Skip to content

chore(deps): update actions/github-script action to v9 - autoclosed#58

Closed
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/actions-github-script-9.x
Closed

chore(deps): update actions/github-script action to v9 - autoclosed#58
renovate[bot] wants to merge 1 commit into
masterfrom
renovate/actions-github-script-9.x

Conversation

@renovate

@renovate renovate Bot commented Jul 4, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change
actions/github-script action major v8.0.0v9.0.0

Release Notes

actions/github-script (actions/github-script)

v9.0.0

Compare Source

New features:

  • getOctokit factory function — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See Creating additional clients with getOctokit for details and examples.
  • Orchestration ID in user-agent — The ACTIONS_ORCHESTRATION_ID environment variable is automatically appended to the user-agent string for request tracing.

Breaking changes:

  • require('@​actions/github') no longer works in scripts. The upgrade to @actions/github v9 (ESM-only) means require('@​actions/github') will fail at runtime. If you previously used patterns like const { getOctokit } = require('@​actions/github') to create secondary clients, use the new injected getOctokit function instead — it's available directly in the script context with no imports needed.
  • getOctokit is now an injected function parameter. Scripts that declare const getOctokit = ... or let getOctokit = ... will get a SyntaxError because JavaScript does not allow const/let redeclaration of function parameters. Use the injected getOctokit directly, or use var getOctokit = ... if you need to redeclare it.
  • If your script accesses other @actions/github internals beyond the standard github/octokit client, you may need to update those references for v9 compatibility.
What's Changed
New Contributors

Full Changelog: actions/github-script@v8.0.0...v9.0.0

v9

Compare Source


Configuration

📅 Schedule: (in timezone America/Boise)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 4, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
❌ Deployment failed
View logs
aerealith 4959936 Jul 04 2026, 05:28 PM

@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/actions/github-script 3a2844b7e9c422d3c10d287c895573f7108da1b3 🟢 7.8
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1021 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
SAST🟢 10SAST tool is run on all commits
Branch-Protection🟢 6branch protection is not maximal on development and all release branches

Scanned Files

  • .github/workflows/00-ci.yaml

@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown

Coverage Report for Aerealith Vitest Coverage (.)

Status Category Percentage Covered / Total
🔵 Lines 85.61% 833 / 973
🔵 Statements 85.64% 835 / 975
🔵 Functions 73.46% 227 / 309
🔵 Branches 68.55% 316 / 461
File CoverageNo changed files found.
Generated in workflow #104 for commit 4959936 by the Vitest Coverage Report Action

@codecov

codecov Bot commented Jul 4, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ All tests successful. No failed tests found.

📢 Thoughts on this report? Let us know!

@nx-cloud

nx-cloud Bot commented Jul 4, 2026

Copy link
Copy Markdown

View your CI Pipeline Execution ↗ for commit 651ae49

Command Status Duration Result
nx affected --targets=lint,typecheck,test,build... ✅ Succeeded <1s View ↗

💡 Verify your cache is correct by running tasks in a sandbox. Read docs ↗


☁️ Nx Cloud last updated this comment at 2026-07-04 08:51:00 UTC

@nx-cloud

nx-cloud Bot commented Jul 4, 2026

Copy link
Copy Markdown

View your CI Pipeline Execution ↗ for commit 651ae49

Command Status Duration Result
nx run frontend:build:preview ✅ Succeeded 2s View ↗

💡 Verify your cache is correct by running tasks in a sandbox. Read docs ↗


☁️ Nx Cloud last updated this comment at 2026-07-04 09:04:17 UTC

@codecov

codecov Bot commented Jul 4, 2026

Copy link
Copy Markdown

Bundle Report

Bundle size has no change ✅

@github-code-quality

github-code-quality Bot commented Jul 4, 2026

Copy link
Copy Markdown

Code Coverage Overview

Languages: JavaScript

JavaScript / code-coverage/vitest

The overall coverage remains at 86%, unchanged from the branch.


Updated July 04, 2026 17:46 UTC
Code Coverage is in Public Preview. Learn more and provide us with your feedback.

@github-actions github-actions Bot added type: ci GitHub Actions, continuous integration, or workflow automation. automated Created or updated by automation, bots, or repository workflows. dependencies Dependency update, package maintenance, or lockfile change. labels Jul 4, 2026
@github-actions

github-actions Bot commented Jul 4, 2026

Copy link
Copy Markdown

Aerealith CI

Overall result: ❌ Failed
Run: #104

Check Result
Dependency install ✅ Passed
Nx installation ✅ Passed
Nx workspace reset ✅ Passed
Git comparison range ✅ Passed
Nx affected validation ❌ Failed
MegaLinter ✅ Passed

Cache

  • pnpm store: hit
  • Nx task cache: managed by Nx Cloud when configured for this workspace.
Run details
  • Base SHA: 255485f7eac3305483f1936f5df67656b686a63b
  • Head SHA: 4959936a97eae68d64a430f1c64ef83dfc5b8aca
  • Validation targets: lint, typecheck, test, build
  • Logs: download the ci-logs artifact from the workflow run.

Warning

Nx affected validation failed. Download the ci-logs artifact and inspect nx-affected-validation.log.
If the project graph reports Vite or Vitest plugin-worker failures, repair the affected Nx/Vite/Vitest configuration before rerunning CI.

@renovate renovate Bot force-pushed the renovate/actions-github-script-9.x branch from 651ae49 to 4959936 Compare July 4, 2026 17:27
@sonarqubecloud

sonarqubecloud Bot commented Jul 4, 2026

Copy link
Copy Markdown

@Sinless777 Sinless777 moved this to Inbox in Aerealith Delivery Jul 5, 2026
@Sinless777 Sinless777 moved this from Inbox to In Review in Aerealith Delivery Jul 5, 2026
@Sinless777

Copy link
Copy Markdown
Contributor

@renovate-bot rebase

@renovate renovate Bot changed the title chore(deps): update actions/github-script action to v9 chore(deps): update actions/github-script action to v9 - autoclosed Jul 6, 2026
@renovate renovate Bot closed this Jul 6, 2026
@github-project-automation github-project-automation Bot moved this from In Review to Done in Aerealith Delivery Jul 6, 2026
@renovate renovate Bot deleted the renovate/actions-github-script-9.x branch July 6, 2026 01:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

automated Created or updated by automation, bots, or repository workflows. dependencies Dependency update, package maintenance, or lockfile change. type: ci GitHub Actions, continuous integration, or workflow automation.

Projects

Archived in project

Development

Successfully merging this pull request may close these issues.

1 participant