Merge branch 'actions:main' into main

.github/ISSUE_TEMPLATE/config.yml

@@ -3,6 +3,3 @@ contact_links:
   - name: 🙋 Ask a question
     url: https://github.community/c/code-to-cloud/52
     about: Please ask and answer questions on GitHub Support Community.
-  - name: 🔒 Report security vulnerability
-    url: https://bounty.github.com/
-    about: Please report security vulnerabilities to GitHub Security Bug Bounty.

.github/workflows/release-new-action-version.yml

@@ -0,0 +1,28 @@
+name: Release new action version
+on:
+  release:
+    types: [released]
+  workflow_dispatch:
+    inputs:
+      TAG_NAME:
+        description: 'Tag name that the major tag will point to'
+        required: true
+
+env:
+  TAG_NAME: ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }}
+permissions:
+  contents: write
+
+jobs:
+  update_tag:
+    name: Update the major tag to include the ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }} changes
+    environment:
+      name: releaseNewActionVersion
+    runs-on: ubuntu-latest
+    steps:
+    - name: Update the ${{ env.TAG_NAME }} tag
+      id: update-major-tag
+      uses: actions/publish-action@v0.1.0
+      with:
+        source-tag: ${{ env.TAG_NAME }}
+        slack-webhook: ${{ secrets.SLACK_WEBHOOK }}

.licenses/npm/@actions/artifact.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@actions/artifact"
-version: 0.5.2
+version: 0.6.0
 type: npm
 summary: 
 homepage: 

README.md

@@ -6,7 +6,7 @@ See also [download-artifact](https://github.com/actions/download-artifact).
 
 # What's new
 
-- Easier upload 
+- Easier upload
   - Specify a wildcard pattern
   - Specify an individual file
   - Specify a directory (previously you were limited to only this option)
@@ -25,6 +25,7 @@ Refer [here](https://github.com/actions/upload-artifact/tree/releases/v1) for th
 See [action.yml](action.yml)
 
 ### Upload an Individual File
+
 ```yaml
 steps:
 - uses: actions/checkout@v2
@@ -49,6 +50,7 @@ steps:
 ```
 
 ### Upload using a Wildcard Pattern
+
 ```yaml
 - uses: actions/upload-artifact@v2
   with:
@@ -57,6 +59,7 @@ steps:
 ```
 
 ### Upload using Multiple Paths and Exclusions
+
 ```yaml
 - uses: actions/upload-artifact@v2
   with:
@@ -69,19 +72,20 @@ steps:
 
 For supported wildcards along with behavior and documentation, see [@actions/glob](https://github.com/actions/toolkit/tree/main/packages/glob) which is used internally to search for files.
 
-If a wildcard pattern is used, the path hierarchy will be preserved after the first wildcard pattern. 
+If a wildcard pattern is used, the path hierarchy will be preserved after the first wildcard pattern:
 
 ```
-    path/to/*/directory/foo?.txt =>
-        ∟ path/to/some/directory/foo1.txt
-        ∟ path/to/some/directory/foo2.txt
-        ∟ path/to/other/directory/foo1.txt
+path/to/*/directory/foo?.txt =>
+    ∟ path/to/some/directory/foo1.txt
+    ∟ path/to/some/directory/foo2.txt
+    ∟ path/to/other/directory/foo1.txt
 
-    would be flattened and uploaded as =>
-        ∟ some/directory/foo1.txt
-        ∟ some/directory/foo2.txt
-        ∟ other/directory/foo1.txt
+would be flattened and uploaded as =>
+    ∟ some/directory/foo1.txt
+    ∟ some/directory/foo2.txt
+    ∟ other/directory/foo1.txt
 ```
+
 If multiple paths are provided as input, the least common ancestor of all the search paths will be used as the root directory of the artifact. Exclude paths do not affect the directory structure.
 
 Relative and absolute file paths are both allowed. Relative paths are rooted against the current working directory. Paths that begin with a wildcard character should be quoted to avoid being interpreted as YAML aliases.
@@ -90,14 +94,14 @@ The [@actions/artifact](https://github.com/actions/toolkit/tree/main/packages/ar
 
 ### Customization if no files are found
 
-If a path (or paths), result in no files being found for the artifact, the action will succeed but print out a warning. In certain scenarios it may be desirable to fail the action or suppress the warning. The `if-no-files-found` option allows you to customize the behavior of the action if no files are found.
+If a path (or paths), result in no files being found for the artifact, the action will succeed but print out a warning. In certain scenarios it may be desirable to fail the action or suppress the warning. The `if-no-files-found` option allows you to customize the behavior of the action if no files are found:
 
 ```yaml
 - uses: actions/upload-artifact@v2
   with:
     name: my-artifact
     path: path/to/artifact/
-    if-no-files-found: error # 'warn' or 'ignore' are also available, defaults to `warn` 
+    if-no-files-found: error # 'warn' or 'ignore' are also available, defaults to `warn`
 ```
 
 ### Conditional Artifact Upload
@@ -115,6 +119,7 @@ To upload artifacts only when the previous step of a job failed, use [`if: failu
 ### Uploading without an artifact name
 
 You can upload an artifact without specifying a name
+
 ```yaml
 - uses: actions/upload-artifact@v2
   with:
@@ -125,7 +130,7 @@ If not provided, `artifact` will be used as the default name which will manifest
 
 ### Uploading to the same artifact
 
-With the following example, the available artifact (named `artifact` by default if no name is provided) would contain both `world.txt` (`hello`) and `extra-file.txt` (`howdy`).
+With the following example, the available artifact (named `artifact` by default if no name is provided) would contain both `world.txt` (`hello`) and `extra-file.txt` (`howdy`):
 
 ```yaml
 - run: echo hi > world.txt
@@ -144,28 +149,28 @@ With the following example, the available artifact (named `artifact` by default
     path: world.txt
 ```
 
-> **_Warning:_**  Be careful when uploading to the same artifact via multiple jobs as artifacts may become corrupted 
+> **_Warning:_**  Be careful when uploading to the same artifact via multiple jobs as artifacts may become corrupted
 
-Each artifact behaves as a file share. Uploading to the same artifact multiple times in the same workflow can overwrite and append already uploaded files
+Each artifact behaves as a file share. Uploading to the same artifact multiple times in the same workflow can overwrite and append already uploaded files:
 
 ```yaml
     strategy:
       matrix:
           node-version: [8.x, 10.x, 12.x, 13.x]
     steps:
-        - name: 'Create a file'
+        - name: Create a file
           run: echo ${{ matrix.node-version }} > my_file.txt
-        - name: 'Accidently upload to the same artifact via multiple jobs'
-          uses: 'actions/upload-artifact@v2'
+        - name: Accidentally upload to the same artifact via multiple jobs
+          uses: actions/upload-artifact@v2
           with:
               name: my-artifact
               path: ${{ github.workspace }}
 ```
 
-In the above example, four jobs will upload four different files to the same artifact but there will only be one file available when `my-artifact` is downloaded. Each job overwrites what was previously uploaded. To ensure that jobs don't overwrite existing artifacts, use a different name per job.
+In the above example, four jobs will upload four different files to the same artifact but there will only be one file available when `my-artifact` is downloaded. Each job overwrites what was previously uploaded. To ensure that jobs don't overwrite existing artifacts, use a different name per job:
 
 ```yaml
-          uses: 'actions/upload-artifact@v2'
+          uses: actions/upload-artifact@v2
           with:
               name: my-artifact ${{ matrix.node-version }}
               path: ${{ github.workspace }}
@@ -173,48 +178,61 @@ In the above example, four jobs will upload four different files to the same art
 
 ### Environment Variables and Tilde Expansion
 
-You can use `~` in the path input as a substitute for `$HOME`. Basic tilde expansion is supported.
+You can use `~` in the path input as a substitute for `$HOME`. Basic tilde expansion is supported:
 
 ```yaml
-  - run: |	
+  - run: |
       mkdir -p ~/new/artifact
       echo hello > ~/new/artifact/world.txt
   - uses: actions/upload-artifact@v2
-    with:	
-      name: 'Artifacts-V2'	
-      path: '~/new/**/*'
+    with:
+      name: Artifacts-V2
+      path: ~/new/**/*
 ```
 
-Environment variables along with context expressions can also be used for input. For documentation see [context and expression syntax](https://help.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions).
+Environment variables along with context expressions can also be used for input. For documentation see [context and expression syntax](https://help.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions):
 
 ```yaml
     env:
       name: my-artifact
     steps:
-    - run: |	
+    - run: |
         mkdir -p ${{ github.workspace }}/artifact
         echo hello > ${{ github.workspace }}/artifact/world.txt
     - uses: actions/upload-artifact@v2
-      with:	
-        name: ${{ env.name }}-name	
+      with:
+        name: ${{ env.name }}-name
         path: ${{ github.workspace }}/artifact/**/*
 ```
 
+For environment variables created in other steps, make sure to use the `env` expression syntax
+
+```yaml
+    steps:
+    - run: | 
+        mkdir testing
+        echo "This is a file to upload" > testing/file.txt
+        echo "artifactPath=testing/file.txt" >> $GITHUB_ENV
+    - uses: actions/upload-artifact@v2
+      with:
+        name: artifact
+        path: ${{ env.artifactPath }} # this will resolve to testing/file.txt at runtime
+```
+
 ### Retention Period
 
 Artifacts are retained for 90 days by default. You can specify a shorter retention period using the `retention-days` input:
 
 ```yaml
-  - name: 'Create a file'
+  - name: Create a file
     run: echo "I won't live long" > my_file.txt
 
-  - name: 'Upload Artifact'
+  - name: Upload Artifact
     uses: actions/upload-artifact@v2
     with:
       name: my-artifact
       path: my_file.txt
       retention-days: 5
-
 ```
 
 The retention period must be between 1 and 90 inclusive. For more information see [artifact and log retention policies](https://docs.github.com/en/free-pro-team@latest/actions/reference/usage-limits-billing-and-administration#artifact-and-log-retention-policy).
@@ -233,7 +251,7 @@ The size of the artifact is denoted in bytes. The displayed artifact size denote
 
 ### Zipped Artifact Downloads
 
-During a workflow run, files are uploaded and downloaded individually using the `upload-artifact` and `download-artifact` actions. However, when a workflow run finishes and an artifact is downloaded from either the UI or through the [download api](https://developer.github.com/v3/actions/artifacts/#download-an-artifact), a zip is dynamically created with all the file contents that were uploaded. There is currently no way to download artifacts after a workflow run finishes in a format other than a zip or to download artifact contents individually. One of the consequences of this limitation is that if a zip is uploaded during a workflow run and then downloaded from the UI, there will be a double zip created. 
+During a workflow run, files are uploaded and downloaded individually using the `upload-artifact` and `download-artifact` actions. However, when a workflow run finishes and an artifact is downloaded from either the UI or through the [download api](https://developer.github.com/v3/actions/artifacts/#download-an-artifact), a zip is dynamically created with all the file contents that were uploaded. There is currently no way to download artifacts after a workflow run finishes in a format other than a zip or to download artifact contents individually. One of the consequences of this limitation is that if a zip is uploaded during a workflow run and then downloaded from the UI, there will be a double zip created.
 
 ### Permission Loss
 
@@ -245,18 +263,19 @@ During a workflow run, files are uploaded and downloaded individually using the
 
 ### Maintaining file permissions and case sensitive files
 
-If file permissions and case sensitivity are required, you can `tar` all of your files together before artifact upload. Post download, the `tar` file will maintain file permissions and case sensitivity.
+If file permissions and case sensitivity are required, you can `tar` all of your files together before artifact upload. Post download, the `tar` file will maintain file permissions and case sensitivity:
 
 ```yaml
-  - name: 'Tar files'
+  - name: Tar files
     run: tar -cvf my_files.tar /path/to/my/directory
 
-  - name: 'Upload Artifact'
+  - name: Upload Artifact
     uses: actions/upload-artifact@v2
     with:
       name: my-artifact
-      path: my_files.tar    
+      path: my_files.tar
 ```
+
 ### Too many uploads resulting in 429 responses
 
 A very minute subset of users who upload a very very large amount of artifacts in a short period of time may see their uploads throttled or fail because of `Request was blocked due to exceeding usage of resource 'DBCPU' in namespace` or `Unable to copy file to server StatusCode=TooManyRequests`.
@@ -265,10 +284,10 @@ To reduce the chance of this happening, you can reduce the number of HTTP calls
 
 ## Additional Documentation
 
-See [persisting workflow data using artifacts](https://help.github.com/en/actions/configuring-and-managing-workflows/persisting-workflow-data-using-artifacts) for additional examples and tips.
+See [Storing workflow data as artifacts](https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts) for additional examples and tips.
 
-See extra documentation for the [@actions/artifact](https://github.com/actions/toolkit/blob/master/packages/artifact/docs/additional-information.md) package that is used internally regarding certain behaviors and limitations.
+See extra documentation for the [@actions/artifact](https://github.com/actions/toolkit/blob/main/packages/artifact/docs/additional-information.md) package that is used internally regarding certain behaviors and limitations.
 
 # License
 
-The scripts and documentation in this project are released under the [MIT License](LICENSE)
+The scripts and documentation in this project are released under the [MIT License](LICENSE).

package-lock.json

@@ -5,15 +5,14 @@
   "requires": true,
   "dependencies": {
     "@actions/artifact": {
-      "version": "0.5.2",
-      "resolved": "https://registry.npmjs.org/@actions/artifact/-/artifact-0.5.2.tgz",
-      "integrity": "sha512-q/r8WSqyxBJ0ffLCRrtjCBTGnAYqP+ID4yG7f7YSlhrQ4thNg/d+Tq9f1YkLPKX46ZR97OWtGDY+oU/nxcqvLw==",
+      "version": "0.6.0",
+      "resolved": "https://registry.npmjs.org/@actions/artifact/-/artifact-0.6.0.tgz",
+      "integrity": "sha512-o/rT5tJQEXn1mTJhbaNEhC7VO6gNHroDAcalxYSU4VJcrMhkMSBMc5uQ4Uvmdl+lc+Fa2EEzwzPLoYbrXKclGw==",
       "requires": {
         "@actions/core": "^1.2.6",
         "@actions/http-client": "^1.0.11",
-        "@types/tmp": "^0.1.0",
-        "tmp": "^0.1.0",
-        "tmp-promise": "^2.0.2"
+        "tmp": "^0.2.1",
+        "tmp-promise": "^3.0.2"
       }
     },
     "@actions/core": {
@@ -3040,11 +3039,6 @@
       "integrity": "sha512-Hl219/BT5fLAaz6NDkSuhzasy49dwQS/DSdu4MdggFB8zcXv7vflBI3xp7FEmkmdDkBUI2bPUNeMttp2knYdxw==",
       "dev": true
     },
-    "@types/tmp": {
-      "version": "0.1.0",
-      "resolved": "https://registry.npmjs.org/@types/tmp/-/tmp-0.1.0.tgz",
-      "integrity": "sha512-6IwZ9HzWbCq6XoQWhxLpDjuADodH/MKXRUIDFudvgjcVdjFknvmR+DNsoUeer4XPrEnrZs04Jj+kfV9pFsrhmA=="
-    },
     "@types/yargs": {
       "version": "15.0.4",
       "resolved": "https://registry.npmjs.org/@types/yargs/-/yargs-15.0.4.tgz",
@@ -9132,6 +9126,7 @@
       "version": "2.6.3",
       "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz",
       "integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==",
+      "dev": true,
       "requires": {
         "glob": "^7.1.3"
       }
@@ -9551,25 +9546,35 @@
       "dev": true
     },
     "tmp": {
-      "version": "0.1.0",
-      "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.1.0.tgz",
-      "integrity": "sha512-J7Z2K08jbGcdA1kkQpJSqLF6T0tdQqpR2pnSUXsIchbPdTI9v3e85cLW0d6WDhwuAleOV71j2xWs8qMPfK7nKw==",
+      "version": "0.2.1",
+      "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.1.tgz",
+      "integrity": "sha512-76SUhtfqR2Ijn+xllcI5P1oyannHNHByD80W1q447gU3mp9G9PSpGdWmjUOHRDPiHYacIk66W7ubDTuPF3BEtQ==",
       "requires": {
-        "rimraf": "^2.6.3"
+        "rimraf": "^3.0.0"
+      },
+      "dependencies": {
+        "rimraf": {
+          "version": "3.0.2",
+          "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
+          "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
+          "requires": {
+            "glob": "^7.1.3"
+          }
+        }
       }
     },
     "tmp-promise": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-2.1.1.tgz",
-      "integrity": "sha512-Z048AOz/w9b6lCbJUpevIJpRpUztENl8zdv1bmAKVHimfqRFl92ROkmT9rp7TVBnrEw2gtMTol/2Cp2S2kJa4Q==",
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-3.0.3.tgz",
+      "integrity": "sha512-RwM7MoPojPxsOBYnyd2hy0bxtIlVrihNs9pj5SUvY8Zz1sQcQG2tG1hSr8PDxfgEB8RNKDhqbIlroIarSNDNsQ==",
       "requires": {
-        "tmp": "0.1.0"
+        "tmp": "^0.2.0"
       }
     },
     "tmpl": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.4.tgz",
-      "integrity": "sha1-I2QN17QtAEM5ERQIIOXPRA5SHdE=",
+      "version": "1.0.5",
+      "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.5.tgz",
+      "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==",
       "dev": true
     },
     "to-fast-properties": {

package.json

@@ -29,7 +29,7 @@
   },
   "homepage": "https://github.com/actions/upload-artifact#readme",
   "dependencies": {
-    "@actions/artifact": "^0.5.2",
+    "@actions/artifact": "^0.6.0",
     "@actions/core": "^1.2.6",
     "@actions/glob": "^0.1.0",
     "@actions/io": "^1.0.2"