build action with latest dependency updates (#207)

Signed-off-by: Frank Jogeleit <frank.jogeleit@web.de>

.github/workflows/build-action.yml

@@ -14,12 +14,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: checkout repo
-      uses: actions/checkout@v6
+      uses: actions/checkout@v6.0.2
       with:
-        ref: ${{ inputs.ref }}
+        ref: ${{ github.event.inputs.ref }}
     - uses: actions/setup-node@v6
       with:
-        node-version: '16'
+        node-version-file: '.tool-versions'
     - name: Install dependencies
       run: |
         npm ci

.github/workflows/ci.yml

@@ -18,20 +18,15 @@ jobs:
     steps:
     - id: ref
       run: |
-        if [[ -n '${{ github.event.ref }}' ]]; then
-          branch="${{ github.event.ref }}"
-          echo "branch=$branch" >> $GITHUB_OUTPUT
-        else
-          branch="${{ github.event.pull_request.head.ref }}"
-          echo "branch=$branch" >> $GITHUB_OUTPUT
-        fi
+        branch="${{ github.event.ref || github.event.pull_request.head.ref }}"
+        echo "branch=$branch" >> $GITHUB_OUTPUT
     - name: checkout repo
-      uses: actions/checkout@v6
+      uses: actions/checkout@v6.0.2
       with:
         ref: ${{ steps.ref.outputs.branch }}
     - uses: actions/setup-node@v6
       with:
-        node-version: '16'
+        node-version-file: '.tool-versions'
     - name: Install dependencies
       run: |
         npm ci
@@ -47,25 +42,3 @@ jobs:
           git commit -m "Update dist"
           git push origin HEAD:${{ steps.ref.outputs.branch }}
         fi
-  integrity:
-    if: >
-      !failure() &&
-      !cancelled()
-    needs:
-      - build
-    runs-on: ubuntu-latest
-    steps:
-    - name: checkout repo
-      uses: actions/checkout@v6
-      with:
-        persist-credentials: false
-    - uses: actions/setup-node@v6
-      with:
-        node-version: '16.17.0'
-    - name: Build action
-      run: |
-        npm ci
-        npm run build
-    - name: Repository Integrity Check
-      run: |
-        git diff --quiet dist

.github/workflows/it-tests.yml

@@ -9,7 +9,7 @@ jobs:
     name: "IT Test - Request Postman Echo GET"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Given the gh-action is used with GET and a valid URL
         id: execution
         uses: ./
@@ -28,7 +28,7 @@ jobs:
     name: "IT Test - Request Postman Echo POST"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Given the gh-action is used with POST using valid data
         id: execution
         uses: ./
@@ -48,7 +48,7 @@ jobs:
     name: "IT Test - Request Postman Echo POST with Unescaped Newline"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Given the gh-action is used with POST using unescaped new line within data
         id: execution
         uses: ./
@@ -73,7 +73,7 @@ jobs:
     name: "IT Test - Request Postman Echo BasicAuth"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Given the gh-action is used with valid BasicAuth parameters
         id: execution
         uses: ./
@@ -94,7 +94,7 @@ jobs:
     name: "IT Test - Request Postman Echo with 404 Response and ignore failure code"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Given the gh-action is used with unknown URL and ignoreStatusCode 404 for it
         id: execution
         uses: ./
@@ -121,7 +121,7 @@ jobs:
     name: "IT Test - Request Postman Echo with 404 Response and ignore failure code"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Given the gh-action is used with unknown URL and ignore status codes 401,404
         id: execution
         uses: ./
@@ -148,7 +148,7 @@ jobs:
     name: "IT Test - Request Postman Echo POST Multipart"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Create Test File
         run: |
           echo "test" > testfile.txt
@@ -172,7 +172,7 @@ jobs:
     name: "IT Test - Request Postman Echo POST and persist response"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Create Test File
         run: |
           echo "test" > testfile2.txt
@@ -207,7 +207,7 @@ jobs:
     name: "IT Test - Request Postman Echo POST Multipart without data"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Create Test File
         run: |
           echo "test" > testfile3.txt
@@ -230,7 +230,7 @@ jobs:
     name: "IT Test - Request Postman Echo POST single file"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Create Test File
         run: |
           echo "test" > testfile4.txt
@@ -253,7 +253,7 @@ jobs:
     name: "IT Test - Request Postman Echo POST URLEncoded string data"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Given the gh-action is used with data form url encoded
         id: execution
         uses: ./
@@ -274,7 +274,7 @@ jobs:
     name: "IT Test - Request Postman Echo POST URLEncoded json data"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Given the gh-action is used with json data
         id: execution
         uses: ./
@@ -295,7 +295,7 @@ jobs:
     name: "IT Test - Request Postman Echo DELETE"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v4.1.7
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Given the gh-action is used with method DELETE
         id: execution
         uses: ./

.github/workflows/release.yml

@@ -0,0 +1,31 @@
+---
+name: Release
+
+on:
+  push:
+    tags:
+      - "v*.*.*"
+
+jobs:
+  create:
+    name: Create
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout ${{ github.repository }}
+        uses: actions/checkout@v6.0.2
+        with:
+          fetch-depth: 0
+          ref: "${{ github.ref }}"
+      - name: Create release
+        uses: elgohr/Github-Release-Action@c5ea99036abb741a89f8bf1f2cd7fba845e3313a # v5
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          title: ${{ github.ref_name }}
+          tag: ${{ github.ref_name }}
+      - name: Bump tags
+        uses: fischerscode/tagger@5ca3fa63ce3003fb7183cae547644b29f3b632be # v0.2.0
+        with:
+          prefix: v

.tool-versions

@@ -0,0 +1 @@
+nodejs 24.13.0

RELEASE.md

@@ -0,0 +1,21 @@
+# Release
+
+## Create release
+
+Do not manually draft a release.
+
+To start a release, create a release tag at the commit you want using the commands
+below.
+
+```shell
+git tag -a "v1.2.3" -m "v1.2.3"
+git push origin "v1.2.3"
+```
+
+## Publish GitHub Action to the marketplace
+
+1. Go to the [Releases page](https://github.com/fjogeleit/http-request-action/releases)
+and select the latest release that was just created.
+2. Select "Edit" button.
+3. Select "Publish this Action to the GitHub Marketplace" checkbox.
+4. Select "Update release" button.

action.yml

@@ -80,5 +80,5 @@ outputs:
     status:
         description: 'HTTP status message'
 runs:
-    using: 'node20'
+    using: 'node24'
     main: 'dist/index.js'

package-lock.json

@@ -9,62 +9,53 @@
       "version": "1.16.4",
       "license": "MIT",
       "dependencies": {
-        "@actions/core": "^1.11.1"
+        "@actions/core": "^2.0.3"
       },
       "devDependencies": {
         "@vercel/ncc": "^0.38.4",
-        "axios": "^1.13",
+        "axios": "^1.13.4",
         "form-data": "^4.0.3",
         "yargs": "^18.0.0"
       },
       "engines": {
-        "node": ">=16.0.0"
+        "node": ">=24.0.0"
       }
     },
     "node_modules/@actions/core": {
-      "version": "1.11.1",
-      "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.11.1.tgz",
-      "integrity": "sha512-hXJCSrkwfA46Vd9Z3q4cpEpHB1rL5NG04+/rbqW9d3+CSvtB1tYe8UTpAlixa1vj0m/ULglfEK2UKxMGxCxv5A==",
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/@actions/core/-/core-2.0.3.tgz",
+      "integrity": "sha512-Od9Thc3T1mQJYddvVPM4QGiLUewdh+3txmDYHHxoNdkqysR1MbCT+rFOtNUxYAz+7+6RIsqipVahY2GJqGPyxA==",
       "license": "MIT",
       "dependencies": {
-        "@actions/exec": "^1.1.1",
-        "@actions/http-client": "^2.0.1"
+        "@actions/exec": "^2.0.0",
+        "@actions/http-client": "^3.0.2"
       }
     },
     "node_modules/@actions/exec": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/@actions/exec/-/exec-1.1.1.tgz",
-      "integrity": "sha512-+sCcHHbVdk93a0XT19ECtO/gIXoxvdsgQLzb2fE2/5sIZmWQuluYyjPQtrtTHdU1YzTZ7bAPN4sITq2xi1679w==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@actions/exec/-/exec-2.0.0.tgz",
+      "integrity": "sha512-k8ngrX2voJ/RIN6r9xB82NVqKpnMRtxDoiO+g3olkIUpQNqjArXrCQceduQZCQj3P3xm32pChRLqRrtXTlqhIw==",
       "license": "MIT",
       "dependencies": {
-        "@actions/io": "^1.0.1"
+        "@actions/io": "^2.0.0"
       }
     },
     "node_modules/@actions/http-client": {
-      "version": "2.2.3",
-      "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz",
-      "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==",
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-3.0.2.tgz",
+      "integrity": "sha512-JP38FYYpyqvUsz+Igqlc/JG6YO9PaKuvqjM3iGvaLqFnJ7TFmcLyy2IDrY0bI0qCQug8E9K+elv5ZNfw62ZJzA==",
       "license": "MIT",
       "dependencies": {
         "tunnel": "^0.0.6",
-        "undici": "^5.25.4"
+        "undici": "^6.23.0"
       }
     },
     "node_modules/@actions/io": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz",
-      "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@actions/io/-/io-2.0.0.tgz",
+      "integrity": "sha512-Jv33IN09XLO+0HS79aaODsvIRyduiF7NY/F6LYeK5oeUmrsz7aFdRphQjFoESF4jS7lMauDOttKALcpapVDIAg==",
       "license": "MIT"
     },
-    "node_modules/@fastify/busboy": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/@fastify/busboy/-/busboy-2.1.1.tgz",
-      "integrity": "sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA==",
-      "license": "MIT",
-      "engines": {
-        "node": ">=14"
-      }
-    },
     "node_modules/@vercel/ncc": {
       "version": "0.38.4",
       "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.38.4.tgz",
@@ -109,9 +100,9 @@
       "license": "MIT"
     },
     "node_modules/axios": {
-      "version": "1.13.2",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.2.tgz",
-      "integrity": "sha512-VPk9ebNqPcy5lRGuSlKx752IlDatOjT9paPlm8A7yOuW2Fbvp4X3JznJtT4f0GzGLLiWE9W8onz51SqLYwzGaA==",
+      "version": "1.13.4",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.4.tgz",
+      "integrity": "sha512-1wVkUaAO6WyaYtCkcYCOx12ZgpGf9Zif+qXa4n+oYzK558YryKqiL6UWwd5DqiH3VRW0GYhTZQ/vlgJrCoNQlg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -502,15 +493,12 @@
       }
     },
     "node_modules/undici": {
-      "version": "5.29.0",
-      "resolved": "https://registry.npmjs.org/undici/-/undici-5.29.0.tgz",
-      "integrity": "sha512-raqeBD6NQK4SkWhQzeYKd1KmIG6dllBOTt55Rmkt4HtI9mwdWtJljnrXjAFUBLTSN67HWrOIZ3EPF4kjUw80Bg==",
+      "version": "6.23.0",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
+      "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==",
       "license": "MIT",
-      "dependencies": {
-        "@fastify/busboy": "^2.0.0"
-      },
       "engines": {
-        "node": ">=14.0"
+        "node": ">=18.17"
       }
     },
     "node_modules/wrap-ansi": {

package.json

@@ -20,14 +20,14 @@
   "homepage": "https://github.com/fjogeleit/http-request-action#readme",
   "devDependencies": {
     "@vercel/ncc": "^0.38.4",
-    "axios": "^1.13",
+    "axios": "^1.13.4",
     "form-data": "^4.0.3",
     "yargs": "^18.0.0"
   },
   "dependencies": {
-    "@actions/core": "^1.11.1"
+    "@actions/core": "^2.0.3"
   },
   "engines": {
-    "node": ">=16.0.0"
+    "node": ">=24.0.0"
   }
 }