@octokit/auth-action has released a new version, 3.0.0, following version 2.1.1. Both versions are designed to handle GitHub API token authentication within GitHub Actions workflows, simplifying the process of securely authenticating with the GitHub API. The core dependencies remain consistent between the two versions, with both relying on @octokit/types and @octokit/auth-token at compatible versions. Similarly, the developer dependencies, including tools for testing, building and formatting code, are also largely the same. This suggests a focus on maintaining existing functionality and code quality.
The primary difference lies in the update of the esbuild devDependency, upgraded from version 0.17.19 in version 2.1.1 to 0.18.0 in version 3.0.0. While seemingly minor, this update could bring performance improvements or new features related to the bundling and minification of the package, potentially leading to slightly faster build times or smaller bundle sizes. For developers using the action, this means potentially smoother integration with their workflows. While the core functionality of authenticating with the GitHub API remains the same, developers should be aware of testing their workflows after upgrading to ensure compatibility with the updated esbuild version. The updated release date also indicates recent maintenance and attention to the package, instilling confidence in its continued support.
The are not vulnerabilities for the version 3.0.0 of the package @octokit/auth-action
