actions · Apr 3, 2025 · Apr 3, 2025 · Apr 3, 2025 · Apr 3, 2025 · Apr 3, 2025
diff --git a/.github/workflows/update-permission-inputs.yml b/.github/workflows/update-permission-inputs.yml
@@ -0,0 +1,33 @@
+name: Update Permission Inputs
+
+on:
+  pull_request:
+    paths:
+      - 'package.json'
+      - 'package-lock.json'
+  workflow_dispatch:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  contents: write
+
+jobs:
+  update-permission-inputs:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version-file: .node-version
+          cache: 'npm'
+      - name: Install dependencies
+        run: npm ci
+      - name: Run permission inputs update script
+        run: node scripts/update-permission-inputs.js
+      - name: Commit changes
+        uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0
+        with:
+          commit_message: 'feat: update permission inputs'
diff --git a/action.yml b/action.yml
@@ -7,18 +7,10 @@ branding:
 inputs:
   app-id:
     description: "GitHub App ID"
-    required: false # TODO: When 'app_id' is removed, make 'app-id' required
-  app_id:
-    description: "GitHub App ID"
-    required: false
-    deprecationMessage: "'app_id' is deprecated and will be removed in a future version. Use 'app-id' instead."
+    required: true
   private-key:
     description: "GitHub App private key"
-    required: false # TODO: When 'private_key' is removed, make 'private-key' required
-  private_key:
-    description: "GitHub App private key"
-    required: false
-    deprecationMessage: "'private_key' is deprecated and will be removed in a future version. Use 'private-key' instead."
+    required: true
   owner:
     description: "The owner of the GitHub App installation (defaults to current repository owner)"
     required: false
@@ -28,10 +20,6 @@ inputs:
   skip-token-revoke:
     description: "If truthy, the token will not be revoked when the current job is complete"
     required: false
-  skip_token_revoke:
-    description: "If truthy, the token will not be revoked when the current job is complete"
-    required: false
-    deprecationMessage: "'skip_token_revoke' is deprecated and will be removed in a future version. Use 'skip-token-revoke' instead."
   # Make GitHub API configurable to support non-GitHub Cloud use cases
   # see https://github.com/actions/create-github-app-token/issues/77
   github-api-url:
@@ -49,7 +37,7 @@ inputs:
   permission-contents:
     description: "The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be set to 'read' or 'write'."
   permission-dependabot-secrets:
-    description: "The leve of permission to grant the access token to manage Dependabot secrets. Can be set to 'read' or 'write'."
+    description: "The level of permission to grant the access token to manage Dependabot secrets. Can be set to 'read' or 'write'."
   permission-deployments:
     description: "The level of permission to grant the access token for deployments and deployment statuses. Can be set to 'read' or 'write'."
   permission-email-addresses:

diff --git a/badges/coverage.svg b/badges/coverage.svg