@actions/core - npm Package Compare versions

Comparing version 1.1.1 to 1.1.2

lib/command.d.ts

@@ -0,0 +0,0 @@ interface CommandProperties {

lib/command.js

@@ -0,0 +0,0 @@ "use strict";

lib/core.d.ts

@@ -0,0 +0,0 @@ /**

lib/core.js

@@ -52,3 +52,2 @@ "use strict";
     command_1.issueCommand('set-secret', {}, val);
-    throw new Error('Not implemented.');
 }
@@ -55,0 +54,0 @@ exports.exportSecret = exportSecret;

package.json

 {
   "name": "@actions/core",
-  "version": "1.1.1",
+  "version": "1.1.2",
   "description": "Actions core lib",
@@ -25,3 +25,4 @@ "keywords": [
     "type": "git",
-    "url": "git+https://github.com/actions/toolkit.git"
+    "url": "git+https://github.com/actions/toolkit.git",
+    "directory": "packages/core"
   },
@@ -28,0 +29,0 @@ "scripts": {

README.md

@@ -7,13 +7,19 @@ # `@actions/core`
 
+### Import the package
+
+```js
+// javascript
+const core = require('@actions/core');
+
+// typescript
+import * as core from '@actions/core';
+```
+
 #### Inputs/Outputs
 
-You can use this library to get inputs or set outputs:
+Action inputs can be read with `getInput`.  Outputs can be set with `setOutput` which makes them available to be mapped into inputs of other actions to ensure they are decoupled.
 
 ```js
-const core = require('@actions/core');
-
 const myInput = core.getInput('inputName', { required: true });
 
-// Do stuff
-
 core.setOutput('outputKey', 'outputVal');
@@ -24,10 +30,12 @@ ```
 
-You can also export variables for future steps. Variables get set in the environment.
+Since each step runs in a separate process, you can use `exportVariable` to add it to this step and future steps environment blocks.
 
 ```js
-const core = require('@actions/core');
+core.exportVariable('envVar', 'Val');
+```
 
-// Do stuff
+Exporting a secret exports the variable but also registers the secret with the runner to ensure it is masked in logs.
 
-core.exportVariable('envVar', 'Val');
+```js
+core.exportSecret('myPassword', mypass);
 ```
@@ -37,8 +45,6 @@
 
-You can explicitly add items to the path for all remaining steps in a workflow:
+To make a tool's path available in the path for the remainder of the job (without altering the machine or containers state), use `addPath`.  The runner will prepend the path given to the jobs PATH.
 
 ```js
-const core = require('@actions/core');
-
-core.addPath('pathToTool');
+core.addPath('/path/to/mytool');
 ```
@@ -48,3 +54,3 @@
 
-You should use this library to set the failing exit code for your action:
+You should use this library to set the failing exit code for your action.  If status is not set and the script runs to completion, that will lead to a success.
 
@@ -62,2 +68,4 @@ ```js
 
+Note that `setNeutral` is not yet implemented in actions V2 but equivalent functionality is being planned.
+
 ```
@@ -64,0 +72,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

18443

increased by0.63%

Number of lines in readme file

105

increased by8.25%

Worsened metrics

Lines of code

355

decreased by-0.28%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes