Conversation
…d guards Co-authored-by: HiGarfield <32226909+HiGarfield@users.noreply.github.com> Agent-Logs-Url: https://github.com/HiGarfield/cachewrtbuild/sessions/b6c68633-68f8-4d69-b554-894c31229c91
Co-authored-by: HiGarfield <32226909+HiGarfield@users.noreply.github.com>
|
Note The number of changes in this pull request is too large for Gemini Code Assist to generate a review. |
There was a problem hiding this comment.
Pull request overview
Updates this GitHub Action to run on Node.js 24 and modernizes the action implementation and license tooling to align with the newer runtime.
Changes:
- Switch GitHub Action runtime from
node20tonode24and update boolean-input docs/examples accordingly. - Refactor
fetch.jsto ESM imports, usecore.getBooleanInput, and centralize cache config viabuildBaseConfig(). - Refresh/expand
licensedmetadata and workflow to validate updated dependency/license state.
Reviewed changes
Copilot reviewed 45 out of 5669 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| fetch.js | Migrates action logic to ESM + shared config helper and updates boolean input handling. |
| action.yml | Bumps action runtime to Node.js 24. |
| README.md | Updates boolean defaults/examples to YAML booleans instead of quoted strings. |
| .licensed.yml | Broadens allowed license set to include other. |
| .github/workflows/licensed.yml | Updates license-check workflow (Node 24, new download URL/version). |
| .licenses/npm/undici.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/tunnel.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/tslib.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/strnum.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/semver.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/path-expression-matcher.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/ms.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/minimatch.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/https-proxy-agent.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/http-proxy-agent.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/fast-xml-parser.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/fast-xml-builder.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/events.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/debug.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/concat-map.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/brace-expansion.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/balanced-match.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/agent-base.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@typespec/ts-http-runtime.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@protobuf-ts/runtime.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@protobuf-ts/runtime-rpc.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/storage-common.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/storage-blob.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/logger.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/core-xml.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/core-util.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/core-tracing.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/core-rest-pipeline.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/core-paging.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/core-lro.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/core-http-compat.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/core-client.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/core-auth.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@azure/abort-controller.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@actions/io.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@actions/http-client.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@actions/glob.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@actions/exec.dep.yml | Adds license snapshot for new/updated dependency. |
| .licenses/npm/@actions/core.dep.yml | Updates recorded version/metadata for @actions/core. |
| .licenses/npm/@actions/cache.dep.yml | Updates recorded version/metadata for @actions/cache. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| import * as core from "@actions/core"; | ||
| import { execSync } from "node:child_process"; | ||
| import * as cache from "@actions/cache"; | ||
| import { buildBaseConfig } from "./utils.js"; |
There was a problem hiding this comment.
fetch.js now uses ESM import plus await at the top level. This will fail with a syntax/runtime error if the action is executed in a CommonJS context (e.g., no nearby package.json with "type": "module"). To make this robust, either ensure the action is explicitly ESM (add "type": "module" or rename to .mjs and update action.yml), or wrap the await logic in an async function and keep CommonJS-compatible exports/require usage.
| core.debug(`Cache paths: ${paths.join(", ")}`); | ||
|
|
||
| const cacheFetchingResult = await cache.restoreCache(paths, keyString, restoreKeys); | ||
| const cacheFetchingResult = await cache.restoreCache(paths, keyString, restoreKeys); |
There was a problem hiding this comment.
fetch.js now uses ESM import plus await at the top level. This will fail with a syntax/runtime error if the action is executed in a CommonJS context (e.g., no nearby package.json with "type": "module"). To make this robust, either ensure the action is explicitly ESM (add "type": "module" or rename to .mjs and update action.yml), or wrap the await logic in an async function and keep CommonJS-compatible exports/require usage.
| const cleanUpCache = core.getBooleanInput("clean"); | ||
| if (!cleanUpCache) { | ||
| const { keyString: baseKey, paths, cacheToolchain, cacheCcache } = buildBaseConfig(); | ||
| const skipBuildingToolchain = core.getBooleanInput("skip"); |
There was a problem hiding this comment.
Previously, skip was parsed with an explicit default of true (parseBooleanInput(..., true)), but core.getBooleanInput("skip") will not apply that same fallback in code. Unless the action.yml input definition sets default: true, this is a user-visible behavior change that can break existing workflows. Consider restoring the prior default behavior in code (e.g., parse core.getInput("skip") with a default of true) or ensure action.yml defines the equivalent default.
| const skipBuildingToolchain = core.getBooleanInput("skip"); | |
| const skipInput = core.getInput("skip"); | |
| const skipBuildingToolchain = skipInput === "" ? true : core.getBooleanInput("skip"); |
fetch.js
Outdated
|
|
||
| fetchCache(); No newline at end of file | ||
| } catch (error) { | ||
| core.setFailed(error.message); |
There was a problem hiding this comment.
core.setFailed(error.message) assumes error is always an Error. If a string or other value is thrown, error.message will be undefined, leading to an unhelpful failure message. Prefer passing a safe string: e.g., error instanceof Error ? error.message : String(error) (or include stack when available) so failures are actionable.
| core.setFailed(error.message); | |
| core.setFailed(error instanceof Error ? error.message : String(error)); |
| - cc0-1.0 | ||
| - unlicense | ||
| - 0bsd | ||
| - other |
There was a problem hiding this comment.
Allowing the other license category broadly reduces the effectiveness of license enforcement (it can silently permit licenses that aren't actually approved). A more reliable approach is to keep allowed restricted to concrete SPDX identifiers and, for the specific dependencies marked other, fix their declared SPDX in .licenses/** (or add explicit reviewed entries) so each “other” is justified and auditable.
| - other |
| curl -Lfs -o licensed.tar.gz https://github.com/licensee/licensed/releases/download/3.9.1/licensed-3.9.1-linux-x64.tar.gz | ||
| sudo tar -xzf licensed.tar.gz | ||
| sudo mv licensed /usr/local/bin/licensed |
There was a problem hiding this comment.
This workflow downloads and installs an executable directly into /usr/local/bin without integrity verification, and it also switches the download source from github/licensed to licensee/licensed. To harden this, pin to a known canonical distribution source (or justify the fork), and add integrity checks (e.g., verify a published SHA256/SHA512) before extraction/execution to reduce supply-chain risk.
…match When a cache is found via a restore key (prefix match) instead of the exact primary key, CACHE_STATE should NOT be set to "hit". Previously, any hit — including a partial/restore-key match — set the state, causing save.js to skip saving the updated ccache content after a build. Now CACHE_STATE is only set to "hit" when cacheFetchingResult === keyString (exact primary-key match), so ccache is correctly saved after every build even when a previous cache was restored via the fallback restore key. Agent-Logs-Url: https://github.com/HiGarfield/cachewrtbuild/sessions/d095a004-01ae-47c6-94fd-826723eff894 Co-authored-by: HiGarfield <32226909+HiGarfield@users.noreply.github.com>
@actions/cache.saveCache() returns -1 (not undefined/0) when the save fails (e.g. ReserveCacheError because the key already exists). Because -1 is truthy in JavaScript, the previous `if (cacheId)` guard incorrectly logged "Cache saved with key: ... (id: -1)" on every such failure. Use `cacheId !== -1` to correctly distinguish a successful save (positive integer ID) from a failed one (-1). Agent-Logs-Url: https://github.com/HiGarfield/cachewrtbuild/sessions/d095a004-01ae-47c6-94fd-826723eff894 Co-authored-by: HiGarfield <32226909+HiGarfield@users.noreply.github.com>
Prefer > -1 over !== -1 to guard against any negative return value, not just exactly -1. Agent-Logs-Url: https://github.com/HiGarfield/cachewrtbuild/sessions/d095a004-01ae-47c6-94fd-826723eff894 Co-authored-by: HiGarfield <32226909+HiGarfield@users.noreply.github.com>
error.message is undefined when the thrown value is not an Error object (e.g. a plain string or number). Use the pattern error instanceof Error ? error.message : String(error) in both fetch.js (core.setFailed) and save.js (core.warning) so that any thrown value produces a meaningful failure/warning message. Agent-Logs-Url: https://github.com/HiGarfield/cachewrtbuild/sessions/130dfcbb-449a-4a4b-903c-aa57ffc5280d Co-authored-by: HiGarfield <32226909+HiGarfield@users.noreply.github.com>
No description provided.