Skip to content

Commit fed9df2

Browse files
Merge pull request #160 from step-security/feat/update-subscription-check
feat: added banner and update subscription check to make maintained actions free for public repos
2 parents 57d5042 + 9d0ba60 commit fed9df2

5 files changed

Lines changed: 80 additions & 17 deletions

File tree

LICENSE

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
MIT License
22

33
Copyright (c) 2020 Contributors
4-
Copyright (c) 2023 StepSecurity
4+
Copyright (c) 2026 StepSecurity
55

66
Permission is hereby granted, free of charge, to any person obtaining a copy
77
of this software and associated documentation files (the "Software"), to deal

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
[![StepSecurity Maintained Action](https://raw.githubusercontent.com/step-security/maintained-actions-assets/main/assets/maintained-action-banner.png)](https://docs.stepsecurity.io/actions/stepsecurity-maintained-actions)
2+
13
# action-semantic-pull-request
24

35
This is a GitHub Action that ensures that your pull request titles match the [Conventional Commits spec](https://www.conventionalcommits.org/). Typically, this is used in combination with a tool like [semantic-release](https://github.com/semantic-release/semantic-release) to automate releases.

dist/index.js

Lines changed: 38 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
1+
import require$$1 from 'fs';
12
import require$$0$1 from 'os';
23
import require$$0$2 from 'crypto';
3-
import require$$1 from 'fs';
44
import require$$1$9, { resolve } from 'path';
55
import require$$2$1 from 'http';
66
import require$$1$1 from 'https';
@@ -81912,19 +81912,49 @@ async function run() {
8191281912
}
8191381913

8191481914
async function validateSubscription() {
81915-
const API_URL = `https://agent.api.stepsecurity.io/v1/github/${process.env.GITHUB_REPOSITORY}/actions/subscription`;
81915+
let repoPrivate;
81916+
const eventPath = process.env.GITHUB_EVENT_PATH;
81917+
if (eventPath && require$$1.existsSync(eventPath)) {
81918+
const payload = JSON.parse(require$$1.readFileSync(eventPath, 'utf8'));
81919+
repoPrivate = payload?.repository?.private;
81920+
}
81921+
81922+
const upstream = 'amannn/action-semantic-pull-request';
81923+
const action = process.env.GITHUB_ACTION_REPOSITORY;
81924+
const docsUrl =
81925+
'https://docs.stepsecurity.io/actions/stepsecurity-maintained-actions';
81926+
81927+
core.info('');
81928+
core.info('\u001b[1;36mStepSecurity Maintained Action\u001b[0m');
81929+
core.info(`Secure drop-in replacement for ${upstream}`);
81930+
if (repoPrivate === false) {
81931+
core.info('\u001b[32m\u2713 Free for public repositories\u001b[0m');
81932+
}
81933+
core.info(`\u001b[36mLearn more:\u001b[0m ${docsUrl}`);
81934+
core.info('');
81935+
81936+
if (repoPrivate === false) return;
81937+
const serverUrl = process.env.GITHUB_SERVER_URL || 'https://github.com';
81938+
const body = {action: action || ''};
8191681939

81940+
if (serverUrl !== 'https://github.com') body.ghes_server = serverUrl;
8191781941
try {
81918-
await axios.get(API_URL, {timeout: 3000});
81942+
await axios.post(
81943+
`https://agent.api.stepsecurity.io/v1/github/${process.env.GITHUB_REPOSITORY}/actions/maintained-actions-subscription`,
81944+
body,
81945+
{timeout: 3000}
81946+
);
8191981947
} catch (error) {
81920-
if (error.response && error.response.status === 403) {
81921-
console.error(
81922-
'Subscription is not valid. Reach out to support@stepsecurity.io'
81948+
if (axios.isAxiosError(error) && error.response?.status === 403) {
81949+
core.error(
81950+
`\u001b[1;31mThis action requires a StepSecurity subscription for private repositories.\u001b[0m`
81951+
);
81952+
core.error(
81953+
`\u001b[31mLearn how to enable a subscription: ${docsUrl}\u001b[0m`
8192381954
);
8192481955
process.exit(1);
81925-
} else {
81926-
core.info('Timeout or API not reachable. Continuing to next step.');
8192781956
}
81957+
core.info('Timeout or API not reachable. Continuing to next step.');
8192881958
}
8192981959
}
8193081960

dist/index.js.map

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

src/index.js

Lines changed: 38 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
import fs from 'fs';
12
import core from '@actions/core';
23
import github from '@actions/github';
34
import axios from 'axios';
@@ -174,19 +175,49 @@ async function run() {
174175
}
175176

176177
async function validateSubscription() {
177-
const API_URL = `https://agent.api.stepsecurity.io/v1/github/${process.env.GITHUB_REPOSITORY}/actions/subscription`;
178+
let repoPrivate;
179+
const eventPath = process.env.GITHUB_EVENT_PATH;
180+
if (eventPath && fs.existsSync(eventPath)) {
181+
const payload = JSON.parse(fs.readFileSync(eventPath, 'utf8'));
182+
repoPrivate = payload?.repository?.private;
183+
}
184+
185+
const upstream = 'amannn/action-semantic-pull-request';
186+
const action = process.env.GITHUB_ACTION_REPOSITORY;
187+
const docsUrl =
188+
'https://docs.stepsecurity.io/actions/stepsecurity-maintained-actions';
189+
190+
core.info('');
191+
core.info('\u001b[1;36mStepSecurity Maintained Action\u001b[0m');
192+
core.info(`Secure drop-in replacement for ${upstream}`);
193+
if (repoPrivate === false) {
194+
core.info('\u001b[32m\u2713 Free for public repositories\u001b[0m');
195+
}
196+
core.info(`\u001b[36mLearn more:\u001b[0m ${docsUrl}`);
197+
core.info('');
198+
199+
if (repoPrivate === false) return;
200+
const serverUrl = process.env.GITHUB_SERVER_URL || 'https://github.com';
201+
const body = {action: action || ''};
178202

203+
if (serverUrl !== 'https://github.com') body.ghes_server = serverUrl;
179204
try {
180-
await axios.get(API_URL, {timeout: 3000});
205+
await axios.post(
206+
`https://agent.api.stepsecurity.io/v1/github/${process.env.GITHUB_REPOSITORY}/actions/maintained-actions-subscription`,
207+
body,
208+
{timeout: 3000}
209+
);
181210
} catch (error) {
182-
if (error.response && error.response.status === 403) {
183-
console.error(
184-
'Subscription is not valid. Reach out to support@stepsecurity.io'
211+
if (axios.isAxiosError(error) && error.response?.status === 403) {
212+
core.error(
213+
`\u001b[1;31mThis action requires a StepSecurity subscription for private repositories.\u001b[0m`
214+
);
215+
core.error(
216+
`\u001b[31mLearn how to enable a subscription: ${docsUrl}\u001b[0m`
185217
);
186218
process.exit(1);
187-
} else {
188-
core.info('Timeout or API not reachable. Continuing to next step.');
189219
}
220+
core.info('Timeout or API not reachable. Continuing to next step.');
190221
}
191222
}
192223

0 commit comments

Comments
 (0)