Releases: rhysd/actionlint
Releases · rhysd/actionlint
v1.6.19
- Fix inputs, outputs, and secrets of reusable workflow should be case-insensitive. (#216)
# .github/workflows/reusable.yaml on: workflow_call: inputs: INPUT_UPPER: type: string input_lower: type: string secrets: SECRET_UPPER: secret_lower: ... # .github/workflows/test.yaml ... jobs: caller: uses: ./.github/workflows/reusable.yaml # Inputs and secrets are case-insensitive. So all the followings should be OK with: input_upper: ... INPUT_LOWER: ... secrets: secret_upper: ... SECRET_LOWER: ...
- Describe how to install specific version of
actionlintbinary with the download script. (#218)
v1.6.18
- This release much enhances checks for local reusable workflow calls. Note that these checks are done for local reusable workflows (starting with
./). (#179).- Detect missing required inputs/secrets and undefined inputs/secrets at
jobs.<job_id>.withandjobs.<job_id>.secrets. See the document for more details.# .github/workflows/reusable.yml on: workflow_call: inputs: name: type: string required: true secrets: password: required: true ... # .github/workflows/test.yml ... jobs: missing-required: uses: ./.github/workflows/reusable.yml with: # ERROR: Undefined input "user" user: rhysd # ERROR: Required input "name" is missing secrets: # ERROR: Undefined secret "credentials" credentials: my-token # ERROR: Required secret "password" is missing
- Type check for reusable workflow inputs at
jobs.<job_id>.with. Types are defined aton.workflow_call.inputs.<name>.typein reusable workflow. actionlint checks types of expressions in workflow calls. See the document for more details.# .github/workflows/reusable.yml on: workflow_call: inputs: id: type: number message: type: string ... # .github/workflows/test.yml ... jobs: type-checks: uses: ./.github/workflows/reusable.yml with: # ERROR: Cannot assign string value to number input. format() returns string value id: ${{ format('runner name is {0}', runner.name) }} # ERROR: Cannot assign null to string input. If you want to pass string "null", use ${{ 'null' }} message: null
- Detect local reusable workflow which does not exist at
jobs.<job_id>.uses. See the document for more details.jobs: test: # ERROR: This workflow file does not exist with: ./.github/workflows/does-not-exist.yml
- Check
needs.<job_id>.outputs.<output_id>in downstream jobs of workflow call jobs. The outputs object is now typed strictly based onon.workflow_call.outputs.<name>in the called reusable workflow. See the document for more details.# .github/workflows/get-build-info.yml on: workflow_call: outputs: version: value: ... description: version of software ... # .github/workflows/test.yml ... jobs: # This job's outputs object is typed as {version: string} get_build_info: uses: ./.github/workflows/get-build-info.yml downstream: needs: [get_build_info] runs-on: ubuntu-latest steps: # OK. `version` is defined in the reusable workflow - run: echo '${{ needs.get_build_info.outputs.version }}' # ERROR: `tag` is not defined in the reusable workflow - run: echo '${{ needs.get_build_info.outputs.tag }}'
- Detect missing required inputs/secrets and undefined inputs/secrets at
- Add missing properties in contexts and improve types of some properties looking at the official contexts document.
github.action_statusrunner.debugservices.<service_id>.ports
- Fix
on.workflow_call.inputs.<name>.descriptionandon.workflow_call.secrets.<name>.descriptionwere incorrectly mandatory. They are actually optional. - Report parse errors when parsing
action.ymlin local actions. They were ignored in previous versions. - Sort the order of properties in an object type displayed in error message. In previous versions, actionlint sometimes displayed
{a: true, b: string}, or it displayed{b: string, a: true}for the same object type. This randomness was caused by random iteration of map values in Go. - Update popular actions data set to the latest.
v1.6.17
- Allow workflow calls are available in matrix jobs. See the official announcement for more details. (#197)
jobs: ReuseableMatrixJobForDeployment: strategy: matrix: target: [dev, stage, prod] uses: octocat/octo-repo/.github/workflows/deployment.yml@main with: target: ${{ matrix.target }}
- Allow nested workflow calls. See the official announcement for more details. (#201)
on: workflow_call jobs: call-another-reusable: uses: path/to/another-reusable.yml@v1
- Fix job outputs should be passed to
needs.*.outputsof only direct children. Until v1.6.16, they are passed to any downstream jobs. (#151)When you need bothjobs: first: runs-on: ubuntu-latest outputs: first: 'output from first job' steps: - run: echo 'first' second: needs: [first] runs-on: ubuntu-latest outputs: second: 'output from second job' steps: - run: echo 'second' third: needs: [second] runs-on: ubuntu-latest steps: - run: echo '${{ toJSON(needs.second.outputs) }}' # ERROR: `needs.first` does not exist, but v1.6.16 reported no error - run: echo '${{ toJSON(needs.first.outputs) }}'
needs.firstandneeds.second, add the both toneeds:.third: needs: [first, second] runs-on: ubuntu-latest steps: # OK - echo '${{ toJSON(needs.first.outputs) }}'
- Fix
}}in string literals are detected as end marker of placeholder${{ }}. (#205)jobs: test: runs-on: ubuntu-latest strategy: # This caused an incorrect error until v1.6.16 matrix: ${{ fromJSON('{"foo":{}}') }}
- Fix
working-directory:should not be available withuses:in steps.working-directory:is only available withrun:. (#207)steps: - uses: actions/checkout@v3 # ERROR: `working-directory:` is not available here working-directory: ./foo
- The working directory for running
actionlintcommand can be set viaWorkingDirfield ofLinterOptionsstruct. When it is empty, the return value fromos.Getwdwill be used. - Update popular actions data set.
actions/configure-pages@v2was added. - Use Go 1.19 on CI by default. It is used to build release binaries.
- Update dependencies (go-yaml/yaml v3.0.1).
- Update playground dependencies (except for CodeMirror v6).
v1.6.16
- Allow an empty object at
permissions:. You can use it to disable permissions for all of the available scopes. (#170, #171, thanks @peaceiris)permissions: {}
- Support
github.triggering_actorcontext value. (#190, thanks @stefreak) - Rename
step-idrule toidrule. Now the rule checks both job IDs and step IDs. See the document for more details. (#182)jobs: # ERROR: '.' cannot be contained in ID v1.2.3: runs-on: ubuntu-latest steps: - run: echo 'job ID with version' # ERROR: ID cannot contain spaces id: echo for test # ERROR: ID cannot start with numbers 2d-game: runs-on: ubuntu-latest steps: - run: echo 'oops'
- Accessing
envcontext injobs.<id>.ifis now reported as error. (#155)jobs: test: runs-on: ubuntu-latest # ERROR: `env` is not available here if: ${{ env.DIST == 'arch' }} steps: - run: ...
- Fix actionlint wrongly typed some matrix value when the matrix is expanded with
${{ }}. For example,matrix.fooin the following code is typed as{x: string}, but it should beanybecause it is initialized with the value fromfromJSON. (#145)strategy: matrix: foo: ${{ fromJSON(...) }} exclude: - foo: x: y
- Fix incorrect type check when multiple runner labels are set to
runs-on:via expanding${{ }}for selecting self-hosted runners. (#164)jobs: test: strategy: matrix: include: - labels: ["self-hosted", "macOS", "X64"] - labels: ["self-hosted", "linux"] # actionlint incorrectly reported type error here runs-on: ${{ matrix.labels }}
- Fix usage of local actions (
uses: ./path/to/action) was not checked when multiple workflow files were passed toactionlintcommand. (#173) - Allow
description:is missing insecrets:of reusable workflow call definition since it is optional. (#174) - Fix type of propery of
github.event.inputsis string unlikeinputscontext. See the document for more details. (#181)on: workflow_dispatch: inputs: is-valid: # Type of `inputs.is-valid` is bool # Type of `github.event.inputs.is-valid` is string type: boolean
- Fix crash when a value is expanded with
${{ }}atcontinue-on-error:. (#193) - Fix some error was caused by some other error. For example, the following code reported two errors. '" is not available for string literal' error caused another 'one placeholder should be included in boolean value string' error. This was caused because the
${{ x == "foo" }}placeholder was not counted due to the previous type error.if: ${{ x == "foo" }}
- Add support for
merge_groupworkflow trigger. - Add official actions to manage GitHub Pages to popular actions data set.
actions/configure-pages@v1actions/deploy-pages@v1actions/upload-pages-artifact@v1
- Update popular actions data set to the latest. Several new major versions and new inputs of actions were added to it.
- Describe how to install actionlint via Chocolatey, scoop, and AUR in the installation document. (#167, #168, thanks @sitiom)
- VS Code extension for actionlint was created by @arahatashun. See the document for more details.
- Describe how to use the Docker image at step of GitHub Actions workflow. See the document for the details. (#146)
- uses: docker://rhysd/actionlint:latest with: args: -color
- Clarify the behavior if empty strings are set to some command line options in documents.
-shellcheck=disables shellcheck integration and-pyflakes=disables pyflakes integration. (#156) - Update Go module dependencies.
Contributors
stefreak, arahatashun, and 2 other contributors
Assets 14
v1.6.15
- Fix referring
envcontext fromenv:at step level caused an error.env:at toplevel and job level cannot referenvcontext, butenv:at step level can. (#158)on: push env: # ERROR: 'env:' at toplevel cannot refer 'env' context ERROR1: ${{ env.PATH }} jobs: my_job: runs-on: ubuntu-latest env: # ERROR: 'env:' at job level cannot refer 'env' context ERROR2: ${{ env.PATH }} steps: - run: echo "$THIS_IS_OK" env: # OK: 'env:' at step level CAN refer 'env' context THIS_IS_OK: ${{ env.PATH }}
- Docker image for linux/arm64 is now provided. It is useful for M1 Mac users. (#159, thanks @politician)
- Fix the download script did not respect the version specified via the first argument. (#162, thanks @mateiidavid)
Contributors
politician and mateiidavid
Assets 14
v1.6.14
- Some filters are exclusive in events at
on:. Now actionlint checks the exclusive filters are used in the same event.pathsandpaths-ignore,branchesandbranches-ignore,tagsandtags-ignoreare exclusive. See the document for the details.on: push: # ERROR: Both 'paths' and 'paths-ignore' filters cannot be used for the same event paths: ... paths-ignore: ...
- Some event filters are checked more strictly. Some filters are only available with specific events. Now actionlint checks the limitation. See the document for complete list of such filters.
on: release: # ERROR: 'tags' filter is only available for 'push' event tags: v*.*.*
- Paths starting/ending with spaces are now reported as error.
- Inputs of workflow which specify both
defaultandrequiredare now reported as error. Whenrequiredis specified at input of workflow call, a caller of it must specify value of the input. So the default value will never be used. (#154, thanks @sksat)on: workflow_call: inputs: my_input: description: test type: string # ERROR: The default value 'aaa' will never be used required: true default: aaa
- Fix inputs of
workflow_dispatchare set toinputscontext as well asgithub.event.inputs. This was added by the recent change of GitHub Actions. (#152)on: workflow_dispatch: inputs: my_input: type: string required: true jobs: my_job: runs-on: ubuntu-latest steps: - run: echo ${{ github.event.inputs.my_input }} # Now the input is also set to `inputs` context - run: echo ${{ inputs.my_input }}
- Improve that
envcontext is now not defined in values ofenv:,id:anduses:. actionlint now reports usage ofenvcontext in such places as type errors. (#158)runs-on: ubuntu-latest env: FOO: aaa steps: # ERROR: 'env' context is not defined in values of 'env:', 'id:' and 'uses:' - uses: test/${{ env.FOO }}@main env: BAR: ${{ env.FOO }} id: foo-${{ env.FOO }}
actionlintcommand gains-stdin-filenamecommand line option. When it is specified, the file name is used on reading input from stdin instead of<stdin>. (#157, thanks @arahatashun)# Error message shows foo.yml as file name where the error happened ... | actionlint -stdin-filename foo.yml -
- The download script allows to specify a directory path to install
actionlintexecutable with the second argument of the script. For example, the following command downloads/path/to/bin/actionlint:# Downloads the latest stable version at `/path/to/bin/actionlint` bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) latest /path/to/bin # Downloads actionlint v1.6.14 at `/path/to/bin/actionlint` bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) 1.6.14 /path/to/bin
- Update popular actions data set including
goreleaser-action@v3,setup-python@v4,aks-set-context@v3. - Update Go dependencies including go-yaml/yaml v3.
Contributors
sksat and arahatashun
Assets 14
v1.6.13
secrets: inheritin reusable workflow is now supported (#138)This means that actionlint cannot know the workflow inherits secrets or not when checking a reusable workflow. To supporton: workflow_dispatch: jobs: pass-secrets-to-workflow: uses: ./.github/workflows/called-workflow.yml secrets: inherit
secrets: inheritwithout giving up on checkingsecretscontext, actionlint assumes the followings. See the document for the details.- when
secrets:is omitted in a reusable workflow, the workflow inherits secrets from a caller - when
secrets:exists in a reusable workflow, the workflow inherits no other secret
- when
macos-12runner is now supported (#134, thanks @shogo82148)ubuntu-22.04runner is now supported (#142, thanks @shogo82148)concurrencyis available on reusable workflow call (#136)jobs: checks: concurrency: group: ${{ github.ref }}-${{ github.workflow }} cancel-in-progress: true uses: ./path/to/workflow.yaml
- pre-commit hook now uses a fixed version of actionlint. For example, the following configuration continues to use actionlint v1.6.13 even if v1.6.14 is released. (#116)
repos: - repo: https://github.com/rhysd/actionlint rev: v1.6.13 hooks: - id: actionlint-docker
- Update popular actions data set including new versions of
docker/*,haskell/actions/setup,actions/setup-go, ... (#140, thanks @bflad) - Update Go module dependencies
Contributors
bflad and shogo82148
Assets 14
v1.6.12
- Fix
secrets.ACTIONS_RUNNER_DEBUGandsecrets.ACTIONS_STEP_DEBUGare not pre-defined in a reusable workflow. (#130) - Fix checking permissions is outdated.
pagesanddiscussionspermissions were added andmetadatapermission was removed. (#131, thanks @suzuki-shunsuke) - Disable SC2157 shellcheck rule to avoid a false positive due to the replacement of
${{ }}in script. For example, in the below script-z ${{ env.FOO }}was replaced with-z ______________and it caused 'always false due to literal strings' error. (#113)- run: | if [[ -z ${{ env.FOO }} ]]; then echo "FOO is empty" fi
- Add codecov-action@v3 to popular actions data set.
Contributors
suzuki-shunsuke
Assets 14
v1.6.11
- Fix crash on making outputs in JSON format with
actionlint -format '{{json .}}'. (#128) - Allow any outputs from
actions/github-scriptaction because it allows to set arbitrary outputs via callingcore.setOutput()in JavaScript. (#104)- id: test uses: actions/github-script@v5 with: script: | core.setOutput('answer', 42); - run: | echo "The answer is ${{ steps.test.outputs.answer }}"
- Add support for Go 1.18. All released binaries were built with Go 1.18 compiler. The bottom supported version is Go 1.16 and it's not been changed.
- Update popular actions data set (
actions/cache,code-ql-actions/*, ...) - Update some Go module dependencies
v1.6.10
- Support outputs in reusable workflow call. See the official document for the usage of the outputs syntax. (#119, #121)
Example of reusable workflow definition:Example of reusable workflow call:on: workflow_call: outputs: some_output: description: "Some awesome output" value: 'result value of workflow call' jobs: job: runs-on: ubuntu-latest steps: ...
jobs: job1: uses: ./.github/workflows/some_workflow.yml job2: runs-on: ubuntu-latest needs: job1 steps: - run: echo ${{ needs.job1.outputs.some_output }}
- Support checking
jobscontext, which is only available inon.workflow_call.outputs.<name>.value. Outputs of jobs can be referred via the context. See the document for more details.on: workflow_call: outputs: image-version: description: "Docker image version" # ERROR: 'imagetag' does not exist (typo of 'image_tag') value: ${{ jobs.gen-image-version.outputs.imagetag }} jobs: gen-image-version: runs-on: ubuntu-latest outputs: image_tag: "${{ steps.get_tag.outputs.tag }}" steps: - run: ./output_image_tag.sh id: get_tag
- Add new major releases in
actions/*actions includingactions/checkout@v3,actions/setup-go@v3,actions/setup-python@v3, ... - Check job IDs. They must start with a letter or
_and contain only alphanumeric characters,-or_. See the document for more details. (#80)on: push jobs: # ERROR: '.' cannot be contained in job ID foo-v1.2.3: runs-on: ubuntu-latest steps: - run: 'job ID with version'
- Fix
windows-latestnow meanswindows-2022runner. See virtual-environments#4856 for the details. (#120) - Update the playground dependencies to the latest.
- Update Go module dependencies