feat: standardize validate-inputs parameter to action-type (#309 )

fix: test-actions security scan (#307 )
fix: support INPUT_ACTION_TYPE and INPUT_ACTION (#305 )
2026-02-09 02:45:26 +00:00 · 2025-10-25 18:14:42 +03:00 · 2025-10-24 18:21:44 +03:00 · 2025-10-24 15:55:09 +03:00 · 2025-10-24 11:46:52 +00:00 · 2025-10-24 04:27:51 +00:00
10 changed files with 24 additions and 21 deletions
--- a/.github/workflows/test-actions.yml
+++ b/.github/workflows/test-actions.yml
@@ -235,8 +235,8 @@ jobs:
        uses: trufflesecurity/trufflehog@0f58ae7c5036094a1e3e750d18772af92821b503
        with:
          path: ./
-          base: ${{ github.event.repository.default_branch }}
+          base: ${{ github.event_name == 'pull_request' && github.event.repository.default_branch || '' }}
-          head: HEAD
+          head: ${{ github.event_name == 'pull_request' && 'HEAD' || '' }}
          extra_args: --debug --only-verified
      - name: Scan shell scripts
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -14,7 +14,7 @@ repos:
        types: [markdown, python, yaml]
        files: ^(docs/.*|README\.md|CONTRIBUTING\.md|CHANGELOG\.md|.*\.py|.*\.ya?ml)$
  - repo: https://github.com/astral-sh/uv-pre-commit
-    rev: 0.9.2
+    rev: 0.9.5
    hooks:
      - id: uv-lock
      - id: uv-sync
@@ -89,7 +89,7 @@ repos:
      - id: renovate-config-validator
  - repo: https://github.com/bridgecrewio/checkov.git
-    rev: '3.2.483'
+    rev: '3.2.487'
    hooks:
      - id: checkov
        args:
--- a/biome-check/action.yml
+++ b/biome-check/action.yml
@@ -46,7 +46,7 @@ runs:
    - name: Validate Inputs (Centralized)
      uses: ivuorinen/actions/validate-inputs@7061aafd35a2f21b57653e34f2b634b2a19334a9
      with:
-        action: biome-check
+        action-type: biome-check
    - name: Validate Inputs (Additional)
      id: validate
--- a/npm-publish/README.md
+++ b/npm-publish/README.md
@@ -10,10 +10,10 @@ Publishes the package to the NPM registry with configurable scope and registry U
 | name              | description                            | required | default                                |
 |-------------------|----------------------------------------|----------|----------------------------------------|
 | `npm_token`       | <p>NPM token.</p>                      | `true`   | `""`                                   |
 | `registry-url`    | <p>Registry URL for publishing.</p>    | `false`  | `https://registry.npmjs.org/`          |
 | `scope`           | <p>Package scope to use.</p>           | `false`  | `@ivuorinen`                           |
 | `package-version` | <p>The version to publish.</p>         | `false`  | `${{ github.event.release.tag_name }}` |
 | `npm_token`       | <p>NPM token.</p>                      | `true`   | `""`                                   |
 | `token`           | <p>GitHub token for authentication</p> | `false`  | `""`                                   |
 ### Outputs
@@ -33,6 +33,12 @@ This action is a `composite` action.
 ```yaml
 - uses: ivuorinen/actions/npm-publish@main
  with:
    npm_token:
    # NPM token.
    #
    # Required: true
    # Default: ""
    registry-url:
    # Registry URL for publishing.
    #
@@ -51,12 +57,6 @@ This action is a `composite` action.
    # Required: false
    # Default: ${{ github.event.release.tag_name }}
    npm_token:
    # NPM token.
    #
    # Required: true
    # Default: ""
    token:
    # GitHub token for authentication
    #
--- a/php-composer/action.yml
+++ b/php-composer/action.yml
@@ -81,7 +81,7 @@ runs:
      id: validate
      uses: ivuorinen/actions/validate-inputs@7061aafd35a2f21b57653e34f2b634b2a19334a9
      with:
-        action: php-composer
+        action-type: php-composer
    - name: Setup PHP
      id: php
--- a/pr-lint/action.yml
+++ b/pr-lint/action.yml
@@ -42,7 +42,7 @@ runs:
      id: validate
      uses: ivuorinen/actions/validate-inputs@7061aafd35a2f21b57653e34f2b634b2a19334a9
      with:
-        action: pr-lint
+        action-type: pr-lint
        token: ${{ inputs.token }}
        username: ${{ inputs.username }}
        email: ${{ inputs.email }}
--- a/stale/action.yml
+++ b/stale/action.yml
@@ -45,7 +45,7 @@ runs:
      id: validate
      uses: ivuorinen/actions/validate-inputs@7061aafd35a2f21b57653e34f2b634b2a19334a9
      with:
-        action: 'stale'
+        action-type: 'stale'
        token: ${{ inputs.token || github.token }}
        days-before-stale: ${{ inputs.days-before-stale }}
        days-before-close: ${{ inputs.days-before-close }}
--- a/validate-inputs/README.md
+++ b/validate-inputs/README.md
@@ -10,7 +10,7 @@ Centralized Python-based input validation for GitHub Actions with PCRE regex sup
 | name                | description                                                                        | required | default |
 |---------------------|------------------------------------------------------------------------------------|----------|---------|
-| `action`            | <p>Action name to validate (alias for action-type)</p>                             | `true`   | `""`    |
+| `action`            | <p>Action name to validate (alias for action-type)</p>                             | `false`  | `""`    |
 | `action-type`       | <p>Type of action to validate (e.g., csharp-publish, docker-build, eslint-fix)</p> | `false`  | `""`    |
 | `rules-file`        | <p>Path to validation rules file</p>                                               | `false`  | `""`    |
 | `fail-on-error`     | <p>Whether to fail on validation errors</p>                                        | `false`  | `true`  |
@@ -81,7 +81,7 @@ This action is a `composite` action.
    action:
    # Action name to validate (alias for action-type)
    #
-    # Required: true
+    # Required: false
    # Default: ""
    action-type:
--- a/validate-inputs/action.yml
+++ b/validate-inputs/action.yml
@@ -13,7 +13,7 @@ branding:
 inputs:
  action:
    description: 'Action name to validate (alias for action-type)'
-    required: true
+    required: false
  action-type:
    description: 'Type of action to validate (e.g., csharp-publish, docker-build, eslint-fix)'
    required: false
--- a/validate-inputs/validator.py
+++ b/validate-inputs/validator.py
@@ -32,7 +32,7 @@ def collect_inputs() -> dict[str, str]:
    """
    inputs = {}
    for key, value in os.environ.items():
-        if key.startswith("INPUT_") and key != "INPUT_ACTION_TYPE":
+        if key.startswith("INPUT_") and key not in ("INPUT_ACTION_TYPE", "INPUT_ACTION"):
            input_name = key[6:].lower()
            inputs[input_name] = value
@@ -73,8 +73,11 @@ def write_output(status: str, action_type: str, **kwargs) -> None:
 def main() -> None:
    """Main validation entry point."""
-    # Get the action type from environment
+    # Get the action type from environment (check both INPUT_ACTION_TYPE and INPUT_ACTION)
-    action_type = os.environ.get("INPUT_ACTION_TYPE", "").strip()
+    action_type = (
        os.environ.get("INPUT_ACTION_TYPE", "").strip()
        or os.environ.get("INPUT_ACTION", "").strip()
    )
    if not action_type:
        logger.error("::error::No action type provided")
        sys.exit(1)
Author	SHA1	Message	Date
Copilot	81f54fda92	feat: standardize validate-inputs parameter to action-type (#309 )	2025-10-25 18:14:42 +03:00
Ismo Vuorinen	a09e59aa7c	fix: test-actions security scan (#307 )	2025-10-24 18:21:44 +03:00
Ismo Vuorinen	2d8ff47548	fix: support INPUT_ACTION_TYPE and INPUT_ACTION (#305 )	2025-10-24 15:55:09 +03:00
renovate[bot]	a3fb0bd8db	chore(deps): update pre-commit hook bridgecrewio/checkov (3.2.483 → 3.2.487) (#304 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-10-24 11:46:52 +00:00
renovate[bot]	42312cdbe4	chore(deps): update pre-commit hook astral-sh/uv-pre-commit (0.9.2 → 0.9.5) (#303 ) Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2025-10-24 04:27:51 +00:00