diff --git a/.github/workflows/ci-nudge.yml b/.github/workflows/ci-nudge.yml index f14461f..bd6f9ad 100644 --- a/.github/workflows/ci-nudge.yml +++ b/.github/workflows/ci-nudge.yml @@ -55,7 +55,7 @@ jobs: # back to github-actions[bot], defeating this bot's own purpose. permission-issues: write - - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0 + - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 env: APP_TOKEN: ${{ steps.app-token.outputs.token }} with: @@ -65,7 +65,7 @@ jobs: const marker = process.env.MARKER; const appClient = process.env.APP_TOKEN - ? require('@actions/github').getOctokit(process.env.APP_TOKEN) + ? new (github.constructor)({ auth: process.env.APP_TOKEN }) : null; async function write(fn) { if (appClient) { diff --git a/.github/workflows/issue-triage.yml b/.github/workflows/issue-triage.yml index 0da78c8..53bd570 100644 --- a/.github/workflows/issue-triage.yml +++ b/.github/workflows/issue-triage.yml @@ -57,7 +57,7 @@ jobs: # of inheriting the App's full installation permissions. permission-issues: write - - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0 + - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: # App token when available (→ testsprite-hob[bot]); else the default # GITHUB_TOKEN (→ github-actions[bot]). Either way the logic is identical. diff --git a/.github/workflows/pr-triage.yml b/.github/workflows/pr-triage.yml index cfd114d..d505f0b 100644 --- a/.github/workflows/pr-triage.yml +++ b/.github/workflows/pr-triage.yml @@ -71,7 +71,7 @@ jobs: # fallback path (unused by this specific App-token mint). permission-issues: write - - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0 + - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 env: APP_TOKEN: ${{ steps.app-token.outputs.token }} with: @@ -86,7 +86,7 @@ jobs: const author = pr.user.login; const appClient = process.env.APP_TOKEN - ? require('@actions/github').getOctokit(process.env.APP_TOKEN) + ? new (github.constructor)({ auth: process.env.APP_TOKEN }) : null; // Prefer the App identity; fall back to github-actions[bot] when the // App is absent or lacks the Pull-requests permission (403/404). diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index fbaa607..b670166 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -26,7 +26,7 @@ jobs: issues: write # comment + (un)label + close stale issues pull-requests: write # comment + (un)label + close stale PRs steps: - - uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0 + - uses: actions/stale@1e223db275d687790206a7acac4d1a11bd6fe629 # v10.4.0 with: # ── issues ────────────────────────────────────────────────────── days-before-issue-stale: 60