Bump husky from 9.1.1 to 9.1.7

Bumps [husky](https://github.com/typicode/husky) from 9.1.1 to 9.1.7.
- [Release notes](https://github.com/typicode/husky/releases)
- [Commits](https://github.com/typicode/husky/compare/v9.1.1...v9.1.7)

---
updated-dependencies:
- dependency-name: husky
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/actions/install-dependencies/action.yml

@@ -3,7 +3,7 @@ description: 'Set up node and install dependencies'
 runs:
   using: 'composite'
   steps:
-    - uses: actions/setup-node@v4
+    - uses: actions/setup-node@v3
       with:
         node-version: '20.x'
         cache: npm

.github/dependabot.yml

@@ -5,11 +5,6 @@ updates:
     schedule:
       interval: 'weekly'
 
-  - package-ecosystem: 'github-actions'
-    directory: '/.github/actions/install-dependencies'
-    schedule:
-      interval: 'weekly'
-
   - package-ecosystem: 'npm'
     directory: '/'
     schedule:

.github/workflows/check-dist.yml

@@ -13,15 +13,12 @@ on:
   pull_request:
   workflow_dispatch:
 
-permissions:
-  contents: read
-
 jobs:
   check-dist:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - uses: ./.github/actions/install-dependencies
 

.github/workflows/ci.yml

@@ -6,14 +6,11 @@ on:
   pull_request:
     branches: [main]
 
-permissions:
-  contents: read
-
 jobs:
   ci:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: ./.github/actions/install-dependencies
       - run: npm run style:check
       - run: npm test

.github/workflows/codeql-analysis.yml

@@ -38,11 +38,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v3
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -56,7 +56,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
+      uses: github/codeql-action/autobuild@v2
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -69,4 +69,4 @@ jobs:
     #   ./location_of_script_within_repo/buildscript.sh
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v2

.github/workflows/integration.yml

@@ -6,15 +6,12 @@ on:
   pull_request:
     branches: [main]
 
-permissions:
-  contents: read
-
 jobs:
   test-return:
     name: 'Integration test: return'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - id: output-set
         uses: ./
         with:
@@ -34,7 +31,7 @@ jobs:
     name: 'Integration test: relative-path require'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - id: relative-require
         uses: ./
         with:
@@ -52,7 +49,7 @@ jobs:
     name: 'Integration test: npm package require'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: ./.github/actions/install-dependencies
       - id: npm-require
         uses: ./
@@ -72,7 +69,7 @@ jobs:
     name: 'Integration test: GraphQL previews option'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: ./.github/actions/install-dependencies
       - id: previews-default
         name: Default previews not set
@@ -125,7 +122,7 @@ jobs:
     name: 'Integration test: user-agent option'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: ./.github/actions/install-dependencies
       - id: user-agent-default
         name: Default user-agent not set
@@ -182,7 +179,7 @@ jobs:
     name: "Integration test: debug option (runner.debug mode ${{ matrix.environment && 'enabled' || 'disabled' }})"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: ./.github/actions/install-dependencies
       - id: debug-default
         name: Default debug not set
@@ -256,7 +253,7 @@ jobs:
     name: 'Integration test: base-url option'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: ./.github/actions/install-dependencies
 
       - id: base-url-default

.github/workflows/licensed.yml

@@ -8,23 +8,17 @@ on:
     branches:
       - main
 
-permissions:
-  contents: read
-
 jobs:
   test:
     runs-on: ubuntu-latest
     name: Check licenses
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0 # prefer to use a full fetch for licensed workflows
-      - uses: ruby/setup-ruby@354a1ad156761f5ee2b7b13fa8e09943a5e8d252 # v1.229.0
+      # https://github.com/jonabc/setup-licensed/releases/tag/v1.1.1
+      - uses: jonabc/setup-licensed@82c5f4d19e8968efa74a25b132922382c2671fe2
         with:
-          ruby-version: ruby
-      - uses: github/setup-licensed@v1
-        with:
-          version: '4.x'
-          github_token: ${{ secrets.GITHUB_TOKEN }}
+          version: '3.x'
       - uses: ./.github/actions/install-dependencies
       - run: licensed status

.github/workflows/publish-immutable-actions.yml

@@ -17,4 +17,4 @@ jobs:
         uses: actions/checkout@v4
       - name: Publish
         id: publish
-        uses: actions/publish-immutable-action@0.0.4
+        uses: actions/publish-immutable-action@0.0.3

.github/workflows/pull-request-test.yml

@@ -5,15 +5,11 @@ on:
     branches: [main]
     types: [opened, synchronize]
 
-permissions:
-  contents: read
-  pull-requests: write
-
 jobs:
   pull-request-test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: ./
         with:
           script: |
@@ -24,9 +20,9 @@ jobs:
               issue_number: context.payload.number,
             })
 
-            // Find any comment already made by the bot.
-            const botComment = comments.find(comment => comment.user.id === 41898282)
-            const commentBody = "Hello from actions/github-script! (${{ github.sha }})"
+            // Find any comment already made by the bot.                                                                                                    
+            const botComment = comments.find(comment => comment.user.id === 41898282)                                                                       
+            const commentBody = "Hello from actions/github-script! (${{ github.sha }})"                  
 
             if (context.payload.pull_request.head.repo.full_name !== 'actions/github-script') {
               console.log('Not attempting to write comment on PR from fork');

.github/workflows/stale.yml

@@ -0,0 +1,31 @@
+name: Stale Issues & PRs
+
+on:
+  schedule:
+    - cron: '0 0 * * *'
+  workflow_dispatch:
+
+jobs:
+  mark_stale:
+    name: Mark issues and PRs as stale
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v3
+        with:
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+          exempt-issue-labels: Not Stale
+          exempt-pr-labels: Not Stale
+          stale-issue-message: >
+            This issue is stale because it has been open for 60 days with no
+            activity. Remove the "Stale" label or comment on the issue, or it
+            will be closed in 7 days.
+          stale-pr-message: >
+            This pull request is stale because it has been open for 60 days
+            with no activity. Remove the "Stale" label or comment on the pull
+            request, or it will be closed in 7 days.
+          close-issue-message: >
+            This issue has been marked as stale and closed due to no activity
+            on it.
+          close-pr-message: >
+            This pull request has been marked as stale and closed due to no
+            activity on it.

.gitignore

@@ -1 +1,2 @@
-/node_modules/
+/node_modules/
+!/.vscode/

.vscode/settings.json

@@ -0,0 +1,10 @@
+{
+  "editor.formatOnSave": true,
+  "editor.codeActionsOnSave": {
+    "source.organizeImports": true
+  },
+  "files.exclude": {
+    "**/dist": true,
+    "**/node_modules": true
+  }
+}

README.md

@@ -7,26 +7,6 @@
 This action makes it easy to quickly write a script in your workflow that
 uses the GitHub API and the workflow run context.
 
-### Note
-
-Thank you for your interest in this GitHub action, however, right now we are not taking contributions. 
-
-We continue to focus our resources on strategic areas that help our customers be successful while making developers' lives easier. While GitHub Actions remains a key part of this vision, we are allocating resources towards other areas of Actions and are not taking contributions to this repository at this time. The GitHub public roadmap is the best place to follow along for any updates on features we’re working on and what stage they’re in.
-
-We are taking the following steps to better direct requests related to GitHub Actions, including:
-
-1. We will be directing questions and support requests to our [Community Discussions area](https://github.com/orgs/community/discussions/categories/actions)
-
-2. High Priority bugs can be reported through Community Discussions or you can report these to our support team https://support.github.com/contact/bug-report.
-
-3. Security Issues should be handled as per our [security.md](security.md)
-
-We will still provide security updates for this project and fix major breaking changes during this time.
-
-You are welcome to still raise bugs in this repo.
-
-### This action 
-
 To use this action, provide an input named `script` that contains the body of an asynchronous JavaScript function call.
 The following arguments will be provided:
 
@@ -79,31 +59,6 @@ For example, `github.issues.createComment` in V4 becomes `github.rest.issues.cre
 
 See [development.md](/docs/development.md).
 
-## Passing inputs to the script
-
-Actions expressions are evaluated before the `script` is passed to the action, so the result of any expressions
-*will be evaluated as JavaScript code*.
-
-It's highly recommended to *not* evaluate expressions directly in the `script` to avoid
-[script injections](https://docs.github.com/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections)
-and potential `SyntaxError`s when the expression is not valid JavaScript code (particularly when it comes to improperly escaped strings).
-
-To pass inputs, set `env` vars on the action step and reference them in your script with `process.env`:
-
-```yaml
-- uses: actions/github-script@v7
-  env:
-    TITLE: ${{ github.event.pull_request.title }}
-  with:
-    script: |
-      const title = process.env.TITLE;
-      if (title.startsWith('octocat')) {
-        console.log("PR title starts with 'octocat'");
-      } else {
-        console.error("PR title did not start with 'octocat'");
-      }
-```
-
 ## Reading step results
 
 The return value of the script will be in the step's outputs under the
@@ -350,7 +305,7 @@ jobs:
   echo-input:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: actions/github-script@v7
         with:
           script: |
@@ -388,7 +343,7 @@ jobs:
   echo-input:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: actions/github-script@v7
         env:
           SHA: '${{env.parentSHA}}'
@@ -426,8 +381,8 @@ jobs:
   echo-input:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
         with:
           node-version: '20.x'
       - run: npm ci
@@ -462,7 +417,7 @@ jobs:
   print-stuff:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: actions/github-script@v7
         with:
           script: |
@@ -489,6 +444,27 @@ export default async ({ core, context }) => {
 };
 ```
 
+### Use env as input
+
+You can set env vars to use them in your script:
+
+```yaml
+on: push
+
+jobs:
+  echo-input:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/github-script@v7
+        env:
+          FIRST_NAME: Mona
+          LAST_NAME: Octocat
+        with:
+          script: |
+            const { FIRST_NAME, LAST_NAME } = process.env
+
+            console.log(`Hello ${FIRST_NAME} ${LAST_NAME}`)
+```
 
 ### Using a separate GitHub token
 
@@ -518,45 +494,3 @@ jobs:
               labels: ['Triage']
             })
 ```
-
-### Using exec package
-
-The provided [@actions/exec](https://github.com/actions/toolkit/tree/main/packages/exec) package allows to execute command or tools in a cross platform way:
-
-```yaml
-on: push
-
-jobs:
-  use-exec:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/github-script@v7
-        with:
-          script: |
-            const exitCode = await exec.exec('echo', ['hello'])
-
-            console.log(exitCode)
-```
-
-`exec` packages provides `getExecOutput` function to retrieve stdout and stderr from executed command:
-
-```yaml
-on: push
-
-jobs:
-  use-get-exec-output:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/github-script@v7
-        with:
-          script: |
-            const {
-              exitCode,
-              stdout,
-              stderr
-            } = await exec.getExecOutput('echo', ['hello']);
-
-            console.log(exitCode, stdout, stderr)
-```      

dist/index.js

@@ -36286,7 +36286,6 @@ async function main() {
         require: wrapRequire,
         __original_require__: require,
         github,
-        octokit: github,
         context: lib_github.context,
         core: core,
         exec: exec,

package-lock.json

@@ -27,7 +27,7 @@
         "eslint": "^8.51.0",
         "eslint-config-prettier": "^9.0.0",
         "eslint-plugin-prettier": "^5.0.1",
-        "husky": "^9.1.1",
+        "husky": "^9.1.7",
         "jest": "^29.7.0",
         "npm-run-all": "^4.1.5",
         "prettier": "^3.0.3",
@@ -4045,10 +4045,11 @@
       }
     },
     "node_modules/husky": {
-      "version": "9.1.1",
-      "resolved": "https://registry.npmjs.org/husky/-/husky-9.1.1.tgz",
-      "integrity": "sha512-fCqlqLXcBnXa/TJXmT93/A36tJsjdJkibQ1MuIiFyCCYUlpYpIaj2mv1w+3KR6Rzu1IC3slFTje5f6DUp2A2rg==",
+      "version": "9.1.7",
+      "resolved": "https://registry.npmjs.org/husky/-/husky-9.1.7.tgz",
+      "integrity": "sha512-5gs5ytaNjBrh5Ow3zrvdUUY+0VxIuWVL4i9irt6friV+BqdCfmV11CQTWMiBYWHbXhco+J1kHfTOUkePhCDvMA==",
       "dev": true,
+      "license": "MIT",
       "bin": {
         "husky": "bin.js"
       },
@@ -10325,9 +10326,9 @@
       "dev": true
     },
     "husky": {
-      "version": "9.1.1",
-      "resolved": "https://registry.npmjs.org/husky/-/husky-9.1.1.tgz",
-      "integrity": "sha512-fCqlqLXcBnXa/TJXmT93/A36tJsjdJkibQ1MuIiFyCCYUlpYpIaj2mv1w+3KR6Rzu1IC3slFTje5f6DUp2A2rg==",
+      "version": "9.1.7",
+      "resolved": "https://registry.npmjs.org/husky/-/husky-9.1.7.tgz",
+      "integrity": "sha512-5gs5ytaNjBrh5Ow3zrvdUUY+0VxIuWVL4i9irt6friV+BqdCfmV11CQTWMiBYWHbXhco+J1kHfTOUkePhCDvMA==",
       "dev": true
     },
     "ignore": {

package.json

@@ -57,7 +57,7 @@
     "eslint": "^8.51.0",
     "eslint-config-prettier": "^9.0.0",
     "eslint-plugin-prettier": "^5.0.1",
-    "husky": "^9.1.1",
+    "husky": "^9.1.7",
     "jest": "^29.7.0",
     "npm-run-all": "^4.1.5",
     "prettier": "^3.0.3",

src/async-function.ts

@@ -11,7 +11,6 @@ export declare type AsyncFunctionArguments = {
   context: Context
   core: typeof core
   github: InstanceType<typeof GitHub>
-  octokit: InstanceType<typeof GitHub>
   exec: typeof exec
   glob: typeof glob
   io: typeof io

src/main.ts

@@ -62,7 +62,6 @@ async function main(): Promise<void> {
       require: wrapRequire,
       __original_require__: __non_webpack_require__,
       github,
-      octokit: github,
       context,
       core,
       exec,

types/async-function.d.ts

@@ -9,7 +9,6 @@ export declare type AsyncFunctionArguments = {
     context: Context;
     core: typeof core;
     github: InstanceType<typeof GitHub>;
-    octokit: InstanceType<typeof GitHub>;
     exec: typeof exec;
     glob: typeof glob;
     io: typeof io;