exports = ({github, context}) => {
+module.exports = ({octokit, context}) => {
   return context.payload.client_payload.value
 }
 ```
@@ -283,22 +343,22 @@ jobs:
   echo-input:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/github-script@v4
+      - uses: actions/checkout@v4
+      - uses: actions/github-script@v7
         env:
           SHA: '${{env.parentSHA}}'
         with:
           script: |
             const script = require('./path/to/script.js')
-            await script({github, context, core})
+            await script({octokit, context, core})
 ```
 
 And then export an async function from your module:
 
 ```javascript
-module.exports = async ({github, context, core}) => {
+module.exports = async ({octokit, context, core}) => {
   const {SHA} = process.env
-  const commit = await github.repos.getCommit({
+  const commit = await octokit.rest.repos.getCommit({
     owner: context.repo.owner,
     repo: context.repo.repo,
     ref: `${SHA}`
@@ -309,7 +369,10 @@ module.exports = async ({github, context, core}) => {
 
 ### Use npm packages
 
-Like importing your own files above, you can also use installed modules:
+Like importing your own files above, you can also use installed modules.
+Note that this is achieved with a wrapper on top `require`, so if you're
+trying to require a module inside your own file, you might need to import
+it externally or pass the `require` wrapper to your file:
 
 ```yaml
 on: push
@@ -318,14 +381,14 @@ jobs:
   echo-input:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: 14
+          node-version: '20.x'
       - run: npm ci
       # or one-off:
       - run: npm install execa
-      - uses: actions/github-script@v4
+      - uses: actions/github-script@v7
         with:
           script: |
             const execa = require('execa')
@@ -335,6 +398,52 @@ jobs:
             console.log(stdout)
 ```
 
+### Use ESM `import`
+
+To import an ESM file, you'll need to reference your script by an absolute path and ensure you have a `package.json` file with `"type": "module"` specified.
+
+For a script in your repository `src/print-stuff.js`:
+
+```js
+export default function printStuff() {
+  console.log('stuff')
+}
+```
+
+```yaml
+on: push
+
+jobs:
+  print-stuff:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/github-script@v7
+        with:
+          script: |
+            const { default: printStuff } = await import('${{ github.workspace }}/src/print-stuff.js')
+
+            await printStuff()
+```
+
+### Use scripts with jsDoc support
+
+If you want type support for your scripts, you could use the command below to install the
+`@actions/github-script` type declaration.
+```sh
+$ npm i -D @actions/github-script@github:actions/github-script
+```
+
+And then add the `jsDoc` declaration to your script like this:
+```js
+// @ts-check
+/** @param {import('@actions/github-script').AsyncFunctionArguments} AsyncFunctionArguments */
+export default async ({ core, context }) => {
+  core.debug("Running something at the moment");
+  return context.actor;
+};
+```
+
 ### Use env as input
 
 You can set env vars to use them in your script:
@@ -346,7 +455,7 @@ jobs:
   echo-input:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/github-script@v4
+      - uses: actions/github-script@v7
         env:
           FIRST_NAME: Mona
           LAST_NAME: Octocat
@@ -356,3 +465,32 @@ jobs:
 
             console.log(`Hello ${FIRST_NAME} ${LAST_NAME}`)
 ```
+
+### Using a separate GitHub token
+
+The `GITHUB_TOKEN` used by default is scoped to the current repository, see [Authentication in a workflow](https://docs.github.com/actions/reference/authentication-in-a-workflow).
+
+If you need access to a different repository or an API that the `GITHUB_TOKEN` doesn't have permissions to, you can provide your own [PAT](https://help.github.com/github/authenticating-to-github/creating-a-personal-access-token-for-the-command-line) as a secret using the `github-token` input.
+
+[Learn more about creating and using encrypted secrets](https://docs.github.com/actions/reference/encrypted-secrets)
+
+```yaml
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  apply-label:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/github-script@v7
+        with:
+          github-token: ${{ secrets.MY_PAT }}
+          script: |
+            octokit.rest.issues.addLabels({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              labels: ['Triage']
+            })
+```

__test__/get-retry-options.test.ts

@@ -0,0 +1,69 @@
+/* eslint-disable @typescript-eslint/no-explicit-any */
+
+import {getRetryOptions} from '../src/retry-options'
+
+describe('getRequestOptions', () => {
+  test('retries disabled if retries == 0', async () => {
+    const [retryOptions, requestOptions] = getRetryOptions(
+      0,
+      [400, 500, 502],
+      []
+    )
+
+    expect(retryOptions.enabled).toBe(false)
+    expect(retryOptions.doNotRetry).toBeFalsy()
+
+    expect(requestOptions?.retries).toBeFalsy()
+  })
+
+  test('properties set if retries > 0', async () => {
+    const [retryOptions, requestOptions] = getRetryOptions(
+      1,
+      [400, 500, 502],
+      []
+    )
+
+    expect(retryOptions.enabled).toBe(true)
+    expect(retryOptions.doNotRetry).toEqual([400, 500, 502])
+
+    expect(requestOptions?.retries).toEqual(1)
+  })
+
+  test('properties set if retries > 0', async () => {
+    const [retryOptions, requestOptions] = getRetryOptions(
+      1,
+      [400, 500, 502],
+      []
+    )
+
+    expect(retryOptions.enabled).toBe(true)
+    expect(retryOptions.doNotRetry).toEqual([400, 500, 502])
+
+    expect(requestOptions?.retries).toEqual(1)
+  })
+
+  test('retryOptions.doNotRetry not set if exemptStatusCodes isEmpty', async () => {
+    const [retryOptions, requestOptions] = getRetryOptions(1, [], [])
+
+    expect(retryOptions.enabled).toBe(true)
+    expect(retryOptions.doNotRetry).toBeUndefined()
+
+    expect(requestOptions?.retries).toEqual(1)
+  })
+
+  test('requestOptions does not override defaults from @actions/github', async () => {
+    const [retryOptions, requestOptions] = getRetryOptions(1, [], {
+      request: {
+        agent: 'default-user-agent'
+      },
+      foo: 'bar'
+    })
+
+    expect(retryOptions.enabled).toBe(true)
+    expect(retryOptions.doNotRetry).toBeUndefined()
+
+    expect(requestOptions?.retries).toEqual(1)
+    expect(requestOptions?.agent).toEqual('default-user-agent')
+    expect(requestOptions?.foo).toBeUndefined() // this should not be in the `options.request` object, but at the same level as `request`
+  })
+})

action.yml

@@ -13,19 +13,28 @@ inputs:
     default: ${{ github.token }}
     required: false
   debug:
-    description: Whether to tell the GitHub client to log details of its requests
-    default: false
+    description: Whether to tell the GitHub client to log details of its requests. true or false. Default is to run in debug mode when the GitHub Actions step debug logging is turned on.
+    default: ${{ runner.debug == '1' }}
   user-agent:
     description: An optional user-agent string
     default: actions/github-script
   previews:
-    description: A comma-separated list of API previews to accept
+    description: A comma-separated list of GraphQL API previews to accept
   result-encoding:
-    description: Either "string" or "json" (default "json")—how the result will be encoded 
+    description: Either "string" or "json" (default "json")—how the result will be encoded
     default: json
+  retries:
+    description: The number of times to retry a request
+    default: "0"
+  retry-exempt-status-codes:
+    description: A comma separated list of status codes that will NOT be retried e.g. "400,500". No effect unless `retries` is set
+    default: 400,401,403,404,422 # from https://github.com/octokit/plugin-retry.js/blob/9a2443746c350b3beedec35cf26e197ea318a261/src/index.ts#L14
+  base-url:
+    description: An optional GitHub REST API URL to connect to a different GitHub instance. For example, https://my.github-enterprise-server.com/api/v3
+    required: false
 outputs:
   result:
     description: The return value of the script, stringified with `JSON.stringify`
 runs:
-  using: node12
+  using: node20
   main: dist/index.js

docs/development.md

@@ -25,4 +25,4 @@ Releases are done manually, for now:
 1. Ensure that the build is up to date with `npm run build`. It's also good to ensure you have the correct dependencies installed by running `npm install` before you build.
 1. Bump the [package.json](/package.json#L3) and [package-lock.json](/package-lock.json#L3) version numbers and commit them. I like to do this with `npm version {major,minor,patch} --no-git-tag-version`. This will bump the version numbers but let you manually commit and tag, yourself.
 1. Update documentation (including updated version numbers).
-1. Tag main with the new version number and create a GitHub release. Make sure you also force-create and force-push tags for minor and patch updates. For example, when creating v5.1.0 (a minor bump), you want to create (or update) `v5`, `v5.1`, and `v5.1.0`.
+1. Tag main with the new version number and create a GitHub release. Make sure you also force-create and force-push tags for minor and patch updates. For example, when creating v5.2.0 (a minor bump), you want to create (or update) `v5`, `v5.2`, and `v5.2.0`.

package.json

@@ -1,60 +1,67 @@
 {
-  "name": "github-script",
+  "name": "@actions/github-script",
   "description": "A GitHub action for executing a simple script",
-  "version": "4.0.2",
+  "version": "7.0.1",
   "author": "GitHub",
   "license": "MIT",
   "main": "dist/index.js",
+  "types": "types/async-function.d.ts",
   "private": true,
+  "engines": {
+    "node": ">=20.0.0 <21.0.0"
+  },
   "scripts": {
-    "build": "ncc build src/main.ts",
+    "build": "npm run build:types && ncc build src/main.ts",
+    "build:types": "tsc src/async-function.ts -t es5 --declaration --allowJs --emitDeclarationOnly --outDir types",
     "format:check": "prettier --check src __test__",
     "format:write": "prettier --write src __test__",
     "lint": "eslint src __test__",
     "style:check": "run-p --continue-on-error --aggregate-output format:check lint",
     "style:write": "run-p --continue-on-error --aggregate-output format:write lint",
     "pre-commit": "run-s style:write test build",
-    "test": "jest"
-  },
-  "husky": {
-    "hooks": {
-      "pre-commit": "npm run pre-commit && git add dist/"
-    }
+    "test": "jest",
+    "prepare": "husky"
   },
   "jest": {
     "preset": "ts-jest",
     "testEnvironment": "node",
-    "globals": {
-      "ts-jest": {
-        "diagnostics": {
-          "ignoreCodes": [
-            "151001"
-          ]
+    "transform": {
+      "^.+\\.ts$": [
+        "ts-jest",
+        {
+          "diagnostics": {
+            "ignoreCodes": [
+              "151001"
+            ]
+          }
         }
-      }
+      ]
     }
   },
   "dependencies": {
-    "@actions/core": "^1.2.7",
-    "@actions/github": "^4.0.0",
-    "@actions/glob": "^0.1.1",
-    "@actions/io": "^1.0.2",
-    "@octokit/core": "^3.2.1",
-    "@octokit/plugin-paginate-rest": "^2.6.0",
-    "@octokit/plugin-rest-endpoint-methods": "4.2.1"
+    "@actions/core": "^1.10.1",
+    "@actions/exec": "^1.1.1",
+    "@actions/github": "^6.0.0",
+    "@actions/glob": "^0.4.0",
+    "@actions/io": "^1.1.3",
+    "@octokit/core": "^5.0.1",
+    "@octokit/plugin-request-log": "^4.0.0",
+    "@octokit/plugin-retry": "^6.0.1",
+    "@types/node": "^20.9.0"
   },
   "devDependencies": {
-    "@types/jest": "^26.0.10",
-    "@typescript-eslint/eslint-plugin": "^3.9.1",
-    "@typescript-eslint/parser": "^3.9.1",
-    "@vercel/ncc": "^0.23.0",
-    "eslint": "^7.7.0",
-    "eslint-config-prettier": "^6.11.0",
-    "husky": "^4.2.5",
-    "jest": "^26.4.1",
+    "@types/jest": "^29.5.5",
+    "@typescript-eslint/eslint-plugin": "^6.7.5",
+    "@typescript-eslint/parser": "^6.7.5",
+    "@vercel/ncc": "^0.38.0",
+    "eslint": "^8.51.0",
+    "eslint-config-prettier": "^9.0.0",
+    "eslint-plugin-prettier": "^5.0.1",
+    "husky": "^9.1.1",
+    "jest": "^29.7.0",
     "npm-run-all": "^4.1.5",
-    "prettier": "^2.0.5",
-    "ts-jest": "^26.2.0",
-    "typescript": "^4.0.2"
+    "prettier": "^3.0.3",
+    "ts-jest": "^29.1.1",
+    "typescript": "^5.2.2"
   }
-}
+}

src/async-function.ts

@@ -1,4 +1,5 @@
 import * as core from '@actions/core'
+import * as exec from '@actions/exec'
 import {Context} from '@actions/github/lib/context'
 import {GitHub} from '@actions/github/lib/utils'
 import * as glob from '@actions/glob'
@@ -6,10 +7,12 @@ import * as io from '@actions/io'
 
 const AsyncFunction = Object.getPrototypeOf(async () => null).constructor
 
-type AsyncFunctionArguments = {
+export declare type AsyncFunctionArguments = {
   context: Context
   core: typeof core
   github: InstanceType<typeof GitHub>
+  octokit: InstanceType<typeof GitHub>
+  exec: typeof exec
   glob: typeof glob
   io: typeof io
   require: NodeRequire

src/main.ts

@@ -1,8 +1,14 @@
 import * as core from '@actions/core'
+import * as exec from '@actions/exec'
 import {context, getOctokit} from '@actions/github'
+import {defaults as defaultGitHubOptions} from '@actions/github/lib/utils'
 import * as glob from '@actions/glob'
 import * as io from '@actions/io'
+import {requestLog} from '@octokit/plugin-request-log'
+import {retry} from '@octokit/plugin-retry'
+import {RequestRequestOptions} from '@octokit/types'
 import {callAsyncFunction} from './async-function'
+import {RetryOptions, getRetryOptions, parseNumberArray} from './retry-options'
 import {wrapRequire} from './wrap-require'
 
 process.on('unhandledRejection', handleError)
@@ -11,21 +17,43 @@ main().catch(handleError)
 type Options = {
   log?: Console
   userAgent?: string
+  baseUrl?: string
   previews?: string[]
+  retry?: RetryOptions
+  request?: RequestRequestOptions
 }
 
 async function main(): Promise<void> {
   const token = core.getInput('github-token', {required: true})
-  const debug = core.getInput('debug')
+  const debug = core.getBooleanInput('debug')
   const userAgent = core.getInput('user-agent')
   const previews = core.getInput('previews')
+  const baseUrl = core.getInput('base-url')
+  const retries = parseInt(core.getInput('retries'))
+  const exemptStatusCodes = parseNumberArray(
+    core.getInput('retry-exempt-status-codes')
+  )
+  const [retryOpts, requestOpts] = getRetryOptions(
+    retries,
+    exemptStatusCodes,
+    defaultGitHubOptions
+  )
 
-  const opts: Options = {}
-  if (debug === 'true') opts.log = console
-  if (userAgent != null) opts.userAgent = userAgent
-  if (previews != null) opts.previews = previews.split(',')
+  const opts: Options = {
+    log: debug ? console : undefined,
+    userAgent: userAgent || undefined,
+    previews: previews ? previews.split(',') : undefined,
+    retry: retryOpts,
+    request: requestOpts
+  }
 
-  const github = getOctokit(token, opts)
+  // Setting `baseUrl` to undefined will prevent the default value from being used
+  // https://github.com/actions/github-script/issues/436
+  if (baseUrl) {
+    opts.baseUrl = baseUrl
+  }
+
+  const github = getOctokit(token, opts, retry, requestLog)
   const script = core.getInput('script', {required: true})
 
   // Using property/value shorthand on `require` (e.g. `{require}`) causes compilation errors.
@@ -34,8 +62,10 @@ async function main(): Promise<void> {
       require: wrapRequire,
       __original_require__: __non_webpack_require__,
       github,
+      octokit: github,
       context,
       core,
+      exec,
       glob,
       io
     },

src/retry-options.ts

@@ -0,0 +1,53 @@
+import * as core from '@actions/core'
+import {OctokitOptions} from '@octokit/core/dist-types/types'
+import {RequestRequestOptions} from '@octokit/types'
+
+export type RetryOptions = {
+  doNotRetry?: number[]
+  enabled?: boolean
+}
+
+export function getRetryOptions(
+  retries: number,
+  exemptStatusCodes: number[],
+  defaultOptions: OctokitOptions
+): [RetryOptions, RequestRequestOptions | undefined] {
+  if (retries <= 0) {
+    return [{enabled: false}, defaultOptions.request]
+  }
+
+  const retryOptions: RetryOptions = {
+    enabled: true
+  }
+
+  if (exemptStatusCodes.length > 0) {
+    retryOptions.doNotRetry = exemptStatusCodes
+  }
+
+  // The GitHub type has some defaults for `options.request`
+  // see: https://github.com/actions/toolkit/blob/4fbc5c941a57249b19562015edbd72add14be93d/packages/github/src/utils.ts#L15
+  // We pass these in here so they are not overidden.
+  const requestOptions: RequestRequestOptions = {
+    ...defaultOptions.request,
+    retries
+  }
+
+  core.debug(
+    `GitHub client configured with: (retries: ${
+      requestOptions.retries
+    }, retry-exempt-status-code: ${
+      retryOptions.doNotRetry ?? 'octokit default: [400, 401, 403, 404, 422]'
+    })`
+  )
+
+  return [retryOptions, requestOptions]
+}
+
+export function parseNumberArray(listString: string): number[] {
+  if (!listString) {
+    return []
+  }
+
+  const split = listString.trim().split(',')
+  return split.map(x => parseInt(x))
+}

tsconfig.eslint.json

@@ -0,0 +1,4 @@
+{
+  "extends": "./tsconfig.json",
+  "exclude": []
+}

types/async-function.d.ts

@@ -0,0 +1,19 @@
+/// <reference types="node" />
+import * as core from '@actions/core';
+import * as exec from '@actions/exec';
+import { Context } from '@actions/github/lib/context';
+import { GitHub } from '@actions/github/lib/utils';
+import * as glob from '@actions/glob';
+import * as io from '@actions/io';
+export declare type AsyncFunctionArguments = {
+    context: Context;
+    core: typeof core;
+    github: InstanceType<typeof GitHub>;
+    octokit: InstanceType<typeof GitHub>;
+    exec: typeof exec;
+    glob: typeof glob;
+    io: typeof io;
+    require: NodeRequire;
+    __original_require__: NodeRequire;
+};
+export declare function callAsyncFunction<T>(args: AsyncFunctionArguments, source: string): Promise<T>;