endbug / version-check Goto Github PK

Is it possible to check local version of package, commit changes without involving some npm registry and doing http request?

Hello.
Thank you for this action, I don't use it with node-js, so that shows how flexible it is.
I noticed in the docs that the if statements use string comparisions:

if: steps.check.outputs.changed == 'true'

Github actions are a great source of frustration for me, part because the different ways of doing the same thing and the ambiguity of the error messages. Is this kind of comparision mandatory? Or can it be used just like a boolean? I recall seeing this extension being used with this value as the only input to if, just like

if: steps.check.outputs.changed

But not sure if that was just an older version or if github actions magic will convert that to a boolean or something else.

Thanks and regaards

Describe the bug
Using EndBug/version-check@v2 throws a 404 when the repo is private

To Reproduce
Using this workflow:

name: release

on:
  push:
    branches: [master]

jobs:
  release:
    runs-on: ${{ matrix.os }}

    strategy:
      matrix:
        os: [windows-latest]

    steps:
      - name: Check out Git repository
        uses: actions/checkout@v2

      - name: Install Node.js, NPM and Yarn
        uses: actions/setup-node@v2
        with:
          node-version: 14

      - id: check
        name: Verify package.json version change
        uses: EndBug/version-check@v2
        with:
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: push new tag
        if: steps.check.outputs.changed == 'true'
        run: 'git tag v${{ steps.check.outputs.version }}'

result logs

Describe the bug
Bumping a package from e.g, 2.0.5 to 3.0.0-beta.0 is not detected as a version change

To Reproduce

• Have a package with a non-prerelease version number (e.g. 2.0.5)
• Run npm version premajor --preid=beta
• Push to the branch configured to trigger the version-check action

Expected behavior
version-check should detect a new version

Additional context
I think there may be two unrelated issues with detecting prerelease versions:

1. npm version starts the first prerelease number at .0, but there was a bug in semver-regex which only supported .1 and upwards (see sindresorhus/semver-regex#18). The latest version of version-check was released on January 22, while the semver-regex fix was released on January 25.

2. Even 3.0.0-beta.1 is not recognized as a new version by version-check. Maybe it has something to do with the fact that matchVersion('3.0.0-beta.1') returns '3.0.0'?

   (('3.0.0-beta.1'.match(/[0-9.]+/g) || [])
       .map(s => s.match(/(?<=^v?|\sv?)(?:0|[1-9]\d*)\.(?:0|[1-9]\d*)\.(?:0|[1-9]\d*)(?:-(?:0|[1-9]\d*|[\da-z-]*[a-z-][\da-z-]*)(?:\.(?:0|[1-9]\d*|[\da-z-]*[a-z-][\da-z-]*))*)?(?:\+[\da-z-]+(?:\.[\da-z-]+)*)?(?=$|\s)/ig))
       .find(e => !!e) || [])[0]
   
   => "3.0.0"

   If I understand this line in main.ts correctly, versions.added will be '3.0.0', and is compared to '3.0.0-beta.1' from the version field in package.json .

Hello, I see releases are on v2 and the README example are on v1.
Should we use EndBug/version-check@v2?

Love the action, thanks for making it!

It seems like it would be common to want to skip all of the rest of the workflow if the version has not changed. Not sure this is necessarily possible in the current setup, but it would be really sweet if I didn't have to put the if statements on all of the steps following this one. If instead there was just an option to successfully exit with a 0 exit code if the version hadn't changed, then the if statements on all following steps wouldn't be required

Describe the solution you'd like
An option which can be passed to version-check which would have the action exit if the version hasn't changed - maybe exitIfNotChanged: true?

Hi, I’m here again, I found a question about the error message

Today I keep getting the following error message when using the remote version check

Couldn't find remote version.

This error prompt made me spend some time checking the connectivity of remote files, and even suspected that there was a link problem between the github server and the unpkg server.

Until I temporarily turned off the version check function, I discovered that the package.json file of my local warehouse had a syntax error.

...react-router-cache-route/package.json: Unexpected token] in JSON at position 351

I noticed that the JSON.parse part of version-check/src/main.ts was wrapped with try catch, but it didn’t throw out the problem, and swallowed possible errors in the parsing process

My suggestion is to throw the error so that I can discover my stupid problem in time >_<

Is your feature request related to a problem? Please describe.
I need to be able to ensure PRs for my project have bumped the project package.json version when they commit new code.

Describe the solution you'd like
I want an action to fail a check if package.json hasn't been bumped by running this action from my branch against the main branch. Rather than specifying a file-url, it would be nice to be able to specify a branch instead, and then compare the two that way.

Describe alternatives you've considered
N/a

Additional context
Add any other context or screenshots about the feature request here.

Describe the bug

I think an output should be always provided, not only when there is a commit with matching version number in the commit message and in the diff.

The README says:

changed: either "true" or "false"

The example with steps.check.outputs.changed != 'true' could become steps.check.outputs.changed == 'false'. The != 'true' comparison is currently triggered because there is another, non-boolean output which is logged as an empty string '' and also complies with != 'true'.

To Reproduce

1. Push a commit without changes in package.json.
2. Get this workflow triggered:

      - name: Check package.json for version change
        id: check_package_version
        uses: EndBug/[email protected]

      - name: Log when version changed
        if: steps.check_package_version.outputs.changed == 'true'
        run: 'echo "Version change found in commit ${{ steps.check_package_version.outputs.commit }}! New version: ${{ steps.check_package_version.outputs.version }} (${{ steps.check_package_version.outputs.type }})"'

      - name: Log when version unchanged
        if: steps.check_package_version.outputs.changed != 'true'
        run: 'echo "No version change (${{ steps.check_package_version.outputs.changed }})"'

(Source: react-ui-org/react-ui@14bd0bc#diff-faff1af3d8ff408964a57b2e475f69a6b7c7b71c9978cccc8f471798caac2c88R60)

Expected behavior

steps.check_package_version.outputs.changed outputs 'false'.

Actual behavior

steps.check_package_version.outputs.changed outputs ''.

Screenshots

As noted in #135 (comment), the CONTRIBUTING.md file in the repo is outdated.

Hey folks, trying to get this to work w/ a private org and wondering if y'all can help. I've tried numerous permutations and have tried v 1.1.0 through 2 and can't get it to work. For versions 1.6 and lower, if I use the diff-check, it'll throw a an error due to undefined length, likely due to empty commits for some reason. Everything above 1.6 breaks w/ a 404. Any guidance is appreciate. What I've got for now is below (which gives me the 404 error).

Thanks!

    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
      - name: Use Node 12.x
        uses: actions/setup-node@v1
        with:
          node-version: 12.x
      - name: Check version bump
        uses: EndBug/[email protected] 
        id: check
        with: 
          token: ${{ secrets.GITHUB_TOKEN }}
          diff-search: true
      - name: Log when unchanged
        if: steps.check.outputs.changed == 'false'
        run: exit 1

Describe the bug
Followed the readme, doesn't work. I get the following in the GH actions console:

Run EndBug/version-check@v2
  with:
    diff-search: true
    token: ***
    file-name: package.json
    github-api-url: https://api.github.com/
Searching for version update...
Error: Error: Can't find version field
Outputs:
  changed: false
/home/runner/work/_actions/EndBug/version-check/v2/lib/index.js:1
...

My package.json lives at the root of the project. It has "version": "1.0.1"

To Reproduce
My workflow:

name: Publish package

on:
  push:
    branches:
      - "main"

jobs:
  publish:
    runs-on: ubuntu-latest
    permissions:
      packages: write
      contents: read
    steps:
      - id: check
        uses: EndBug/version-check@v2
        with:
          diff-search: true
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: Publish package
        if: steps.check.outputs.changed == 'true'
        run: 'echo "New version. Publishing: ${{ steps.check.outputs.version }} (${{ steps.check.outputs.type }})" && npm publish'

      - name: No publish
        if: steps.check.outputs.changed == 'false'
        run: 'echo "No version change. Package will not be published."'

Expected behavior
I was expecting this to find the version in package.json and run the steps.

Hi! In your example, you show how to do it with npm published packages, but how would you recommend doing it for packages released only to a private Github repo?

Thanks for your help!

Describe the bug
With a simple setup using the example in the README, I am still getting a 403 error.

To Reproduce

name: Pre-Publish Checks
on:
  pull_request:
    types:
      - opened
      - reopened
jobs:
  build:
    name: Build Source Code
    runs-on: ubuntu-latest
    steps:
      - name: checkout
        uses: actions/checkout@v4

      - name: check version change
        id: version
        uses: EndBug/version-check@v2
        with:
          diff-search: true
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: verify version change
        if: steps.version.outputs.changed == 'false'
        run: 'echo "VERSION CHANGE NOT DETECTED" && exit 1'

Edit: I also tried running setup node first, too, but this still fails:

jobs:
  build:
    name: Build Source Code
    runs-on: ubuntu-latest
    steps:
      - name: checkout
        uses: actions/checkout@v4

      - name: setup
        uses: actions/setup-node@v3
        with:
          node-version: '20.x'

      - name: check version change
        id: version
        uses: EndBug/version-check@v2
        with:
          diff-search: true
          token: ${{ secrets.GITHUB_TOKEN }}

      - name: verify version change
        if: steps.version.outputs.changed == 'false'
        run: 'echo "VERSION CHANGE NOT DETECTED" && exit 1'

Expected behavior
403 should not occur with the token; is it properly being passed?

Screenshots

##[debug]Evaluating condition for step: 'check version change'
##[debug]Evaluating: success()
##[debug]Evaluating success:
##[debug]=> true
##[debug]Result: true
##[debug]Starting: check version change
##[debug]Loading inputs
##[debug]Evaluating: secrets.GITHUB_TOKEN
##[debug]Evaluating Index:
##[debug]..Evaluating secrets:
##[debug]..=> Object
##[debug]..Evaluating String:
##[debug]..=> 'GITHUB_TOKEN'
##[debug]=> '***'
##[debug]Result: '***'
##[debug]Loading env
Run EndBug/version-check@v2
  with:
    diff-search: true
    token: ***
    file-name: package.json
    github-api-url: https://api.github.com
Searching for version update...
Error: Response code 403 (Forbidden)
##[debug]Node Action run completed with exit code [1](https://github.com/inspire-labs-tms-tech/zenbridge/actions/runs/7533794873/job/20506987625#step:3:1)
##[debug]Finishing: check version change

Additional context
Add any other context about the problem here.

Describe the bug

Is there any way to check for a version update in the final pr diff, not in every commits?

i use this action to detect a version update after pull request merge for creating a bump version pr if it is required. so i need to check if pull request's diff only not a single commit. so if i pull changes from main branch (with any version bump) to the branch which im working on i will get a "version was updated" flag after merging this branch back to the main even if diff has no version changes. Am i doing it right?

main 
  | \
  |  my-branch
  *<---------------- commit with a version update
  | \|
  |  * update from main
  |  |
  | /
  * merge my-branch into main
  |

After this steps i will get a "version was updated" but it does not.

To Reproduce

1. Create a branch my-branch from main
2. Push version update to the main
3. Pull changes from 'main' to my-branch
4. Push changes from my-branch to main
   5 .Check for a version update. It should return true

Expected behavior

By the diff there is version update so i need to get "version was not updated"

Screenshots

PR commits:

Changes:

Action logs:

Additional context

My actions:

• bump-version-on-merge-next
• create-release-draft

Describe the bug
Started receiving this deprecation warning from version-check a while ago:

Checking the diffs of 2 commits...
  
  Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
  
  Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
  
  Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
  
  Warning: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

To Reproduce
We use it like this:

- id: version-check
  uses: EndBug/[email protected]
  with:
    diff-search: true
    file-name: "./package.json"

Expected behavior
Should complete without warnings :)

Why not allow checking just the package.json?

Describe the bug
I am trying to implement the simplest version check in this order

• We don't use semver yet
• for each PR I want to check package version against to target branch
• because I want to prevent our team to forget updating it

To Reproduce

      - name: Check version number 👀
        id: version_check
        uses: EndBug/version-check@v2
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          static-checking: localIsNew
          file-url: ::before

      - name: Check version number 👀
        if: steps.version_check.outputs.changed == 'false'
        run: |
          echo "No version change 🐞"
          exit 1

For the first commit to the PR I've got this error
Error: Can't correctly read event file (before: undefined, repository: [object Object])

Expected behavior
I expect pipeline to fail when the version is not updated

Hello!

I want to compare the version of the github package with the remote package from npm registry so that I can control the timing of the action more precisely.

But it does not seem to support it at present.

Is it possible to support this feature? For example the following usage.

with:
  file-name: "https://unpkg.com/#{package name here}/package.json"

Thank!

Describe the bug
Using the diff-search: true option, pre-release changes are not properly detected.

To Reproduce
Moving from "version": "2.5.0-beta.0" to "version": "2.5.0-beta.1" in the package.json file results in the following output:

Run EndBug/version-check@v[2](https://github.com/KeiserCorp/Keiser.A500.Display.Main/runs/6068099586?check_suite_focus=true#step:4:2)
  with:
    diff-search: true
    token: ***
    file-name: package.json
    github-api-url: https://api.github.com
Searching for version update...
Searching in 1 commit...
  Package file name: "package.json"
  Package file URL: undefined
  Version assumptions: undefined
No standard npm version commit found, switching to diff search (this could take more time...)
Checking the diffs of 1 commit...
  - 97615[4](https://github.com/KeiserCorp/Keiser.A500.Display.Main/runs/6068099586?check_suite_focus=true#step:4:4)7: added version doesn't match current one (added: "2.[5](https://github.com/KeiserCorp/Keiser.A500.Display.Main/runs/6068099586?check_suite_focus=true#step:4:5).0-beta"; current: "2.5.0-beta.1")
No matching commit found.

Outputs:
  changed: false

Expected behavior
Should result in changed: true.

Additional details
While digging for this issue I came to lines 394-396 of the main.ts file where I suspect the issue resides, though I don't know the output of the included package to determine if this is indeed the issue.

I think perhaps I've misunderstood something in the set up.

Error I'm getting:

My set up is pretty minimal in my github action:

    name: Version check
        id: check
        uses: EndBug/[email protected]
        with:
          diff-search: true

I see that the documentation says:
when someone changes the version in package.json to 1.2.3 and pushes a commit with the message <WHATEVER> 1.2.3 (eg. Release 1.2.3 or Bump version to v1.2.3), output values are set

This particular commit didn't have a change to the version, but I assume that shouldn't cause the error. The 404 error suggests to me that I have something set up incorrectly.

I'd appreciate any advice.

Ref:

• https://github.com/EndBug/latest-tag/blob/8370394898ede16952c7b57f38020c32d8889419/package.json#L7
• https://github.com/EndBug/latest-tag/blob/29b5b1ab63d49a9aedc21fe75313b9dd4f2254d8/.github/workflows/build.yml

Describe the bug
if use static-checking: localIsNew and the latest published npm package version greater than the local package version then outputs.changed will be eq true

example:
latest published pm package version: 4.0.1
local package version: 4.0.0

To Reproduce
My action configuration: goparrot/geocoder@fdef1e8#diff-87db21a973eed4fef5f32b267aa60fcee5cbdf03c67fafdc2a9b553bb0b15f34R31-R36

result: https://github.com/goparrot/geocoder/runs/2104611216?check_suite_focus=true

debug

Run EndBug/version-check@v1
  with:
    file-url: https://unpkg.com/@goparrot/geocoder@latest/package.json
    static-checking: localIsNew
Searching for version update...
Static-checking files...
  Package file name: "package.json"
  Package file URL: "https://unpkg.com/@goparrot/geocoder@latest/package.json"
Found match for version 4.0.0

Expected behavior
outputs.changed should be false

Hey @hmehta, I'll ask you because PR #14 is yours.
I've fixed the code so that it triggers correctly when a PR is updated. The question is: does it need to check whether the version has changed in the whole PR (which makes more sense to me) or just in the latest commit (which to me seems less useful and probably harder to implement if the commits are more than 20)?
I'd just like to have a second opinion :)

Is your feature request related to a problem? Please describe.
Currently, we have some code in our CI that checks around pre-release (in general, not just premajor, preminor, etc).
It would be cool to be able to remove this code and use this version check.

Describe the solution you'd like
An boolean output called prerelease which is either true or false according to the current version.

Describe alternatives you've considered
We are using semver's prerelease method, it's OK, but I would prefer to use an action instead.

Additional context
This is in continue to the following issue #158.

Here's our CI code:
https://github.com/maplibre/maplibre-gl-js/blob/bb219f0cc9046032b71fddc9fc59d10471bf97e3/.github/workflows/release.yml#L64

It would be nice to remove some dependencies such as martinbeentjes/npm-get-version-action and other steps and simply using this action.

Thanks!

Hello.
Thanks for an amazing tool.

I have a situation where I have a mono-repo and I'm using this tool to decide when to build a docker image. I was wondering if it's possible to specify where the tool should look for the package.json file.

I have seen the getInput function here and from here I have tried setting an environment variable INPUT_FILE-NAME to /monorepo/app1/package.json but it's still not being picked up.

If the package.json version is updated multiple times in a PR, will the GHA detect the change correctly? I use the changed output in my conditional if statement for some steps in my workflow. In reality, this won't be an issue since we always squash and merge our PRs, but for testing purposes, in my PR, it is not detecting the second change. Is it only supposed to be changed once and it keeps that original added version cached somewhere?

In my first commit (785aee0) I changed the version to be 1.2.3-alpha-1. In a later commit (f7fc50a), I changed the version to be 1.2.3alpha2. This no longer detects that the version has been changed and the output changed = false. Is this expected behavior for a PR?

Hi, I was looking for a way to detect version changes to send automatic tweets whenever a new release is created.
This action seems to do exactly what I need, but unfortunately I run across the following error when testing it:
Error: TypeError: Cannot read property 'id' of undefined
You can check the test run here.

Could you give me a hint what I'm doing wrong?

Recently we applied permissions to a job using this action and it started failing with 403 error

Error: Request failed with status code 403

Can you please let us know the permissions required for this job per this github actions permissions link

Thank you

Hi there!
I have pushed a tagged commit and received the following error:

TypeError: Cannot read property 'id' of undefined

This is the commit: spinlud/sequelize-typescript-generator@a0198e6

This is the action configuration:

      - name: Check version changes
        uses: EndBug/version-check@v1
        id: check
        with:
          diff-search: true

      - name: Publish
        if: steps.check.outputs.changed == 'true' && github.ref == 'refs/heads/master'
        run: |
          npm set registry "https://registry.npmjs.org"
          npm set //registry.npmjs.org/:_authToken ${{ secrets.NPM_PUBLISH_TOKEN }}
          npm publish

Any idea how to fix?

Describe the bug
When using latest version (2.1.4) actions' output is false (incorrectly) but when running on the same branch with version 2.1.3 output is correct

To Reproduce
This steps output is wrong

- name: package.json version check
     id: package-check
     uses: EndBug/version-check@v2
     with:
       file-name: ./package.json

This steps output is good

- name: package.json version check
     id: package-check
     uses: EndBug/[email protected]
     with:
       file-name: ./package.json

Expected behavior
V2.1.4 should work same as 2.1.3

Additional context

GH actions output with v2 (2.1.4)

2024-04-24T16:42:21.3583904Z ##[group]Run EndBug/version-check@v2
2024-04-24T16:42:21.3584664Z with:
2024-04-24T16:42:21.3585140Z   file-name: ./package.json
2024-04-24T16:42:21.3586565Z   diff-search: false
2024-04-24T16:42:21.3588619Z   token: ***
2024-04-24T16:42:21.3589712Z   github-api-url: https://api.github.com
2024-04-24T16:42:21.3591162Z ##[endgroup]
2024-04-24T16:42:21.5200239Z Searching for version update...
2024-04-24T16:42:21.7735648Z ##[group]Searching in 12 commits...
2024-04-24T16:42:21.7737070Z Package file name: "package.json"
2024-04-24T16:42:21.7737754Z Package file URL: undefined
2024-04-24T16:42:21.7738513Z Version assumptions: undefined
2024-04-24T16:42:21.7739512Z ##[endgroup]
2024-04-24T16:42:21.7741143Z ##[endgroup]
2024-04-24T16:42:21.7741724Z No matching commit found.
2024-04-24T16:42:21.7743370Z ##[group]Outputs:
2024-04-24T16:42:21.7743958Z changed: false
2024-04-24T16:42:21.7744850Z ##[endgroup]

GH actions output with v2.1.3

2024-04-24T16:44:18.4146768Z ##[group]Run EndBug/[email protected]
2024-04-24T16:44:18.4147264Z with:
2024-04-24T16:44:18.4147700Z   file-name: ./package.json
2024-04-24T16:44:18.4148063Z   diff-search: false
2024-04-24T16:44:18.4148577Z   token: ***
2024-04-24T16:44:18.4149054Z   github-api-url: https://api.github.com
2024-04-24T16:44:18.4149491Z ##[endgroup]
2024-04-24T16:44:18.5251123Z Searching for version update...
2024-04-24T16:44:18.7852403Z ##[group]Searching in 14 commits...
2024-04-24T16:44:18.7853199Z Package file name: "package.json"
2024-04-24T16:44:18.7853851Z Package file URL: undefined
2024-04-24T16:44:18.7854669Z Version assumptions: undefined
2024-04-24T16:44:18.7856874Z ##[endgroup]
2024-04-24T16:44:18.7857945Z No standard npm version commit found, switching to diff search (this could take more time...)
2024-04-24T16:44:18.7859146Z ##[group]Checking the diffs of 14 commits...
2024-04-24T16:44:18.9565910Z - 0afbb6a: no changes to the package file
2024-04-24T16:44:19.1147560Z - e18616d: no changes to the package file
2024-04-24T16:44:19.2824786Z - d2074e1: no changes to the package file
2024-04-24T16:44:19.3941160Z - 6c32155: no changes to the package file
2024-04-24T16:44:19.5168046Z - d43a1df: no changes to the package file
2024-04-24T16:44:19.6358161Z - 0394f06: no changes to the package file
2024-04-24T16:44:19.7446864Z - 8a0fa49: no changes to the package file
2024-04-24T16:44:19.9112417Z - 836473a: no changes to the package file
2024-04-24T16:44:20.0330356Z - 8a3673e: no changes to the package file
2024-04-24T16:44:20.1550052Z - 86bee5d: no changes to the package file
2024-04-24T16:44:20.2576191Z - dcb27bf: match found, more info below
2024-04-24T16:44:20.2578973Z ##[endgroup]
2024-04-24T16:44:20.2580040Z Found match for version 2.0.1: dcb27bf - v2.1.0
2024-04-24T16:44:20.2583219Z ##[group]Outputs:
2024-04-24T16:44:20.2583848Z changed: true
2024-04-24T16:44:20.2584674Z version: 2.0.1
2024-04-24T16:44:20.2585215Z type: undefined
2024-04-24T16:44:20.2589049Z commit: dcb27bf29c2a189d5108bf6b5bf803c243449b18
2024-04-24T16:44:20.2590557Z ##[endgroup]

Gh action run with 2.1.4 - https://github.com/radimkafka/toggl-jira-assistant-export/actions/runs/8820171261/job/24213141006
Gh action run with 2.1.3 - https://github.com/radimkafka/toggl-jira-assistant-export/actions/runs/8820192390/job/24213221132

Describe the bug
version-check doesn't seem to work properly.

I'm using the remote check method to compare with the local check method. It has been working normally before. But today, when I trigger the action as usual, version-check doesn't respond and doesn't output any logs.

Is it related to the recent update?

Screenshots

Additional context
Action: https://github.com/CJY0208/react-router-cache-route/runs/2799672509?check_suite_focus=true
CI config: https://github.com/CJY0208/react-router-cache-route/blob/master/.github/workflows/publish.yml

As pointed out by @sergeyzwezdin in issue #7 (comment link) the action doesn't currently work in private repository.
That's caused by the fact that it does an http call to the GitHub REST API without authentication, and so it's not able to detect private repos.

That could be easily fixable by using the GITHUB_TOKEN automatically created for the action as the bearer authorization token, as described here

Original comment:

Recently I created private repo and the action didn't work returning the following error:

Error: Request failed with status code 404

Once I converted the repo into public it started working.

https://github.com/sergeyzwezdin/actions-test/commit/62ce369b5b1334cc8fa23d0a342e833da9aff333/checks?check_suite_id=275117829

https://github.com/sergeyzwezdin/actions-test/commit/06a578b309174816da3839ab63eb19603ced8620/checks?check_suite_id=275130285

Is it supposed not to work in private repos?

Describe the bug
I'm working in a mono-repo (using Nx) in a github private account. I added the version-check action to my dev yml pipeline and realized I needed to specify which package.json I should use. So I provided the file-name attribute.

To Reproduce
Unfortunately, since the project is closed source, I can't include commit information. But here is my pipeline configuration

verify-version:
    needs: setup-node_modules
    runs-on: ubuntu-latest
    steps:
      - name: tell me the dir
        run: ls
      - name: Version Check
        uses: EndBug/[email protected]
        id: check
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          file-name: libs/core/package.json
      - name: Version Check Passed
        if: steps.check.outputs.changed == 'true' && contains(steps.check.outputs.version, 'alpha') == true
        run: 'echo "Publishing version: ${{ steps.check.outputs.version }}!"'
      - name: Version Check Failed - No alpha
        if: contains(steps.check.outputs.version, 'alpha') != true
        run: 'echo "Invalid version number! Must use the word "alpha" in version number. Received: ${{ steps.check.outputs.version }}.'
      - name: Version Check Failed - Not new version
        if: steps.check.outputs.changed == 'false'
        run: 'echo "No new version (${{ steps.check.outputs.version }}), exiting" && exit 0'

My project is structured such that all the libraries are in the libs folder. So my file path is pretty simple: libs/core/package.json.
I tried adding a . on the front and that didn't seem to change anything.

This is the error message I'm getting:

Run EndBug/version-check@v[2](https://github.com/escreengithub/arc/runs/6734147012?check_suite_focus=true#step:3:2).1.0
  with:
    token: ***
    file-name: libs/core/package.json
    diff-search: false
    github-api-url: https://api.github.com
  env:
    NODE_VERSION: 16.x
    NODE_AUTH_TOKEN: ***
Searching for version update...
(node:1[4](https://github.com/escreengithub/arc/runs/6734147012?check_suite_focus=true#step:3:4)8[5](https://github.com/escreengithub/arc/runs/6734147012?check_suite_focus=true#step:3:5))
UnhandledPromiseRejectionWarning: Error: Package file not found: libs/core/package.json
    at /home/runner/work/_actions/EndBug/version-check/v2.1.0/lib/index.js:1:1[6](https://github.com/escreengithub/arc/runs/6734147012?check_suite_focus=true#step:3:6)5101
    at processTicksAndRejections (internal/process/task_queues.js:9[7](https://github.com/escreengithub/arc/runs/6734147012?check_suite_focus=true#step:3:7):5)
(node:14[8](https://github.com/escreengithub/arc/runs/6734147012?check_suite_focus=true#step:3:8)5) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 2)
(node:[14](https://github.com/escreengithub/arc/runs/6734147012?check_suite_focus=true#step:3:15)85) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

Expected behavior
I would expect the action to find my package.json and read the version correctly.

Additional context
I'm still kinda new to Github actions so I could have definitely not setup the action correctly. But it seems pretty straight forward. I appreciate any thoughts you have.

Really more an edge case - since the action looks at each individual commit, if a version is changed but then reverted in a later commit, it will still interpret it as a version change.

I think the benefit of fixing it might not be high, but maybe we could update the documentation to mention this? Will be happy to submit a PR if that's OK.

Hey guys..

I want to use your action to detect the version change of a sub-component... an npm package. So I was using the file-name property to set the location of my package.json. I am finding that I never get a positive result.. even when I have explicitly upped the version just for testing using npm version patch. I am running the workflow on every push. Here is the result of the action:

Run EndBug/version-check@v1
with:
file-name: ./sdk/package.json
Searching for version update...
Searching in 1 commit...
Package file name: "sdk/package.json"
Package file URL: undefined
Version assumptions: undefined

No matching commit found.

Not sure what I am doing wrong.

Describe the bug

When I try to use the action, it always skips next steps because of output is empty.

To Reproduce

Check out my workflow. It always skips further steps even if I change the version.

Expected behavior

It should run the next steps if version changed.

Screenshots

Based on reading the source code, I understand that once there are more than 20+ commits, the GHA is limited and may not check all commits for a package.json version change.

However, in the code, if a commit message contains the release version and it matches the packageObj.version then it should find and detect the change (here).

For context, these are the settings of the action when I run it:

Actions.versionCheck({
        name: 'Check for Version Change',
        id: 'check-version-change',
        with: {
          'diff-search': 'true',
          'file-name': `projects/${projectName}/package.json`,
          'token': '${{ secrets.GITHUB_TOKEN }}'
        }
      }),

So, since there are 20+ commits, it is not checking every commit for a package.json version update which is expected. But even when I do a later commit with a semver version in the message, it doesn't detect it. Is that expected too??

Proposed solution:
Can commits somehow be reversed so that the most recent 20 commits are checked instead of the first 20? Or can there be a flag to allow this to happen? I'm not entirely sure where this change would go (here maybe?).

It's failed when I first use this version-check action.

It looks like the problem is happening here

Here is my Github action config file:

name: Auto-publish

on:
  release:
    # This specifies that the build will be triggered when we publish a release
    types: [published]

jobs:
  check_version:
    name: Check version
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        with:
          ref: main

      - name: Check version changes
        uses: EndBug/version-check@v1
        id: version
        with:
          diff-search: true

      - name: Check version status
        if: steps.version.outputs.changed == 'true'
        run: |
          echo "Version change found! New version: ${{ steps.version.outputs.version }} (${{ steps.version.outputs.type }})"
    outputs:
      version: ${{ steps.version.outputs.version }}
      version_changed: ${{ steps.version.outputs.changed }}

  build:
    name: Build
    needs: check_version
    if: needs.check.outputs.version_changed == 'true'
    runs-on: ubuntu-latest
    env:
      HUSKY: 0
    steps:
      - uses: actions/checkout@v2
        with:
          ref: main

      - name: Use Node.js 14.16.1
        uses: actions/setup-node@v1
        with:
          node-version: 14.16.1
          registry-url: https://registry.npmjs.org/

      - name: Cache pnpm modules
        uses: actions/cache@v2
        env:
          cache-name: cache-pnpm-modules
        with:
          path: ~/.pnpm-store
          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-${{ hashFiles('**/package.json') }}
          restore-keys: |
            ${{ runner.os }}-build-${{ env.cache-name }}-${{ matrix.node-version }}-
      - uses: pnpm/[email protected]
        with:
          version: 6.0.2
          run_install: |
            - recursive: true
              args: [--frozen-lockfile, --strict-peer-dependencies]
      - name: run lint & test & build
        run: |
          pnpm run lint
          pnpm run test
          pnpm run build
      - name: Upload coverage to Codecov
        uses: codecov/codecov-action@v1
        with:
          token: ${{secrets.CODECOV_TOKEN}}

      - name: upload artifact
        uses: actions/upload-artifact@main
        with:
          name: artifacts
          path: dist/
          retention-days: 5
          if-no-files-found: error

  publish:
    needs: build
    environment: npm-publish
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        with:
          ref: main

      - name: Use Node.js 14.16.1
        uses: actions/setup-node@v1
        with:
          node-version: 14.16.1

      - name: download artifact
        uses: actions/download-artifact@main
        with:
          name: artifacts
          path: dist

      - name: publish to npm
        run: |
          cd dist
          # upgrade npm version in package.json to the tag used in the release.
          echo //registry.npmjs.org/:_authToken=$NODE_AUTH_TOKEN > .npmrc
          npm publish --access public
        env:
          # Use a token to publish to NPM. See below for how to set it up
          NODE_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}

Hello,

I used version_check in my GitHub action workflow, and encountered the problem below.
Does anyone face the same problem ?

I found the source code _links here
https://github.com/EndBug/version-check/blob/main/src/main.ts#L124

Hello,
I'm trying to use the action but it throws the error even though i'm providing the path to the file (file url and file name as well).
My "package,json" file resides in "./client/package.json". I want to compare the version from local package.json against the release branch package.json file.

Error logs >>>
Run EndBug/version-check@v[2]
with:
diff-search: true
file-url: https://raw.githubusercontent.com/owner/my-repo/release/client/package.json
file-name: /client/package.json
token: ***
static-checking: localIsNew
github-api-url: https://api.github.com
Searching for version update...
Static-checking files...
Package file name: "/client/package.json"
Package file URL: "https://raw.githubusercontent.com/owner/my-repo/release/client/package.json"
Error: Response code :404 (Not Found)

Here is the workflow file:

steps:
- name: Check out repository
  uses: actions/checkout@v2

- name: Package.json version check
  id: check
  uses: EndBug/version-check@v2
  with:
    diff-search: true
    file-url: https://raw.githubusercontent.com/${{ github.repository }}/${{ github.base_ref }}/client/package.json
    file-name: /client/package.json
    token: ${{ secrets.GITHUB_TOKEN }}
    static-checking: localIsNew

- name: Echo versions
  run: |
      echo "Version change found in commit ${{ steps.check.outputs.commit }}! New version: ${{ steps.check.outputs.version }} (${{ steps.check.outputs.type }})"

- name: Version Bump check enforced
  shell: pwsh
  if: steps.check.outputs.changed == 'false'
  run: |
    echo "No version change :/"
    echo "Please bump the application version before merging into release"
    exit 1
- name: Version bumped
  shell: pwsh
  if: steps.check.outputs.changed == 'true'
  run: |
    echo "Version bumped! Enjoy the new release :)"