Ingest v0.5.2 of @actions/artifact (#100 )

* npm install --update @actions/artifact * Update .licenses file * npm run release
Merge pull request #97 from actions/dependabot/npm_and_yarn/glob-parent-5.1.2
2025-08-21 23:30:07 +08:00 · 2021-06-16 16:19:05 -04:00 · 2021-06-16 16:06:52 -04:00 · 2021-06-16 16:06:23 -04:00 · 2021-06-16 16:06:06 -04:00 · 2021-06-16 16:05:29 -04:00
8 changed files with 2238 additions and 2539 deletions
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -0,0 +1 @@
+ * @actions/artifacts-actions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -2,6 +2,8 @@ name: "Code scanning - action"

 on:
  push:
+    branches-ignore: "dependabot/**"
+  pull_request:
    paths-ignore:
      - '**.md'
  schedule:
--- a/.licenses/npm/@actions/artifact.dep.yml
+++ b/.licenses/npm/@actions/artifact.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: "@actions/artifact"
-version: 0.3.5
+version: 0.5.2
 type: npm
 summary: Actions artifact lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/artifact
--- a/.licenses/npm/@actions/http-client.dep.yml
+++ b/.licenses/npm/@actions/http-client.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: "@actions/http-client"
-version: 1.0.8
+version: 1.0.11
 type: npm
 summary: Actions Http Client
 homepage: https://github.com/actions/http-client#readme
--- a/README.md
+++ b/README.md
@@ -63,7 +63,7 @@ When using `download-artifact@v1`, a directory denoted by the name of the artifa
          ... contents of my-artifact
 ```

-With `v2`, there is no longer an extra directory that is created if the `path` input is not provided. All the contents are downloaded to the current working directory.
+With `v2`, when an artifact is specified by the `name` input, there is no longer an extra directory that is created if the `path` input is not provided. All the contents are downloaded to the current working directory.
 ```
   current/working/directory/
      ... contents of my-artifact
--- a/dist/index.js
+++ b/dist/index.js
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -28,7 +28,7 @@
  },
  "homepage": "https://github.com/actions/download-artifact#readme",
  "dependencies": {
-    "@actions/artifact": "^0.3.5",
+    "@actions/artifact": "^0.5.2",
    "@actions/core": "^1.2.6"
  },
  "devDependencies": {
@@ -37,7 +37,7 @@
    "@zeit/ncc": "^0.22.1",
    "concurrently": "^5.2.0",
    "eslint": "^7.4.0",
-    "eslint-plugin-github": "^3.4.1",
+    "eslint-plugin-github": "^4.1.1",
    "prettier": "^2.0.5",
    "typescript": "^3.8.3"
  }
Author	SHA1	Message	Date
Brian Cristante	3be87be14a	Ingest v0.5.2 of @actions/artifact (#100 ) * npm install --update @actions/artifact * Update .licenses file * npm run release	2021-06-16 16:19:05 -04:00
Brian Cristante	8bef1ad834	Merge pull request #97 from actions/dependabot/npm_and_yarn/glob-parent-5.1.2 Bump glob-parent from 5.1.1 to 5.1.2	2021-06-16 16:06:52 -04:00
Brian Cristante	2940e0d2ad	Merge pull request #92 from actions/dependabot/npm_and_yarn/hosted-git-info-2.8.9 Bump hosted-git-info from 2.8.5 to 2.8.9	2021-06-16 16:06:23 -04:00
Brian Cristante	bd90b34638	Merge pull request #91 from actions/dependabot/npm_and_yarn/lodash-4.17.21 Bump lodash from 4.17.19 to 4.17.21	2021-06-16 16:06:06 -04:00
Brian Cristante	3b6d0aba35	Merge pull request #99 from actions/brcrista/dependabot-push Don't trigger CodeQL on Dependabot push	2021-06-16 16:05:29 -04:00
Brian Cristante	46a6d6f216	Don't trigger CodeQL on Dependabot push	2021-06-16 16:01:04 -04:00
dependabot[bot]	246a0f4716	Bump glob-parent from 5.1.1 to 5.1.2 Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: glob-parent dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-11 13:14:19 +00:00
Robert Cannon	df388c92ce	Clarified the `v1` and `v2` differences (#96 ) The original text implies by supplying no inputs all files are placed in the root directory without added directories by focusing only on the `path` input. In practice, supplying no inputs results in the backwards compatible `v1` behavior of creating an extra parameter. This may be obvious in some scenarios and stated somewhat later in the document, but is less obvious when the "name" matches a filename for a single file artifact.	2021-05-21 21:20:10 +02:00
dependabot[bot]	87f717a35d	Bump hosted-git-info from 2.8.5 to 2.8.9 Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.5 to 2.8.9. - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.9) Signed-off-by: dependabot[bot] <support@github.com>	2021-05-11 17:16:23 +00:00
dependabot[bot]	ae445150c2	Bump lodash from 4.17.19 to 4.17.21 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21) Signed-off-by: dependabot[bot] <support@github.com>	2021-05-11 12:10:53 +00:00
Konrad Pabjan	158ca71f7c	Bump @actions/artifact to version 0.5.1 (#85 )	2021-04-06 16:50:27 -04:00
dependabot[bot]	65bdb44741	Bump y18n from 4.0.0 to 4.0.1 (#84 ) Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/y18n/commits) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-04-06 15:23:44 -04:00
Josh Gross	782e5ae9ea	Merge pull request #81 from rneatherway/codeql-add-pull-request-trigger Add on: pull_request trigger to CodeQL workflow	2021-01-14 18:42:16 -05:00
Robin Neatherway	a6ff13d56d	Add on: pull_request trigger to CodeQL workflow From February 2021, in order to provide feedback on pull requests, Code Scanning workflows must be configured with both `push` and `pull_request` triggers. This is because Code Scanning compares the results from a pull request against the results for the base branch to tell you only what has changed between the two. Early in the beta period we supported displaying results on pull requests for workflows with only `push` triggers, but have discontinued support as this proved to be less robust. See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#scanning-pull-requests for more information on how best to configure your Code Scanning workflows.	2021-01-13 11:19:52 +00:00
Konrad Pabjan	4a7a711286	Add retries to all HTTP calls + fix dependabot alerts (#80 ) * Update @actions/artifact package to version 0.5.0 * bump eslint-plugin-github to version 4.1.1 * Update artifact.dep.yml	2021-01-04 15:47:26 +01:00
Konrad Pabjan	f144d3c391	Update @actions/artifact from 0.3.5 to 0.4.2 (#73 ) * Update @actions/artifact from 0.3.5 to 0.4.2 * Update package versions in .licenses	2020-12-15 10:55:26 -05:00
Josh Gross	987de047e8	Merge pull request #71 from actions/joshmgross/fix-codeowners Fix CODEOWNERS team name	2020-12-07 15:50:08 -05:00
Josh Gross	89cfa805e3	Fix CODEOWNERS team name	2020-12-07 13:35:10 -05:00
Yang Cao	37439a4b3c	Merge pull request #69 from brcrista/patch-1 Add CODEOWNERS file	2020-11-25 15:24:36 -05:00
Brian Cristante	d84bbb4c0a	Create CODEOWNERS	2020-11-25 15:18:14 -05:00