Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: actions/create-github-app-token
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.6.3
Choose a base ref
...
head repository: actions/create-github-app-token
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.6.4
Choose a head ref
  • 2 commits
  • 11 files changed
  • 2 contributors

Commits on Jan 19, 2024

  1. fix(revocation): avoid revoking expired tokens and fail gracefully (#95) 

    Fixes #72

If an Actions job is long enough, more than an hour can pass between
creating and revoking the App token in the post-job clean up step. Since
the token itself is used to authenticate with the revoke API, an expired
token will fail to be revoked.

This PR saves the token expiration in the actions state and uses that in
the post step to determine if the token can be revoked. I've also added
error handling to the revoke token API call, as it's unlikely that users
would want their job to fail if the token can't be revoked.
    @joshmgross
    joshmgross authored Jan 19, 2024
    1 Configuration menu
    Copy the full SHA
    0c01407 View commit details
    Browse the repository at this point in the history

  2. build(release): 1.6.4 [skip ci] 

    ## [1.6.4](v1.6.3...v1.6.4) (2024-01-19)

### Bug Fixes

* **revocation:** avoid revoking expired tokens and fail gracefully ([#95](#95)) ([0c01407](0c01407)), closes [#72](#72)
    @semantic-release-bot
    semantic-release-bot committed Jan 19, 2024
    Configuration menu
    Copy the full SHA
    c4fa18d View commit details
    Browse the repository at this point in the history
Loading