Skip to content

Modernize: ESM, Node 24, latest deps, security fix#105

Merged
joshuarli merged 2 commits intomainfrom
modernize-esm-node24
Mar 19, 2026
Merged

Modernize: ESM, Node 24, latest deps, security fix#105
joshuarli merged 2 commits intomainfrom
modernize-esm-node24

Conversation

@joshuarli
Copy link
Member

@joshuarli joshuarli commented Mar 19, 2026
edited
Loading

  • Security: mask private key with core.setSecret() immediately after reading — prevents leaking in error logs
  • ESM: convert from CommonJS to native ES modules end-to-end
  • Node 24: upgrade action runtime from node20 to node24
  • Deps: all dependencies upgraded to latest (octokit 8/22, @actions/core 3, TypeScript 5.9, ESLint 10, Jest 30, Prettier 3)
  • Config consolidation: jest/prettier config inlined into package.json; removed husky, lint-staged, eslint-config-sentry, eslint-plugin-github, js-yaml; migrated ESLint to flat config with redundant rules stripped
  • Tests: new suite covering secret masking, scope filtering, error handling, and GHES URL support

🤖 Generated with Claude Code

@joshuarli @claude
Modernize to ESM, Node 24, and latest deps; mask private key
0f54db2 
- Mask private key via core.setSecret() to prevent leaking in error logs
- Convert to native ESM (type: module, nodenext)
- Upgrade action runtime to node24
- Upgrade all deps to latest (octokit 8/22, actions/core 3, TS 5.9, ESLint 10, Jest 30, Prettier 3)
- Migrate ESLint to flat config, remove redundant rules covered by recommendedTypeChecked
- Consolidate config: jest/prettier inline in package.json, remove husky/lint-staged
- Add test suite covering secret masking, scoping, error handling
- Remove unused deps (js-yaml, eslint-config-sentry, eslint-plugin-github)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
joshuarli
joshuarli commented Mar 19, 2026
View reviewed changes
src/main.ts
async function run(): Promise<void> {
try {
const privateKey: string = core.getInput('private_key');
core.setSecret(privateKey);
Copy link
Member Author

@joshuarli joshuarli Mar 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is the core fix, the rest is just upgrading to node 24 + ESM + deps + consolidation of excess config files lol

joshuarli
joshuarli commented Mar 19, 2026
View reviewed changes
package.json
"@actions/core": "^1.10.1",
"@octokit/auth-app": "^7.1.1",
"@octokit/rest": "^20.0.2"
"@actions/core": "^3.0.0",
Copy link
Member Author

@joshuarli joshuarli Mar 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thhis is good and long overdue

evanpurkhiser
evanpurkhiser reviewed Mar 19, 2026
View reviewed changes
evanpurkhiser
evanpurkhiser reviewed Mar 19, 2026
View reviewed changes
@joshuarli joshuarli merged commit 54148b0 into main Mar 19, 2026
9 checks passed
@joshuarli joshuarli deleted the modernize-esm-node24 branch March 19, 2026 19:16
@joshuarli joshuarli mentioned this pull request Mar 19, 2026
Merged
joshuarli added a commit to getsentry/sentry that referenced this pull request Mar 19, 2026
@joshuarli
chore: upgrade action-github-app-token (#111133)
6351d7f 
comes with a security fix and also upgrades to node24:
getsentry/action-github-app-token#105
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@evanpurkhiser evanpurkhiser evanpurkhiser approved these changes

@hubertdeng123 hubertdeng123 hubertdeng123 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@joshuarli @evanpurkhiser @hubertdeng123