diff --git a/README.md b/README.md index 4656f654..7a36ba38 100644 --- a/README.md +++ b/README.md @@ -12,10 +12,14 @@ This action provides the following functionality for GitHub Actions users: - Registering problem matchers for error output - Configuring authentication for GPR or npm +## Breaking changes in V6 + +- Caching is now automatically enabled for npm projects when the `packageManager` field in `package.json` is set to `npm`. For other package managers, such as Yarn and pnpm, caching is disabled by default and must be configured manually using the `cache` input. + ## Breaking changes in V5 -- Enabled caching for npm dependencies by default when the package manager is detected and no cache input is provided. - > For workflows with elevated privileges or access to sensitive information, we recommend disabling automatic caching for npm by setting `package-manager-cache: false` when caching is not needed for secure operation. +- Enabled caching by default with package manager detection if no cache input is provided. + > For workflows with elevated privileges or access to sensitive information, we recommend disabling automatic caching by setting `package-manager-cache: false` when caching is not needed for secure operation. - Upgraded action from node20 to node24. > Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. [See Release Notes](https://github.com/actions/runner/releases/tag/v2.327.1) @@ -28,7 +32,7 @@ See [action.yml](action.yml) ```yaml -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: # Version Spec of the version to use in SemVer notation. # It also admits such aliases as lts/*, latest, nightly and canary builds @@ -114,7 +118,7 @@ See [action.yml](action.yml) ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: 24 - run: npm ci @@ -163,7 +167,7 @@ See the examples of using cache for `yarn`/`pnpm` and `cache-dependency-path` in ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: 24 cache: 'npm' @@ -176,7 +180,7 @@ steps: ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: 24 cache: 'npm' @@ -192,7 +196,7 @@ This behavior is controlled by the `package-manager-cache` input, which defaults ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: package-manager-cache: false - run: npm ci @@ -212,7 +216,7 @@ jobs: steps: - uses: actions/checkout@v5 - name: Setup node - uses: actions/setup-node@v5 + uses: actions/setup-node@v6 with: node-version: ${{ matrix.node }} - run: npm ci @@ -226,7 +230,7 @@ jobs: To get a higher rate limit, you can [generate a personal access token on github.com](https://github.com/settings/tokens/new) and pass it as the `token` input for the action: ```yaml -uses: actions/setup-node@v5 +uses: actions/setup-node@v6 with: token: ${{ secrets.GH_DOTCOM_TOKEN }} node-version: 24 diff --git a/dist/setup/index.js b/dist/setup/index.js index 63e926da..4aa29b26 100644 --- a/dist/setup/index.js +++ b/dist/setup/index.js @@ -99844,15 +99844,9 @@ function getNameFromPackageManagerField() { const packageJson = JSON.parse(fs_1.default.readFileSync(path.join(process.env.GITHUB_WORKSPACE, 'package.json'), 'utf-8')); // Check devEngines.packageManager first (object or array) const devPM = (_a = packageJson === null || packageJson === void 0 ? void 0 : packageJson.devEngines) === null || _a === void 0 ? void 0 : _a.packageManager; - if (devPM) { - if (Array.isArray(devPM)) { - for (const obj of devPM) { - if (typeof (obj === null || obj === void 0 ? void 0 : obj.name) === 'string' && npmRegex.test(obj.name)) { - return 'npm'; - } - } - } - else if (typeof (devPM === null || devPM === void 0 ? void 0 : devPM.name) === 'string' && npmRegex.test(devPM.name)) { + const devPMArray = devPM ? (Array.isArray(devPM) ? devPM : [devPM]) : []; + for (const obj of devPMArray) { + if (typeof (obj === null || obj === void 0 ? void 0 : obj.name) === 'string' && npmRegex.test(obj.name)) { return 'npm'; } } diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md index 77f051a2..3dcf0e2c 100644 --- a/docs/advanced-usage.md +++ b/docs/advanced-usage.md @@ -46,7 +46,7 @@ If `check-latest` is set to `true`, the action first checks if the cached versio ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: '24' check-latest: true @@ -64,7 +64,7 @@ See [supported version syntax](https://github.com/actions/setup-node#supported-v ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version-file: '.nvmrc' - run: npm ci @@ -98,7 +98,7 @@ jobs: name: Node sample steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: '24' architecture: 'x64' # optional, x64 or x86. If not specified, x64 will be used by default @@ -119,7 +119,7 @@ jobs: name: Node sample steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: '24.0.0-v8-canary' # it will install the latest v8 canary release for node 24.0.0 - run: npm ci @@ -134,7 +134,7 @@ jobs: name: Node sample steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: '24-v8-canary' # it will install the latest v8 canary release for node 24 - run: npm ci @@ -150,7 +150,7 @@ jobs: name: Node sample steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: 'v24.0.0-v8-canary2025030537242e55ac' - run: npm ci @@ -170,7 +170,7 @@ jobs: name: Node sample steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: '24-nightly' # it will install the latest nightly release for node 24 - run: npm ci @@ -186,7 +186,7 @@ jobs: name: Node sample steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: '24.0.0-nightly' # it will install the latest nightly release for node 24.0.0 - run: npm ci @@ -202,7 +202,7 @@ jobs: name: Node sample steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: '24.0.0-nightly202505066102159fa1' - run: npm ci @@ -220,7 +220,7 @@ jobs: name: Node sample steps: - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: node-version: '24.0.0-rc.4' - run: npm ci @@ -238,7 +238,7 @@ Yarn caching handles both Yarn Classic (v1) and Yarn Berry (v2, v3, v4+). ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: '24' cache: 'yarn' @@ -260,7 +260,7 @@ steps: - uses: pnpm/action-setup@v4 with: version: 10 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: '24' cache: 'pnpm' @@ -276,7 +276,7 @@ steps: ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: '24' cache: 'npm' @@ -289,7 +289,7 @@ steps: ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: '24' cache: 'npm' @@ -327,7 +327,7 @@ jobs: steps: - uses: actions/checkout@v5 - name: Setup node - uses: actions/setup-node@v5 + uses: actions/setup-node@v6 with: node-version: ${{ matrix.node_version }} architecture: ${{ matrix.architecture }} @@ -339,7 +339,7 @@ jobs: ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: '24.x' registry-url: 'https://registry.npmjs.org' @@ -347,7 +347,7 @@ steps: - run: npm publish env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: registry-url: 'https://npm.pkg.github.com' - run: npm publish @@ -359,7 +359,7 @@ steps: ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: '24.x' registry-url: @@ -367,7 +367,7 @@ steps: - run: yarn publish env: NODE_AUTH_TOKEN: ${{ secrets.YARN_TOKEN }} -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: registry-url: 'https://npm.pkg.github.com' - run: yarn publish @@ -379,7 +379,7 @@ steps: ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: '24.x' registry-url: 'https://registry.npmjs.org' @@ -399,7 +399,7 @@ Below you can find a sample "Setup .yarnrc.yml" step, that is going to allow you ```yaml steps: - uses: actions/checkout@v5 -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: '24.x' - name: Setup .yarnrc.yml @@ -428,7 +428,7 @@ It is possible to specify a token to authenticate with the mirror using the `mir The token will be passed as a bearer token in the `Authorization` header. ```yaml -- uses: actions/setup-node@v5 +- uses: actions/setup-node@v6 with: node-version: '24.x' mirror: 'https://nodejs.org/dist' diff --git a/package-lock.json b/package-lock.json index 4a35bf12..297a9fdc 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "setup-node", - "version": "5.0.0", + "version": "6.0.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "setup-node", - "version": "5.0.0", + "version": "6.0.0", "license": "MIT", "dependencies": { "@actions/cache": "^4.0.3", diff --git a/package.json b/package.json index df57ab7c..ef1cfc19 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "setup-node", - "version": "5.0.0", + "version": "6.0.0", "private": true, "description": "setup node action", "main": "lib/setup-node.js", diff --git a/src/main.ts b/src/main.ts index b0988701..07871150 100644 --- a/src/main.ts +++ b/src/main.ts @@ -149,14 +149,9 @@ export function getNameFromPackageManagerField(): string | undefined { // Check devEngines.packageManager first (object or array) const devPM = packageJson?.devEngines?.packageManager; - if (devPM) { - if (Array.isArray(devPM)) { - for (const obj of devPM) { - if (typeof obj?.name === 'string' && npmRegex.test(obj.name)) { - return 'npm'; - } - } - } else if (typeof devPM?.name === 'string' && npmRegex.test(devPM.name)) { + const devPMArray = devPM ? (Array.isArray(devPM) ? devPM : [devPM]) : []; + for (const obj of devPMArray) { + if (typeof obj?.name === 'string' && npmRegex.test(obj.name)) { return 'npm'; } }