chore: rebuild dist

* Detect commit hashes from merge_group event

* Apply suggestion from @masaru-iritani

Co-authored-by: Masaru Iritani <25241373+masaru-iritani@users.noreply.github.com>

* refactor: update PullRequest type usage in getChangedFilesFromApi and related functions

* Run `npm run pack`

---------

Co-authored-by: Sascha Bratton <sascha@brattonbratton.com>

.github/workflows/build.yml

@@ -10,10 +10,10 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-node@v6
       with:
-        node-version: 20
+        node-version: 24
         cache: 'npm'
     - run: |
         npm install
@@ -22,7 +22,7 @@ jobs:
   self-test:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: ./
       id: filter
       with:

.github/workflows/pull-request-verification.yml

@@ -10,21 +10,28 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-node@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-node@v6
       with:
-        node-version: 20
+        node-version: 24
         cache: 'npm'
     - run: |
         npm install
         npm run all
+    - name: Check dist is up to date
+      run: |
+        if [ -n "$(git diff --name-only dist/)" ]; then
+          echo "::error::dist/index.js is out of date. Run 'npm run all' and commit the result."
+          git diff --stat dist/
+          exit 1
+        fi
 
   test-inline:
     runs-on: ubuntu-latest
     permissions:
       pull-requests: read
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: ./
       id: filter
       with:
@@ -45,7 +52,7 @@ jobs:
     permissions:
       pull-requests: read
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: ./
       id: filter
       with:
@@ -57,7 +64,7 @@ jobs:
   test-without-token:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - uses: ./
       id: filter
       with:
@@ -70,7 +77,7 @@ jobs:
   test-wd-without-token:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
       with:
         path: somewhere
     - uses: ./somewhere
@@ -86,7 +93,7 @@ jobs:
   test-local-changes:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - run: echo "NEW FILE" > local
     - run: git add local
     - uses: ./
@@ -106,7 +113,7 @@ jobs:
   test-change-type:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
     - name: configure GIT user
       run: git config user.email "john@nowhere.local" && git config user.name "John Doe"
     - name: modify working tree

CHANGELOG.md

@@ -1,7 +1,19 @@
 # Changelog
 
+## v4.0.0
+- [Update action runtime to node24](https://github.com/dorny/paths-filter/pull/294)
+
+## v3.0.3
+- [Add missing predicate-quantifier](https://github.com/dorny/paths-filter/pull/279)
+
+## v3.0.2
+- [Add config parameter for predicate quantifier](https://github.com/dorny/paths-filter/pull/224)
+
+## v3.0.1
+- [Compare base and ref when token is empty](https://github.com/dorny/paths-filter/pull/133)
+
 ## v3.0.0
-- [Update to Node.js 20 ](https://github.com/dorny/paths-filter/pull/210)
+- [Update to Node.js 20](https://github.com/dorny/paths-filter/pull/210)
 - [Update all dependencies](https://github.com/dorny/paths-filter/pull/215)
 
 ## v2.11.1

README.md

@@ -27,6 +27,11 @@ don't allow this because they don't work on a level of individual jobs or steps.
   - The `base` input parameter must not be the same as the branch that triggered the workflow
   - Changes are detected against the merge-base with the configured base branch or the default branch
   - Uses git commands to detect changes - repository must be already [checked out](https://github.com/actions/checkout)
+- **[Merge queue](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue):**
+  - Workflow triggered by **[merge_group](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#merge_group)**
+  - The `base` and `ref` input parameters default to commit hashes from the event
+    unless explicitly specified.
+  - Uses git commands to detect changes - repository must be already [checked out](https://github.com/actions/checkout)
 - **Master, Release, or other long-lived branches:**
   - Workflow triggered by **[push](https://docs.github.com/en/actions/reference/events-that-trigger-workflows#push)** event
   when `base` input parameter is the same as the branch that triggered the workflow:
@@ -46,7 +51,7 @@ don't allow this because they don't work on a level of individual jobs or steps.
 ## Example
 
 ```yaml
-- uses: dorny/paths-filter@v3
+- uses: dorny/paths-filter@v4
   id: changes
   with:
     filters: |
@@ -72,6 +77,7 @@ For more scenarios see [examples](#examples) section.
 
 ## What's New
 
+- New major release `v4` after update to Node 24 [Breaking change]
 - Add `ref` input parameter
 - Add `list-files: csv` format
 - Configure matrix job to run for each folder with changes using `changes` output
@@ -83,7 +89,7 @@ For more information, see [CHANGELOG](https://github.com/dorny/paths-filter/blob
 ## Usage
 
 ```yaml
-- uses: dorny/paths-filter@v3
+- uses: dorny/paths-filter@v4
   with:
     # Defines filters applied to detected changed files.
     # Each filter has a name and a list of rules.
@@ -103,6 +109,8 @@ For more information, see [CHANGELOG](https://github.com/dorny/paths-filter/blob
     # Branch, tag, or commit SHA against which the changes will be detected.
     # If it references the same branch it was pushed to,
     # changes are detected against the most recent commit before the push.
+    # If it is empty and action is triggered by merge_group event,
+    # the base commit in the event will be used.
     # Otherwise, it uses git merge-base to find the best common ancestor between
     # current branch (HEAD) and base.
     # When merge-base is found, it's used for change detection - only changes
@@ -116,6 +124,8 @@ For more information, see [CHANGELOG](https://github.com/dorny/paths-filter/blob
     # Git reference (e.g. branch name) from which the changes will be detected.
     # Useful when workflow can be triggered only on the default branch (e.g. repository_dispatch event)
     # but you want to get changes on a different branch.
+    # If this is empty and action is triggered by merge_group event,
+    # the head commit in the event will be used.
     # This option is ignored if action is triggered by pull_request event.
     # default: ${{ github.ref }}
     ref:
@@ -152,6 +162,22 @@ For more information, see [CHANGELOG](https://github.com/dorny/paths-filter/blob
     # changes using git commands.
     # Default: ${{ github.token }}
     token: ''
+
+    # Optional parameter to override the default behavior of file matching algorithm.
+    # By default files that match at least one pattern defined by the filters will be included.
+    # This parameter allows to override the "at least one pattern" behavior to make it so that
+    # all of the patterns have to match or otherwise the file is excluded.
+    # An example scenario where this is useful if you would like to match all
+    # .ts files in a sub-directory but not .md files.
+    # The filters below will match markdown files despite the exclusion syntax UNLESS
+    # you specify 'every' as the predicate-quantifier parameter. When you do that,
+    # it will only match the .ts files in the subdirectory as expected.
+    #
+    # backend:
+    #  - 'pkg/a/b/c/**'
+    #  - '!**/*.jpeg'
+    #  - '!**/*.md'
+    predicate-quantifier: 'some'
 ```
 
 ## Outputs
@@ -175,8 +201,8 @@ jobs:
   tests:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: dorny/paths-filter@v3
+    - uses: actions/checkout@v6
+    - uses: dorny/paths-filter@v4
       id: filter
       with:
         filters: |
@@ -220,7 +246,7 @@ jobs:
       frontend: ${{ steps.filter.outputs.frontend }}
     steps:
     # For pull requests it's not necessary to checkout the code
-    - uses: dorny/paths-filter@v3
+    - uses: dorny/paths-filter@v4
       id: filter
       with:
         filters: |
@@ -235,7 +261,7 @@ jobs:
     if: ${{ needs.changes.outputs.backend == 'true' }}
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - ...
 
   # JOB to build and test frontend code
@@ -244,7 +270,7 @@ jobs:
     if: ${{ needs.changes.outputs.frontend == 'true' }}
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - ...
 ```
 
@@ -266,7 +292,7 @@ jobs:
       packages: ${{ steps.filter.outputs.changes }}
     steps:
     # For pull requests it's not necessary to checkout the code
-    - uses: dorny/paths-filter@v3
+    - uses: dorny/paths-filter@v4
       id: filter
       with:
         filters: |
@@ -283,7 +309,7 @@ jobs:
         package: ${{ fromJSON(needs.changes.outputs.packages) }}
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - ...
 ```
 
@@ -300,6 +326,12 @@ on:
     branches: # PRs to the following branches will trigger the workflow
       - master
       - develop
+  # Optionally you can use the action in the merge queue
+  # if your repository enables the feature.
+  merge_group:
+    branches:
+      - master
+      - develop
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -307,8 +339,8 @@ jobs:
     permissions:
       pull-requests: read
     steps:
-    - uses: actions/checkout@v4
-    - uses: dorny/paths-filter@v3
+    - uses: actions/checkout@v6
+    - uses: dorny/paths-filter@v4
       id: filter
       with:
         filters: ... # Configure your filters
@@ -328,12 +360,12 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
       with:
         # This may save additional git fetch roundtrip if
         # merge-base is found within latest 20 commits
         fetch-depth: 20
-    - uses: dorny/paths-filter@v3
+    - uses: dorny/paths-filter@v4
       id: filter
       with:
         base: develop # Change detection against merge-base with this branch
@@ -356,8 +388,8 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: dorny/paths-filter@v3
+    - uses: actions/checkout@v6
+    - uses: dorny/paths-filter@v4
       id: filter
       with:
         # Use context to get the branch where commits were pushed.
@@ -384,14 +416,14 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v6
 
       # Some action that modifies files tracked by git (e.g. code linter)
     - uses: johndoe/some-action@v1
 
       # Filter to detect which files were modified
       # Changes could be, for example, automatically committed
-    - uses: dorny/paths-filter@v3
+    - uses: dorny/paths-filter@v4
       id: filter
       with:
         base: HEAD
@@ -406,7 +438,7 @@ jobs:
   <summary>Define filter rules in own file</summary>
 
 ```yaml
-- uses: dorny/paths-filter@v3
+- uses: dorny/paths-filter@v4
       id: filter
       with:
         # Path to file where filters are defined
@@ -419,7 +451,7 @@ jobs:
   <summary>Use YAML anchors to reuse path expression(s) inside another rule</summary>
 
 ```yaml
-- uses: dorny/paths-filter@v3
+- uses: dorny/paths-filter@v4
       id: filter
       with:
         # &shared is YAML anchor,
@@ -440,7 +472,7 @@ jobs:
   <summary>Consider if file was added, modified or deleted</summary>
 
 ```yaml
-- uses: dorny/paths-filter@v3
+- uses: dorny/paths-filter@v4
       id: filter
       with:
         # Changed file can be 'added', 'modified', or 'deleted'.
@@ -462,13 +494,39 @@ jobs:
 
 </details>
 
+<details>
+  <summary>Detect changes in folder only for some file extensions</summary>
+
+```yaml
+- uses: dorny/paths-filter@v4
+      id: filter
+      with:
+        # This makes it so that all the patterns have to match a file for it to be
+        # considered changed. Because we have the exclusions for .jpeg and .md files
+        # the end result is that if those files are changed they will be ignored
+        # because they don't match the respective rules excluding them.
+        #
+        # This can be leveraged to ensure that you only build & test software changes
+        # that have real impact on the behavior of the code, e.g. you can set up your
+        # build to run when Typescript/Rust/etc. files are changed but markdown
+        # changes in the diff will be ignored and you consume less resources to build.
+        predicate-quantifier: 'every'
+        filters: |
+          backend:
+            - 'pkg/a/b/c/**'
+            - '!**/*.jpeg'
+            - '!**/*.md'
+```
+
+</details>
+
 ### Custom processing of changed files
 
 <details>
   <summary>Passing list of modified files as command line args in Linux shell</summary>
 
 ```yaml
-- uses: dorny/paths-filter@v3
+- uses: dorny/paths-filter@v4
   id: filter
   with:
     # Enable listing of files matching each filter.
@@ -494,7 +552,7 @@ jobs:
   <summary>Passing list of modified files as JSON array to another action</summary>
 
 ```yaml
-- uses: dorny/paths-filter@v3
+- uses: dorny/paths-filter@v4
   id: filter
   with:
     # Enable listing of files matching each filter.

__tests__/filter.test.ts

@@ -1,4 +1,4 @@
-import {Filter} from '../src/filter'
+import {Filter, FilterConfig, PredicateQuantifier} from '../src/filter'
 import {File, ChangeStatus} from '../src/file'
 
 describe('yaml filter parsing tests', () => {
@@ -117,6 +117,37 @@ describe('matching tests', () => {
     expect(pyMatch.backend).toEqual(pyFiles)
   })
 
+  test('matches only files that are matching EVERY pattern when set to PredicateQuantifier.EVERY', () => {
+    const yaml = `
+    backend:
+      - 'pkg/a/b/c/**'
+      - '!**/*.jpeg'
+      - '!**/*.md'
+    `
+    const filterConfig: FilterConfig = {predicateQuantifier: PredicateQuantifier.EVERY}
+    const filter = new Filter(yaml, filterConfig)
+
+    const typescriptFiles = modified(['pkg/a/b/c/some-class.ts', 'pkg/a/b/c/src/main/some-class.ts'])
+    const otherPkgTypescriptFiles = modified(['pkg/x/y/z/some-class.ts', 'pkg/x/y/z/src/main/some-class.ts'])
+    const otherPkgJpegFiles = modified(['pkg/x/y/z/some-pic.jpeg', 'pkg/x/y/z/src/main/jpeg/some-pic.jpeg'])
+    const docsFiles = modified([
+      'pkg/a/b/c/some-pics.jpeg',
+      'pkg/a/b/c/src/main/jpeg/some-pic.jpeg',
+      'pkg/a/b/c/src/main/some-docs.md',
+      'pkg/a/b/c/some-docs.md'
+    ])
+
+    const typescriptMatch = filter.match(typescriptFiles)
+    const otherPkgTypescriptMatch = filter.match(otherPkgTypescriptFiles)
+    const docsMatch = filter.match(docsFiles)
+    const otherPkgJpegMatch = filter.match(otherPkgJpegFiles)
+
+    expect(typescriptMatch.backend).toEqual(typescriptFiles)
+    expect(otherPkgTypescriptMatch.backend).toEqual([])
+    expect(docsMatch.backend).toEqual([])
+    expect(otherPkgJpegMatch.backend).toEqual([])
+  })
+
   test('matches path based on rules included using YAML anchor', () => {
     const yaml = `
     shared: &shared
@@ -186,3 +217,9 @@ function modified(paths: string[]): File[] {
     return {filename, status: ChangeStatus.Modified}
   })
 }
+
+function renamed(paths: string[]): File[] {
+  return paths.map(filename => {
+    return {filename, status: ChangeStatus.Renamed}
+  })
+}

action.yml

@@ -44,11 +44,16 @@ inputs:
       This option takes effect only when changes are detected using git against different base branch.
     required: false
     default: '100'
+  predicate-quantifier:
+    description: |
+      allows to override the "at least one pattern" behavior to make it so that all of the patterns have to match or otherwise the file is excluded.
+    required: false
+    default: 'some'
 outputs:
   changes:
     description: JSON array with names of all filters matching any of changed files
 runs:
-  using: 'node20'
+  using: 'node24'
   main: 'dist/index.js'
 branding:
   color: blue

dist/index.js

@@ -53,16 +53,53 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.Filter = void 0;
+exports.Filter = exports.isPredicateQuantifier = exports.SUPPORTED_PREDICATE_QUANTIFIERS = exports.PredicateQuantifier = void 0;
 const jsyaml = __importStar(__nccwpck_require__(1917));
 const picomatch_1 = __importDefault(__nccwpck_require__(8569));
 // Minimatch options used in all matchers
 const MatchOptions = {
     dot: true
 };
+/**
+ * Enumerates the possible logic quantifiers that can be used when determining
+ * if a file is a match or not with multiple patterns.
+ *
+ * The YAML configuration property that is parsed into one of these values is
+ * 'predicate-quantifier' on the top level of the configuration object of the
+ * action.
+ *
+ * The default is to use 'some' which used to be the hardcoded behavior prior to
+ * the introduction of the new mechanism.
+ *
+ * @see https://en.wikipedia.org/wiki/Quantifier_(logic)
+ */
+var PredicateQuantifier;
+(function (PredicateQuantifier) {
+    /**
+     * When choosing 'every' in the config it means that files will only get matched
+     * if all the patterns are satisfied by the path of the file, not just at least one of them.
+     */
+    PredicateQuantifier["EVERY"] = "every";
+    /**
+     * When choosing 'some' in the config it means that files will get matched as long as there is
+     * at least one pattern that matches them. This is the default behavior if you don't
+     * specify anything as a predicate quantifier.
+     */
+    PredicateQuantifier["SOME"] = "some";
+})(PredicateQuantifier || (exports.PredicateQuantifier = PredicateQuantifier = {}));
+/**
+ * An array of strings (at runtime) that contains the valid/accepted values for
+ * the configuration parameter 'predicate-quantifier'.
+ */
+exports.SUPPORTED_PREDICATE_QUANTIFIERS = Object.values(PredicateQuantifier);
+function isPredicateQuantifier(x) {
+    return exports.SUPPORTED_PREDICATE_QUANTIFIERS.includes(x);
+}
+exports.isPredicateQuantifier = isPredicateQuantifier;
 class Filter {
     // Creates instance of Filter and load rules from YAML if it's provided
-    constructor(yaml) {
+    constructor(yaml, filterConfig) {
+        this.filterConfig = filterConfig;
         this.rules = {};
         if (yaml) {
             this.load(yaml);
@@ -89,7 +126,16 @@ class Filter {
         return result;
     }
     isMatch(file, patterns) {
-        return patterns.some(rule => (rule.status === undefined || rule.status.includes(file.status)) && rule.isMatch(file.filename));
+        var _a;
+        const aPredicate = (rule) => {
+            return (rule.status === undefined || rule.status.includes(file.status)) && rule.isMatch(file.filename);
+        };
+        if (((_a = this.filterConfig) === null || _a === void 0 ? void 0 : _a.predicateQuantifier) === 'every') {
+            return patterns.every(aPredicate);
+        }
+        else {
+            return patterns.some(aPredicate);
+        }
     }
     parseFilterItemYaml(item) {
         if (Array.isArray(item)) {
@@ -317,8 +363,8 @@ exports.listAllFilesAsAdded = listAllFilesAsAdded;
 async function getCurrentRef() {
     core.startGroup(`Get current git ref`);
     try {
-        const branch = (await (0, exec_1.getExecOutput)('git', ['branch', '--show-current'])).stdout.trim();
-        if (branch) {
+        const branch = (await (0, exec_1.getExecOutput)('git', ['rev-parse', '--abbrev-ref', 'HEAD'])).stdout.trim();
+        if (branch && branch !== 'HEAD') {
             return branch;
         }
         const describe = await (0, exec_1.getExecOutput)('git', ['describe', '--tags', '--exact-match'], { ignoreReturnCode: true });
@@ -528,11 +574,18 @@ async function run() {
         const filtersYaml = isPathInput(filtersInput) ? getConfigFileContent(filtersInput) : filtersInput;
         const listFiles = core.getInput('list-files', { required: false }).toLowerCase() || 'none';
         const initialFetchDepth = parseInt(core.getInput('initial-fetch-depth', { required: false })) || 10;
+        const predicateQuantifier = core.getInput('predicate-quantifier', { required: false }) || filter_1.PredicateQuantifier.SOME;
         if (!isExportFormat(listFiles)) {
             core.setFailed(`Input parameter 'list-files' is set to invalid value '${listFiles}'`);
             return;
         }
-        const filter = new filter_1.Filter(filtersYaml);
+        if (!(0, filter_1.isPredicateQuantifier)(predicateQuantifier)) {
+            const predicateQuantifierInvalidErrorMsg = `Input parameter 'predicate-quantifier' is set to invalid value ` +
+                `'${predicateQuantifier}'. Valid values: ${filter_1.SUPPORTED_PREDICATE_QUANTIFIERS.join(', ')}`;
+            throw new Error(predicateQuantifierInvalidErrorMsg);
+        }
+        const filterConfig = { predicateQuantifier };
+        const filter = new filter_1.Filter(filtersYaml, filterConfig);
         const files = await getChangedFiles(token, base, ref, initialFetchDepth);
         core.info(`Detected ${files.length} changed files`);
         const results = filter.match(files);
@@ -555,6 +608,7 @@ function getConfigFileContent(configPath) {
     return fs.readFileSync(configPath, { encoding: 'utf8' });
 }
 async function getChangedFiles(token, base, ref, initialFetchDepth) {
+    var _a, _b;
     // if base is 'HEAD' only local uncommitted changes will be detected
     // This is the simplest case as we don't need to fetch more commits or evaluate current/before refs
     if (base === git.HEAD) {
@@ -563,30 +617,49 @@ async function getChangedFiles(token, base, ref, initialFetchDepth) {
         }
         return await git.getChangesOnHead();
     }
-    const prEvents = ['pull_request', 'pull_request_review', 'pull_request_review_comment', 'pull_request_target'];
-    if (prEvents.includes(github.context.eventName)) {
-        if (ref) {
-            core.warning(`'ref' input parameter is ignored when 'base' is set to HEAD`);
+    switch (github.context.eventName) {
+        // To keep backward compatibility, commits in GitHub pull request event
+        // take precedence over manual inputs.
+        case 'pull_request':
+        case 'pull_request_review':
+        case 'pull_request_review_comment':
+        case 'pull_request_target': {
+            if (ref) {
+                core.warning(`'ref' input parameter is ignored when 'base' is set to HEAD`);
+            }
+            if (base) {
+                core.warning(`'base' input parameter is ignored when action is triggered by pull request event`);
+            }
+            const pr = github.context.payload.pull_request;
+            if (token) {
+                return await getChangedFilesFromApi(token, pr);
+            }
+            if (github.context.eventName === 'pull_request_target') {
+                // pull_request_target is executed in context of base branch and GITHUB_SHA points to last commit in base branch
+                // Therefore it's not possible to look at changes in last commit
+                // At the same time we don't want to fetch any code from forked repository
+                throw new Error(`'token' input parameter is required if action is triggered by 'pull_request_target' event`);
+            }
+            core.info('Github token is not available - changes will be detected using git diff');
+            const baseSha = (_a = github.context.payload.pull_request) === null || _a === void 0 ? void 0 : _a.base.sha;
+            const defaultBranch = (_b = github.context.payload.repository) === null || _b === void 0 ? void 0 : _b.default_branch;
+            const currentRef = await git.getCurrentRef();
+            return await git.getChanges(base || baseSha || defaultBranch, currentRef);
         }
-        if (base) {
-            core.warning(`'base' input parameter is ignored when action is triggered by pull request event`);
+        // To keep backward compatibility, manual inputs take precedence over
+        // commits in GitHub merge queue event.
+        case 'merge_group': {
+            const mergeGroup = github.context.payload;
+            if (!base) {
+                base = mergeGroup.merge_group.base_sha;
+            }
+            if (!ref) {
+                ref = mergeGroup.merge_group.head_sha;
+            }
+            break;
         }
-        const pr = github.context.payload.pull_request;
-        if (token) {
-            return await getChangedFilesFromApi(token, pr);
-        }
-        if (github.context.eventName === 'pull_request_target') {
-            // pull_request_target is executed in context of base branch and GITHUB_SHA points to last commit in base branch
-            // Therefor it's not possible to look at changes in last commit
-            // At the same time we don't want to fetch any code from forked repository
-            throw new Error(`'token' input parameter is required if action is triggered by 'pull_request_target' event`);
-        }
-        core.info('Github token is not available - changes will be detected from PRs merge commit');
-        return await git.getChangesInLastCommit();
-    }
-    else {
-        return getChangedFilesFromGit(base, ref, initialFetchDepth);
     }
+    return getChangedFilesFromGit(base, ref, initialFetchDepth);
 }
 async function getChangedFilesFromGit(base, head, initialFetchDepth) {
     var _a;

package-lock.json

@@ -18,7 +18,7 @@
         "@octokit/webhooks-types": "^7.3.1",
         "@types/jest": "^29.5.11",
         "@types/js-yaml": "^4.0.9",
-        "@types/node": "^20.11.6",
+        "@types/node": "^24.0.0",
         "@types/picomatch": "^2.3.3",
         "@typescript-eslint/eslint-plugin": "^6.19.1",
         "@typescript-eslint/parser": "^6.19.1",
@@ -34,7 +34,7 @@
         "typescript": "^5.3.3"
       },
       "engines": {
-        "node": ">= 20"
+        "node": ">= 24"
       }
     },
     "node_modules/@aashutoshrathi/word-wrap": {
@@ -199,6 +199,7 @@
       "resolved": "https://registry.npmjs.org/@babel/core/-/core-7.23.7.tgz",
       "integrity": "sha512-+UpDgowcmqe36d4NwqvKsyPMlOLNGMsfMmQ5WGCu+siCe3t3dfe9njrzGfdN4qq+bcNUt0+Vw6haRxBOycs4dw==",
       "dev": true,
+      "peer": true,
       "dependencies": {
         "@ampproject/remapping": "^2.2.0",
         "@babel/code-frame": "^7.23.5",
@@ -1390,6 +1391,7 @@
       "version": "5.1.0",
       "resolved": "https://registry.npmjs.org/@octokit/core/-/core-5.1.0.tgz",
       "integrity": "sha512-BDa2VAMLSh3otEiaMJ/3Y36GU4qf6GI+VivQ/P41NC6GHcdxpKlqV0ikSZ5gdQsmS3ojXeRx5vasgNTinF0Q4g==",
+      "peer": true,
       "dependencies": {
         "@octokit/auth-token": "^4.0.0",
         "@octokit/graphql": "^7.0.0",
@@ -1641,12 +1643,13 @@
       "dev": true
     },
     "node_modules/@types/node": {
-      "version": "20.11.6",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.6.tgz",
-      "integrity": "sha512-+EOokTnksGVgip2PbYbr3xnR7kZigh4LbybAfBAw5BpnQ+FqBYUsvCEjYd70IXKlbohQ64mzEYmMtlWUY8q//Q==",
+      "version": "24.12.0",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.12.0.tgz",
+      "integrity": "sha512-GYDxsZi3ChgmckRT9HPU0WEhKLP08ev/Yfcq2AstjrDASOYCSXeyjDsHg4v5t4jOj7cyDX3vmprafKlWIG9MXQ==",
       "dev": true,
+      "license": "MIT",
       "dependencies": {
-        "undici-types": "~5.26.4"
+        "undici-types": "~7.16.0"
       }
     },
     "node_modules/@types/picomatch": {
@@ -1892,6 +1895,7 @@
       "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz",
       "integrity": "sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg==",
       "dev": true,
+      "peer": true,
       "bin": {
         "acorn": "bin/acorn"
       },
@@ -2332,6 +2336,7 @@
           "url": "https://github.com/sponsors/ai"
         }
       ],
+      "peer": true,
       "dependencies": {
         "caniuse-lite": "^1.0.30001565",
         "electron-to-chromium": "^1.4.601",
@@ -2878,6 +2883,7 @@
       "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.56.0.tgz",
       "integrity": "sha512-Go19xM6T9puCOWntie1/P997aXxFsOi37JIHRWI514Hc6ZnaHGKY9xFhrU65RT6CcBEzZoGG1e6Nq+DT04ZtZQ==",
       "dev": true,
+      "peer": true,
       "dependencies": {
         "@eslint-community/eslint-utils": "^4.2.0",
         "@eslint-community/regexpp": "^4.6.1",
@@ -2933,6 +2939,7 @@
       "resolved": "https://registry.npmjs.org/eslint-config-prettier/-/eslint-config-prettier-9.1.0.tgz",
       "integrity": "sha512-NSWl5BFQWEPi1j4TjVNItzYV7dZXZ+wP6I6ZhrBGpChQhZRUaElihE9uRRkcbRnNb76UMKDF3r+WTmNcGPKsqw==",
       "dev": true,
+      "peer": true,
       "bin": {
         "eslint-config-prettier": "bin/cli.js"
       },
@@ -3107,6 +3114,7 @@
       "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.2.4.tgz",
       "integrity": "sha512-FWu1oLHKCrtpO1ypU6J0SbK2d9Ckwysq6bHj/uaCP26DxrPpppCLQRGVuqAxSTvhF00AcvDRyYrLNW7ocBhFFQ==",
       "dev": true,
+      "peer": true,
       "bin": {
         "prettier": "bin/prettier.cjs"
       },
@@ -4614,6 +4622,7 @@
       "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz",
       "integrity": "sha512-NIy3oAFp9shda19hy4HK0HRTWKtPJmGdnvywu01nOqNC2vZg+Z+fvJDxpMQA88eb2I9EcafcdjYgsDthnYTvGw==",
       "dev": true,
+      "peer": true,
       "dependencies": {
         "@jest/core": "^29.7.0",
         "@jest/types": "^29.6.3",
@@ -6789,6 +6798,7 @@
       "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.3.3.tgz",
       "integrity": "sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==",
       "dev": true,
+      "peer": true,
       "bin": {
         "tsc": "bin/tsc",
         "tsserver": "bin/tsserver"
@@ -6824,10 +6834,11 @@
       }
     },
     "node_modules/undici-types": {
-      "version": "5.26.5",
-      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-      "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==",
-      "dev": true
+      "version": "7.16.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.16.0.tgz",
+      "integrity": "sha512-Zz+aZWSj8LE6zoxD+xrjh4VfkIG8Ya6LvYkZqtUQGJPZjYl53ypCaUwWqo7eI0x66KBGeRo+mlBEkMSeSZ38Nw==",
+      "dev": true,
+      "license": "MIT"
     },
     "node_modules/universal-user-agent": {
       "version": "6.0.1",

package.json

@@ -2,7 +2,7 @@
   "name": "paths-filter",
   "version": "1.0.0",
   "engines": {
-    "node": ">= 20"
+    "node": ">= 24"
   },
   "private": true,
   "description": "Execute your workflow steps only if relevant files are modified.",
@@ -37,7 +37,7 @@
     "@octokit/webhooks-types": "^7.3.1",
     "@types/jest": "^29.5.11",
     "@types/js-yaml": "^4.0.9",
-    "@types/node": "^20.11.6",
+    "@types/node": "^24.0.0",
     "@types/picomatch": "^2.3.3",
     "@typescript-eslint/eslint-plugin": "^6.19.1",
     "@typescript-eslint/parser": "^6.19.1",

src/filter.ts

@@ -23,6 +23,48 @@ interface FilterRuleItem {
   isMatch: (str: string) => boolean // Matches the filename
 }
 
+/**
+ * Enumerates the possible logic quantifiers that can be used when determining
+ * if a file is a match or not with multiple patterns.
+ *
+ * The YAML configuration property that is parsed into one of these values is
+ * 'predicate-quantifier' on the top level of the configuration object of the
+ * action.
+ *
+ * The default is to use 'some' which used to be the hardcoded behavior prior to
+ * the introduction of the new mechanism.
+ *
+ * @see https://en.wikipedia.org/wiki/Quantifier_(logic)
+ */
+export enum PredicateQuantifier {
+  /**
+   * When choosing 'every' in the config it means that files will only get matched
+   * if all the patterns are satisfied by the path of the file, not just at least one of them.
+   */
+  EVERY = 'every',
+  /**
+   * When choosing 'some' in the config it means that files will get matched as long as there is
+   * at least one pattern that matches them. This is the default behavior if you don't
+   * specify anything as a predicate quantifier.
+   */
+  SOME = 'some'
+}
+
+/**
+ * Used to define customizations for how the file filtering should work at runtime.
+ */
+export type FilterConfig = {readonly predicateQuantifier: PredicateQuantifier}
+
+/**
+ * An array of strings (at runtime) that contains the valid/accepted values for
+ * the configuration parameter 'predicate-quantifier'.
+ */
+export const SUPPORTED_PREDICATE_QUANTIFIERS = Object.values(PredicateQuantifier)
+
+export function isPredicateQuantifier(x: unknown): x is PredicateQuantifier {
+  return SUPPORTED_PREDICATE_QUANTIFIERS.includes(x as PredicateQuantifier)
+}
+
 export interface FilterResults {
   [key: string]: File[]
 }
@@ -31,7 +73,7 @@ export class Filter {
   rules: {[key: string]: FilterRuleItem[]} = {}
 
   // Creates instance of Filter and load rules from YAML if it's provided
-  constructor(yaml?: string) {
+  constructor(yaml?: string, readonly filterConfig?: FilterConfig) {
     if (yaml) {
       this.load(yaml)
     }
@@ -62,9 +104,14 @@ export class Filter {
   }
 
   private isMatch(file: File, patterns: FilterRuleItem[]): boolean {
-    return patterns.some(
-      rule => (rule.status === undefined || rule.status.includes(file.status)) && rule.isMatch(file.filename)
-    )
+    const aPredicate = (rule: Readonly<FilterRuleItem>): boolean => {
+      return (rule.status === undefined || rule.status.includes(file.status)) && rule.isMatch(file.filename)
+    }
+    if (this.filterConfig?.predicateQuantifier === 'every') {
+      return patterns.every(aPredicate)
+    } else {
+      return patterns.some(aPredicate)
+    }
   }
 
   private parseFilterItemYaml(item: FilterItemYaml): FilterRuleItem[] {

src/git.ts

@@ -166,8 +166,8 @@ export async function listAllFilesAsAdded(): Promise<File[]> {
 export async function getCurrentRef(): Promise<string> {
   core.startGroup(`Get current git ref`)
   try {
-    const branch = (await getExecOutput('git', ['branch', '--show-current'])).stdout.trim()
-    if (branch) {
+    const branch = (await getExecOutput('git', ['rev-parse', '--abbrev-ref', 'HEAD'])).stdout.trim()
+    if (branch && branch !== 'HEAD') {
       return branch
     }
 

src/main.ts

@@ -2,9 +2,16 @@ import * as fs from 'fs'
 import * as core from '@actions/core'
 import * as github from '@actions/github'
 import {GetResponseDataTypeFromEndpointMethod} from '@octokit/types'
-import {PushEvent, PullRequestEvent} from '@octokit/webhooks-types'
+import {MergeGroupEvent, PullRequest, PushEvent} from '@octokit/webhooks-types'
 
-import {Filter, FilterResults} from './filter'
+import {
+  isPredicateQuantifier,
+  Filter,
+  FilterConfig,
+  FilterResults,
+  PredicateQuantifier,
+  SUPPORTED_PREDICATE_QUANTIFIERS
+} from './filter'
 import {File, ChangeStatus} from './file'
 import * as git from './git'
 import {backslashEscape, shellEscape} from './list-format/shell-escape'
@@ -26,13 +33,22 @@ async function run(): Promise<void> {
     const filtersYaml = isPathInput(filtersInput) ? getConfigFileContent(filtersInput) : filtersInput
     const listFiles = core.getInput('list-files', {required: false}).toLowerCase() || 'none'
     const initialFetchDepth = parseInt(core.getInput('initial-fetch-depth', {required: false})) || 10
+    const predicateQuantifier = core.getInput('predicate-quantifier', {required: false}) || PredicateQuantifier.SOME
 
     if (!isExportFormat(listFiles)) {
       core.setFailed(`Input parameter 'list-files' is set to invalid value '${listFiles}'`)
       return
     }
 
-    const filter = new Filter(filtersYaml)
+    if (!isPredicateQuantifier(predicateQuantifier)) {
+      const predicateQuantifierInvalidErrorMsg =
+        `Input parameter 'predicate-quantifier' is set to invalid value ` +
+        `'${predicateQuantifier}'. Valid values: ${SUPPORTED_PREDICATE_QUANTIFIERS.join(', ')}`
+      throw new Error(predicateQuantifierInvalidErrorMsg)
+    }
+    const filterConfig: FilterConfig = {predicateQuantifier}
+
+    const filter = new Filter(filtersYaml, filterConfig)
     const files = await getChangedFiles(token, base, ref, initialFetchDepth)
     core.info(`Detected ${files.length} changed files`)
     const results = filter.match(files)
@@ -68,29 +84,50 @@ async function getChangedFiles(token: string, base: string, ref: string, initial
     return await git.getChangesOnHead()
   }
 
-  const prEvents = ['pull_request', 'pull_request_review', 'pull_request_review_comment', 'pull_request_target']
-  if (prEvents.includes(github.context.eventName)) {
-    if (ref) {
-      core.warning(`'ref' input parameter is ignored when 'base' is set to HEAD`)
+  switch (github.context.eventName) {
+    // To keep backward compatibility, commits in GitHub pull request event
+    // take precedence over manual inputs.
+    case 'pull_request':
+    case 'pull_request_review':
+    case 'pull_request_review_comment':
+    case 'pull_request_target': {
+      if (ref) {
+        core.warning(`'ref' input parameter is ignored when 'base' is set to HEAD`)
+      }
+      if (base) {
+        core.warning(`'base' input parameter is ignored when action is triggered by pull request event`)
+      }
+      const pr = github.context.payload.pull_request as PullRequest
+      if (token) {
+        return await getChangedFilesFromApi(token, pr)
+      }
+      if (github.context.eventName === 'pull_request_target') {
+        // pull_request_target is executed in context of base branch and GITHUB_SHA points to last commit in base branch
+        // Therefore it's not possible to look at changes in last commit
+        // At the same time we don't want to fetch any code from forked repository
+        throw new Error(`'token' input parameter is required if action is triggered by 'pull_request_target' event`)
+      }
+      core.info('Github token is not available - changes will be detected using git diff')
+      const baseSha = github.context.payload.pull_request?.base.sha
+      const defaultBranch = github.context.payload.repository?.default_branch
+      const currentRef = await git.getCurrentRef()
+      return await git.getChanges(base || baseSha || defaultBranch, currentRef)
     }
-    if (base) {
-      core.warning(`'base' input parameter is ignored when action is triggered by pull request event`)
+    // To keep backward compatibility, manual inputs take precedence over
+    // commits in GitHub merge queue event.
+    case 'merge_group': {
+      const mergeGroup = github.context.payload as MergeGroupEvent
+      if (!base) {
+        base = mergeGroup.merge_group.base_sha
+      }
+      if (!ref) {
+        ref = mergeGroup.merge_group.head_sha
+      }
+      break
     }
-    const pr = github.context.payload.pull_request as PullRequestEvent
-    if (token) {
-      return await getChangedFilesFromApi(token, pr)
-    }
-    if (github.context.eventName === 'pull_request_target') {
-      // pull_request_target is executed in context of base branch and GITHUB_SHA points to last commit in base branch
-      // Therefor it's not possible to look at changes in last commit
-      // At the same time we don't want to fetch any code from forked repository
-      throw new Error(`'token' input parameter is required if action is triggered by 'pull_request_target' event`)
-    }
-    core.info('Github token is not available - changes will be detected from PRs merge commit')
-    return await git.getChangesInLastCommit()
-  } else {
-    return getChangedFilesFromGit(base, ref, initialFetchDepth)
   }
+
+  return getChangedFilesFromGit(base, ref, initialFetchDepth)
 }
 
 async function getChangedFilesFromGit(base: string, head: string, initialFetchDepth: number): Promise<File[]> {
@@ -156,7 +193,7 @@ async function getChangedFilesFromGit(base: string, head: string, initialFetchDe
 }
 
 // Uses github REST api to get list of files changed in PR
-async function getChangedFilesFromApi(token: string, pullRequest: PullRequestEvent): Promise<File[]> {
+async function getChangedFilesFromApi(token: string, pullRequest: PullRequest): Promise<File[]> {
   core.startGroup(`Fetching list of changed files for PR#${pullRequest.number} from Github API`)
   try {
     const client = github.getOctokit(token)