Update dist/index.js and CHANGELOG for v2.11.1

Merge pull request #168 from dorny/job-permissions
Document need for pull-requests: read permission
2025-12-23 05:48:41 +00:00 · 2022-10-12 22:34:54 +02:00 · 2022-10-12 22:15:23 +02:00 · 2022-10-12 22:14:42 +02:00 · 2022-10-12 22:13:26 +02:00 · 2022-10-12 22:11:12 +02:00
7 changed files with 1913 additions and 110 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -9,7 +9,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - run: |
        npm install
        npm run all
@@ -17,7 +17,7 @@ jobs:
  self-test:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - uses: ./
      id: filter
      with:
--- a/.github/workflows/pull-request-verification.yml
+++ b/.github/workflows/pull-request-verification.yml
@@ -10,15 +10,17 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - run: |
        npm install
        npm run all

  test-inline:
    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: read
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - uses: ./
      id: filter
      with:
@@ -36,8 +38,10 @@ jobs:

  test-external:
    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: read
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - uses: ./
      id: filter
      with:
@@ -49,7 +53,7 @@ jobs:
  test-without-token:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - uses: ./
      id: filter
      with:
@@ -62,7 +66,7 @@ jobs:
  test-wd-without-token:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
      with:
        path: somewhere
    - uses: ./somewhere
@@ -78,7 +82,7 @@ jobs:
  test-local-changes:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - run: echo "NEW FILE" > local
    - run: git add local
    - uses: ./
@@ -98,7 +102,7 @@ jobs:
  test-change-type:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - name: configure GIT user
      run: git config user.email "john@nowhere.local" && git config user.name "John Doe"
    - name: modify working tree
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog

+## v2.11.1
+- [Update @actions/core to v1.10.0 - Fixes warning about deprecated set-output](https://github.com/dorny/paths-filter/pull/167)
+- [Document need for pull-requests: read permission](https://github.com/dorny/paths-filter/pull/168)
+- [Updating to actions/checkout@v3](https://github.com/dorny/paths-filter/pull/164)
+
 ## v2.11.0
 - [Set list-files input parameter as not required](https://github.com/dorny/paths-filter/pull/157)
 - [Update Node.js](https://github.com/dorny/paths-filter/pull/161)
--- a/README.md
+++ b/README.md
@@ -19,6 +19,7 @@ don't allow this because they don't work on a level of individual jobs or steps.
    or **[pull_request_target](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target)** event
  - Changes are detected against the pull request base branch
  - Uses GitHub REST API to fetch a list of modified files
+  - Requires [pull-requests: read](https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs) permission
 - **Feature branches:**
  - Workflow triggered by **[push](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#push)**
  or any other **[event](https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows)**
@@ -173,7 +174,7 @@ jobs:
  tests:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - uses: dorny/paths-filter@v2
      id: filter
      with:
@@ -209,6 +210,9 @@ jobs:
  # JOB to run change detection
  changes:
    runs-on: ubuntu-latest
+    # Required permissions
+    permissions:
+      pull-requests: read
    # Set job outputs to values from filter step
    outputs:
      backend: ${{ steps.filter.outputs.backend }}
@@ -230,7 +234,7 @@ jobs:
    if: ${{ needs.changes.outputs.backend == 'true' }}
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
      - ...

  # JOB to build and test frontend code
@@ -239,7 +243,7 @@ jobs:
    if: ${{ needs.changes.outputs.frontend == 'true' }}
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
      - ...
 ```

@@ -253,6 +257,9 @@ jobs:
  # JOB to run change detection
  changes:
    runs-on: ubuntu-latest
+    # Required permissions
+    permissions:
+      pull-requests: read
    outputs:
      # Expose matched filters as job 'packages' output variable
      packages: ${{ steps.filter.outputs.changes }}
@@ -275,7 +282,7 @@ jobs:
        package: ${{ fromJSON(needs.changes.outputs.packages) }}
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
      - ...
 ```

@@ -295,8 +302,11 @@ on:
 jobs:
  build:
    runs-on: ubuntu-latest
+    # Required permissions
+    permissions:
+      pull-requests: read
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - uses: dorny/paths-filter@v2
      id: filter
      with:
@@ -317,7 +327,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
      with:
        # This may save additional git fetch roundtrip if
        # merge-base is found within latest 20 commits
@@ -345,7 +355,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
    - uses: dorny/paths-filter@v2
      id: filter
      with:
@@ -373,7 +383,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3

      # Some action that modifies files tracked by git (e.g. code linter)
    - uses: johndoe/some-action@v1
--- a/dist/index.js
+++ b/dist/index.js
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,7 +9,7 @@
      "version": "1.0.0",
      "license": "MIT",
      "dependencies": {
-        "@actions/core": "^1.2.4",
+        "@actions/core": "^1.10.0",
        "@actions/exec": "^1.1.1",
        "@actions/github": "^2.2.0",
        "@octokit/webhooks": "^7.6.2",
@@ -36,11 +36,20 @@
      }
    },
    "node_modules/@actions/core": {
-      "version": "1.6.0",
-      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.6.0.tgz",
-      "integrity": "sha512-NB1UAZomZlCV/LmJqkLhNTqtKfFXJZAUPcfl/zqG7EfsQdeUJtaWO98SGbuQ3pydJ3fHl2CvI/51OKYlCYYcaw==",
+      "version": "1.10.0",
+      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz",
+      "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==",
      "dependencies": {
-        "@actions/http-client": "^1.0.11"
+        "@actions/http-client": "^2.0.1",
+        "uuid": "^8.3.2"
+      }
+    },
+    "node_modules/@actions/core/node_modules/@actions/http-client": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.0.1.tgz",
+      "integrity": "sha512-PIXiMVtz6VvyaRsGY268qvj57hXQEpsYogYOu2nrQhlf+XCGmZstmuZBbAybUl1nQGnvS1k1eEsQ69ZoD7xlSw==",
+      "dependencies": {
+        "tunnel": "^0.0.6"
      }
    },
    "node_modules/@actions/exec": {
@@ -8079,6 +8088,14 @@
        "punycode": "^2.1.0"
      }
    },
+    "node_modules/uuid": {
+      "version": "8.3.2",
+      "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
+      "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==",
+      "bin": {
+        "uuid": "dist/bin/uuid"
+      }
+    },
    "node_modules/v8-compile-cache": {
      "version": "2.1.1",
      "resolved": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.1.1.tgz",
@@ -8429,11 +8446,22 @@
  },
  "dependencies": {
    "@actions/core": {
-      "version": "1.6.0",
-      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.6.0.tgz",
-      "integrity": "sha512-NB1UAZomZlCV/LmJqkLhNTqtKfFXJZAUPcfl/zqG7EfsQdeUJtaWO98SGbuQ3pydJ3fHl2CvI/51OKYlCYYcaw==",
+      "version": "1.10.0",
+      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.0.tgz",
+      "integrity": "sha512-2aZDDa3zrrZbP5ZYg159sNoLRb61nQ7awl5pSvIq5Qpj81vwDzdMRKzkWJGJuwVvWpvZKx7vspJALyvaaIQyug==",
      "requires": {
-        "@actions/http-client": "^1.0.11"
+        "@actions/http-client": "^2.0.1",
+        "uuid": "^8.3.2"
+      },
+      "dependencies": {
+        "@actions/http-client": {
+          "version": "2.0.1",
+          "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.0.1.tgz",
+          "integrity": "sha512-PIXiMVtz6VvyaRsGY268qvj57hXQEpsYogYOu2nrQhlf+XCGmZstmuZBbAybUl1nQGnvS1k1eEsQ69ZoD7xlSw==",
+          "requires": {
+            "tunnel": "^0.0.6"
+          }
+        }
      }
    },
    "@actions/exec": {
@@ -14488,6 +14516,11 @@
        "punycode": "^2.1.0"
      }
    },
+    "uuid": {
+      "version": "8.3.2",
+      "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
+      "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg=="
+    },
    "v8-compile-cache": {
      "version": "2.1.1",
      "resolved": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.1.1.tgz",
--- a/package.json
+++ b/package.json
@@ -25,7 +25,7 @@
  "author": "YourNameOrOrganization",
  "license": "MIT",
  "dependencies": {
-    "@actions/core": "^1.2.4",
+    "@actions/core": "^1.10.0",
    "@actions/exec": "^1.1.1",
    "@actions/github": "^2.2.0",
    "@octokit/webhooks": "^7.6.2",
Author	SHA1	Message	Date
Michal Dorner	4512585405	Update dist/index.js and CHANGELOG for v2.11.1	2022-10-12 22:34:54 +02:00
Michal Dorner	5f5fe18015	Merge pull request #168 from dorny/job-permissions Document need for pull-requests: read permission	2022-10-12 22:15:23 +02:00
Michal Dorner	e12ca0e584	Revert "Modify ts file to trigger CI" This reverts commit `ffe0943825`.	2022-10-12 22:14:42 +02:00
Michal Dorner	ffe0943825	Modify ts file to trigger CI	2022-10-12 22:13:26 +02:00
Michal Dorner	c763b521be	Document need for pull-requests: read permission	2022-10-12 22:11:12 +02:00
Michal Dorner	9e7258bb2a	Specify job permissions in the pull request workflow	2022-10-12 22:02:50 +02:00
Michal Dorner	baa26e3237	Merge pull request #167 from dorny/update-actions-core-package Update @actions/core to v1.10.0	2022-10-12 21:17:38 +02:00
Michal Dorner	513ea69ce3	Update @actions/core to v1.10.0 See https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/	2022-10-12 21:15:02 +02:00
Michal Dorner	027a82c128	Merge pull request #164 from IdanYaffe/idanyaffe-master updating to actions/checkout@v3 in order to avoid the set-output depr…	2022-10-12 13:54:41 +02:00
Idan Yaffe	e0f036e43d	updating to actions/checkout@v3 in order to avoid the set-output deprecation warning	2022-10-12 12:21:43 +02:00