Bump the actions group with 2 updates (#199)

Bumps the actions group with 2 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest).


Updates `@types/node` from 24.0.7 to 24.0.10
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `jest` from 30.0.3 to 30.0.4
- [Release notes](https://github.com/jestjs/jest/releases)
- [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jestjs/jest/commits/v30.0.4/packages/jest)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 24.0.10
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: jest
  dependency-version: 30.0.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/dependabot.yml

@@ -0,0 +1,18 @@
+version: 2
+updates:
+   - package-ecosystem: npm
+     directory: /
+     schedule:
+        interval: weekly
+     groups:
+        actions:
+           patterns:
+              - '*'
+   - package-ecosystem: github-actions
+     directory: .github/workflows
+     schedule:
+        interval: weekly
+     groups:
+        actions:
+           patterns:
+              - '*'

.github/workflows/defaultLabels.yml

@@ -13,7 +13,7 @@ jobs:
 
       # Steps represent a sequence of tasks that will be executed as part of the job
       steps:
-         - uses: actions/stale@v9
+         - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 #v9.1.0
            name: Setting issue as idle
            with:
               repo-token: ${{ secrets.GITHUB_TOKEN }}
@@ -24,7 +24,7 @@ jobs:
               operations-per-run: 100
               exempt-issue-labels: 'backlog'
 
-         - uses: actions/stale@v9
+         - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 #v9.1.0
            name: Setting PR as idle
            with:
               repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/integration-tests.yml

@@ -15,7 +15,7 @@ jobs:
          PR_BASE_REF: ${{ github.event.pull_request.base.ref }}
       steps:
          - name: Check out repository
-           uses: actions/checkout@v4
+           uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
          - name: npm install and build
            id: action-npm-build
            run: |

.github/workflows/prettify-code.yml

@@ -10,9 +10,7 @@ jobs:
       runs-on: ubuntu-latest
       steps:
          - name: Checkout Repository
-           uses: actions/checkout@v4
+           uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
          - name: Enforce Prettier
-           uses: actionsx/prettier@v3
-           with:
-              args: --check .
+           run: npx prettier --check .

.github/workflows/release-pr.yml

@@ -13,6 +13,6 @@ jobs:
       permissions:
          actions: read
          contents: write
-      uses: Azure/action-release-workflows/.github/workflows/release_js_project.yaml@v1
+      uses: Azure/action-release-workflows/.github/workflows/release_js_project.yaml@3c677ba5ab58f5c5c1a6f0cfb176b333b1f27405 # v1.0.3
       with:
          changelogPath: ./CHANGELOG.md

.github/workflows/tag-and-draft.yml

@@ -7,4 +7,4 @@ on:
 
 jobs:
    tag-and-release:
-      uses: OliverMKing/javascript-release-workflow/.github/workflows/tag-and-release.yml@main
+      uses: OliverMKing/javascript-release-workflow/.github/workflows/tag-and-release.yml@c753e1545b144562237cd1177a95bab21a785cff # main

.github/workflows/unit-tests.yml

@@ -13,7 +13,7 @@ jobs:
    build: # make sure build/ci works properly
       runs-on: ubuntu-latest
       steps:
-         - uses: actions/checkout@v4
+         - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
          - name: Run L0 tests.
            run: |

.husky/pre-commit

@@ -0,0 +1,7 @@
+npm test
+npm run format-check || {
+  echo ""
+  echo "❌ Formatting check failed."
+  echo "💡 Run 'npm run format' or 'prettier --write .' to fix formatting issues."
+  exit 1
+}

CHANGELOG.md

@@ -1,13 +1,19 @@
 # Change Log
 
+## [4.3.0] - 2025-02-15
+
+- #152 feat: log when restoring from cache
+- #157 Dependencies Update
+- #137 Add dependabot
+
 ## [4.2.0] - 2024-04-15
 
--  #124 Fix OS detection and download OS-native archive extension
+- #124 Fix OS detection and download OS-native archive extension
 
 ## [4.1.0] - 2024-03-01
 
--  #130 switches to use Helm published file to read latest version instead of using GitHub releases
+- #130 switches to use Helm published file to read latest version instead of using GitHub releases
 
 ## [4.0.0] - 2024-02-12
 
--  #121 update to node20 as node16 is deprecated
+- #121 update to node20 as node16 is deprecated

CODE_OF_CONDUCT.md

@@ -4,6 +4,6 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope
 
 Resources:
 
--  [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
--  [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
--  Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns
+- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
+- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+- Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns

README.md

@@ -7,7 +7,7 @@ Install a specific version of helm binary on the runner.
 Acceptable values are latest or any semantic version string like v3.5.0 Use this action in workflow to define which version of helm will be used. v2+ of this action only support Helm3.
 
 ```yaml
-- uses: azure/setup-helm@v4.2.0
+- uses: azure/setup-helm@v4.3.0
   with:
      version: '<version>' # default is latest (stable)
   id: install

SECURITY.md

@@ -18,13 +18,13 @@ You should receive a response within 24 hours. If for some reason you do not, pl
 
 Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
 
--  Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
--  Full paths of source file(s) related to the manifestation of the issue
--  The location of the affected source code (tag/branch/commit or direct URL)
--  Any special configuration required to reproduce the issue
--  Step-by-step instructions to reproduce the issue
--  Proof-of-concept or exploit code (if possible)
--  Impact of the issue, including how an attacker might exploit the issue
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
 
 This information will help us triage your report more quickly.
 

package.json

@@ -1,34 +1,36 @@
 {
    "name": "setuphelm",
-   "version": "4.2.0",
+   "version": "4.3.0",
    "private": true,
    "description": "Setup helm",
    "author": "Anumita Shenoy",
    "license": "MIT",
    "dependencies": {
-      "@actions/core": "^1.10.0",
+      "@actions/core": "^1.11.1",
       "@actions/exec": "^1.1.1",
       "@actions/io": "^1.1.2",
-      "@actions/tool-cache": "2.0.1",
-      "@octokit/action": "^6.0.7",
-      "semver": "^7.5.4"
+      "@actions/tool-cache": "2.0.2",
+      "@octokit/action": "^8.0.2",
+      "semver": "^7.7.2"
    },
    "main": "lib/index.js",
    "scripts": {
       "prebuild": "npm i ncc",
-      "build": "ncc build src/run.ts -o lib",
+      "build": "ncc build src/index.ts -o lib",
       "test": "jest",
       "test-coverage": "jest --coverage",
       "format": "prettier --write .",
-      "format-check": "prettier --check ."
+      "format-check": "prettier --check .",
+      "prepare": "husky"
    },
    "devDependencies": {
-      "@types/jest": "^29.5.11",
-      "@types/node": "^20.11.8",
-      "@vercel/ncc": "^0.38.1",
-      "jest": "^29.7.0",
-      "prettier": "^3.2.5",
-      "ts-jest": "^29.1.2",
-      "typescript": "^5.3.3"
+      "@types/jest": "^30.0.0",
+      "@types/node": "^24.0.10",
+      "@vercel/ncc": "^0.38.3",
+      "husky": "^9.1.7",
+      "jest": "^30.0.4",
+      "prettier": "^3.6.2",
+      "ts-jest": "^29.4.0",
+      "typescript": "^5.8.3"
    }
 }

src/index.ts

@@ -0,0 +1,4 @@
+import {run} from './run'
+import * as core from '@actions/core'
+
+run().catch(core.setFailed)

src/run.test.ts

@@ -99,20 +99,20 @@ describe('run.ts', () => {
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => {
          if (file == 'mainFolder')
             return [
-               'file1' as unknown as fs.Dirent,
-               'file2' as unknown as fs.Dirent,
-               'folder1' as unknown as fs.Dirent,
-               'folder2' as unknown as fs.Dirent
+               'file1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'folder1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'folder2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          if (file == path.join('mainFolder', 'folder1'))
             return [
-               'file11' as unknown as fs.Dirent,
-               'file12' as unknown as fs.Dirent
+               'file11' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file12' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          if (file == path.join('mainFolder', 'folder2'))
             return [
-               'file21' as unknown as fs.Dirent,
-               'file22' as unknown as fs.Dirent
+               'file21' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file22' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          return []
       })
@@ -134,20 +134,20 @@ describe('run.ts', () => {
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => {
          if (file == 'mainFolder')
             return [
-               'file1' as unknown as fs.Dirent,
-               'file2' as unknown as fs.Dirent,
-               'folder1' as unknown as fs.Dirent,
-               'folder2' as unknown as fs.Dirent
+               'file1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'folder1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'folder2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          if (file == path.join('mainFolder', 'folder1'))
             return [
-               'file11' as unknown as fs.Dirent,
-               'file12' as unknown as fs.Dirent
+               'file11' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file12' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          if (file == path.join('mainFolder', 'folder2'))
             return [
-               'file21' as unknown as fs.Dirent,
-               'file22' as unknown as fs.Dirent
+               'file21' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file22' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          return []
       })
@@ -166,7 +166,8 @@ describe('run.ts', () => {
    test('findHelm() - change access permissions and find the helm in given directory', () => {
       jest.spyOn(fs, 'chmodSync').mockImplementation(() => {})
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => {
-         if (file == 'mainFolder') return ['helm.exe' as unknown as fs.Dirent]
+         if (file == 'mainFolder')
+            return ['helm.exe' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>]
          return []
       })
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
@@ -208,7 +209,9 @@ describe('run.ts', () => {
       jest.spyOn(toolCache, 'cacheDir').mockResolvedValue('pathToCachedDir')
       jest
          .spyOn(fs, 'readdirSync')
-         .mockImplementation((file, _) => ['helm.exe' as unknown as fs.Dirent])
+         .mockImplementation((file, _) => [
+            'helm.exe' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
+         ])
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
          const isDirectory =
             (file as string).indexOf('folder') == -1 ? false : true
@@ -254,7 +257,9 @@ describe('run.ts', () => {
       jest.spyOn(fs, 'chmodSync').mockImplementation(() => {})
       jest
          .spyOn(fs, 'readdirSync')
-         .mockReturnValue(['helm.exe' as unknown as fs.Dirent])
+         .mockReturnValue([
+            'helm.exe' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
+         ])
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
          const isDirectory =
             (file as string).indexOf('folder') == -1 ? false : true

src/run.ts

@@ -1,5 +1,4 @@
 // Copyright (c) Microsoft Corporation.
-// Copyright (c) Microsoft Corporation.
 // Licensed under the MIT license.
 
 import * as os from 'os'
@@ -26,7 +25,7 @@ export async function run() {
 
    const downloadBaseURL = core.getInput('downloadBaseURL', {required: false})
 
-   core.startGroup(`Downloading ${version}`)
+   core.startGroup(`Installing ${version}`)
    const cachedPath = await downloadHelm(downloadBaseURL, version)
    core.endGroup()
 
@@ -88,7 +87,10 @@ export async function downloadHelm(
    version: string
 ): Promise<string> {
    let cachedToolpath = toolCache.find(helmToolName, version)
-   if (!cachedToolpath) {
+   if (cachedToolpath) {
+      core.info(`Restoring '${version}' from cache`)
+   } else {
+      core.info(`Downloading '${version}' from '${baseURL}'`)
       let helmDownloadPath
       try {
          helmDownloadPath = await toolCache.downloadTool(
@@ -155,5 +157,3 @@ export var walkSync = function (dir, filelist, fileToFind) {
    })
    return filelist
 }
-
-run().catch(core.setFailed)