diff --git a/.github/workflows/versions.yml b/.github/workflows/versions.yml
index d13fe402..3d8067bc 100644
--- a/.github/workflows/versions.yml
+++ b/.github/workflows/versions.yml
@@ -139,3 +139,34 @@ jobs:
- name: Verify node
run: __tests__/verify-arch.sh "ia32"
shell: bash
+
+ node-latest-aliases:
+ runs-on: ${{ matrix.os }}
+ strategy:
+ fail-fast: false
+ matrix:
+ os: [ubuntu-latest, windows-latest, macos-latest]
+ node-version: [current, latest, node]
+ steps:
+ - name: Get node version
+ run: |
+ latestNodeVersion=$(curl https://nodejs.org/dist/index.json | jq -r '. [0].version')
+ echo "::set-output name=LATEST_NODE_VERSION::$latestNodeVersion"
+ id: version
+ shell: bash
+ - uses: actions/checkout@v3
+ - name: Setup Node
+ uses: ./
+ with:
+ node-version: ${{ matrix.node-version }}
+ - name: Retrieve version after install
+ run: |
+ updatedVersion=$(echo $(node --version))
+ echo "::set-output name=NODE_VERSION_UPDATED::$updatedVersion"
+ id: updatedVersion
+ shell: bash
+ - name: Compare versions
+ if: ${{ steps.version.outputs.LATEST_NODE_VERSION != steps.updatedVersion.outputs.NODE_VERSION_UPDATED}}
+ run: |
+ echo "Latest node version failed to download."
+ exit 1
diff --git a/README.md b/README.md
index e997b92e..20e2418d 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,7 @@ This action provides the following functionality for GitHub Actions users:
- Registering problem matchers for error output
- Configuring authentication for GPR or npm
-# Usage
+## Usage
See [action.yml](action.yml)
@@ -22,8 +22,8 @@ steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
- node-version: '14'
-- run: npm install
+ node-version: 14
+- run: npm ci
- run: npm test
```
@@ -33,13 +33,20 @@ The action will first check the local cache for a semver match. If unable to fin
For information regarding locally cached versions of Node.js on GitHub hosted runners, check out [GitHub Actions Virtual Environments](https://github.com/actions/virtual-environments).
-#### Supported version syntax
+### Supported version syntax
The `node-version` input supports the following syntax:
major versions: `12`, `14`, `16`
more specific versions: `10.15`, `14.2.0`, `16.3.0`
nvm lts syntax: `lts/erbium`, `lts/fermium`, `lts/*`
+latest release: `latest`/`current`/`node`
+
+**Note:** Since the latest release will not be cached always, there is possibility of hitting rate limit when downloading from dist
+
+### Checking in lockfiles
+
+It's **always** recommended to commit the lockfile of your package manager for security and performance reasons. For more information consult the "Working with lockfiles" section of the [Advanced usage](docs/advanced-usage.md#working-with-lockfiles) guide.
## Caching global packages data
@@ -49,7 +56,7 @@ The action defaults to search for the dependency file (`package-lock.json` or `y
**Note:** The action does not cache `node_modules`
-See the examples of using cache for `yarn` / `pnpm` and `cache-dependency-path` input in the [Advanced usage](docs/advanced-usage.md#caching-packages-dependencies) guide.
+See the examples of using cache for `yarn`/`pnpm` and `cache-dependency-path` input in the [Advanced usage](docs/advanced-usage.md#caching-packages-data) guide.
**Caching npm dependencies:**
@@ -58,9 +65,9 @@ steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
- node-version: '14'
+ node-version: 14
cache: 'npm'
-- run: npm install
+- run: npm ci
- run: npm test
```
@@ -71,14 +78,14 @@ steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
- node-version: '14'
+ node-version: 14
cache: 'npm'
cache-dependency-path: subdir/package-lock.json
-- run: npm install
+- run: npm ci
- run: npm test
```
-## Matrix Testing:
+## Matrix Testing
```yaml
jobs:
@@ -86,7 +93,7 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
- node: [ '12', '14', '16' ]
+ node: [ 12, 14, 16 ]
name: Node ${{ matrix.node }} sample
steps:
- uses: actions/checkout@v3
@@ -94,7 +101,7 @@ jobs:
uses: actions/setup-node@v3
with:
node-version: ${{ matrix.node }}
- - run: npm install
+ - run: npm ci
- run: npm test
```
@@ -103,20 +110,20 @@ jobs:
1. [Check latest version](docs/advanced-usage.md#check-latest-version)
2. [Using a node version file](docs/advanced-usage.md#node-version-file)
3. [Using different architectures](docs/advanced-usage.md#architecture)
-4. [Caching packages data](docs/advanced-usage.md#caching-packages-dependencies)
+4. [Caching packages data](docs/advanced-usage.md#caching-packages-data)
5. [Using multiple operating systems and architectures](docs/advanced-usage.md#multiple-operating-systems-and-architectures)
6. [Publishing to npmjs and GPR with npm](docs/advanced-usage.md#publish-to-npmjs-and-gpr-with-npm)
7. [Publishing to npmjs and GPR with yarn](docs/advanced-usage.md#publish-to-npmjs-and-gpr-with-yarn)
8. [Using private packages](docs/advanced-usage.md#use-private-packages)
-# License
+## License
The scripts and documentation in this project are released under the [MIT License](LICENSE)
-# Contributions
+## Contributions
-Contributions are welcome! See [Contributor's Guide](docs/contributors.md)
+Contributions are welcome! See [Contributor's Guide](docs/contributors.md)
## Code of Conduct
-:wave: Be nice. See [our code of conduct](CODE_OF_CONDUCT.md)
+:wave: Be nice. See [our code of conduct](CODE_OF_CONDUCT.md)
diff --git a/__tests__/installer.test.ts b/__tests__/installer.test.ts
index 19692cf2..bf2b7bf2 100644
--- a/__tests__/installer.test.ts
+++ b/__tests__/installer.test.ts
@@ -909,4 +909,30 @@ describe('setup-node', () => {
);
});
});
+
+ describe('latest alias syntax', () => {
+ it.each(['latest', 'current', 'node'])(
+ 'download the %s version if alias is provided',
+ async inputVersion => {
+ // Arrange
+ inputs['node-version'] = inputVersion;
+
+ os.platform = 'darwin';
+ os.arch = 'x64';
+
+ findSpy.mockImplementation(() => '');
+ getManifestSpy.mockImplementation(() => {
+ throw new Error('Unable to download manifest');
+ });
+
+ // Act
+ await main.run();
+
+ // assert
+ expect(logSpy).toHaveBeenCalledWith('Unable to download manifest');
+
+ expect(logSpy).toHaveBeenCalledWith('getting latest node version...');
+ }
+ );
+ });
});
diff --git a/dist/setup/index.js b/dist/setup/index.js
index d05c5006..ecf99914 100644
--- a/dist/setup/index.js
+++ b/dist/setup/index.js
@@ -62587,6 +62587,12 @@ function queryDistForMatch(versionSpec, arch = os.arch()) {
}
let versions = [];
let nodeVersions = yield getVersionsFromDist();
+ if (versionSpec === 'current' ||
+ versionSpec === 'latest' ||
+ versionSpec === 'node') {
+ core.info(`getting latest node version...`);
+ return nodeVersions[0].version;
+ }
nodeVersions.forEach((nodeVersion) => {
// ensure this version supports your os and platform
if (nodeVersion.files.indexOf(dataFileName) >= 0) {
diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md
index 9f2f5c88..e49ea6e2 100644
--- a/docs/advanced-usage.md
+++ b/docs/advanced-usage.md
@@ -1,4 +1,38 @@
-# Advanced usage
+## Working with lockfiles
+
+All supported package managers recommend that you **always** commit the lockfile, although implementations vary doing so generally provides the following benefits:
+
+- Enables faster installation for CI and production environments, due to being able to skip package resolution.
+- Describes a single representation of a dependency tree such that teammates, deployments, and continuous integration are guaranteed to install exactly the same dependencies.
+- Provides a facility for users to "time-travel" to previous states of `node_modules` without having to commit the directory itself.
+- Facilitates greater visibility of tree changes through readable source control diffs.
+
+In order to get the most out of using your lockfile on continuous integration follow the conventions outlined below for your respective package manager.
+
+### NPM
+
+Ensure that `package-lock.json` is always committed, use `npm ci` instead of `npm install` when installing packages.
+
+**See also:**
+- [Documentation of `package-lock.json`](https://docs.npmjs.com/cli/v8/configuring-npm/package-lock-json)
+- [Documentation of `npm ci`](https://docs.npmjs.com/cli/v8/commands/npm-ci)
+
+### Yarn
+
+Ensure that `yarn.lock` is always committed, pass `--frozen-lockfile` to `yarn install` when installing packages.
+
+**See also:**
+- [Documentation of `yarn.lock`](https://classic.yarnpkg.com/en/docs/yarn-lock)
+- [Documentation of `--frozen-lockfile` option](https://classic.yarnpkg.com/en/docs/cli/install#toc-yarn-install-frozen-lockfile)
+- [QA - Should lockfiles be committed to the repoistory?](https://yarnpkg.com/getting-started/qa/#should-lockfiles-be-committed-to-the-repository)
+
+### PNPM
+
+Ensure that `pnpm-lock.yaml` is always committed, when on CI pass `--frozen-lockfile` to `pnpm install` when installing packages.
+
+**See also:**
+- [Working with Git - Lockfiles](https://pnpm.io/git#lockfiles)
+- [Documentation of `--frozen-lockfile` option](https://pnpm.io/cli/install#--frozen-lockfile)
## Check latest version
@@ -15,7 +49,7 @@ steps:
with:
node-version: '14'
check-latest: true
-- run: npm install
+- run: npm ci
- run: npm test
```
@@ -31,7 +65,7 @@ steps:
- uses: actions/setup-node@v3
with:
node-version-file: '.nvmrc'
-- run: npm install
+- run: npm ci
- run: npm test
```
@@ -51,7 +85,7 @@ jobs:
with:
node-version: '14'
architecture: 'x64' # optional, x64 or x86. If not specified, x64 will be used by default
- - run: npm install
+ - run: npm ci
- run: npm test
```
@@ -67,7 +101,7 @@ steps:
with:
node-version: '14'
cache: 'yarn'
-- run: yarn install
+- run: yarn install --frozen-lockfile
- run: yarn test
```
@@ -82,14 +116,14 @@ steps:
steps:
- uses: actions/checkout@v3
-- uses: pnpm/action-setup@646cdf48217256a3d0b80361c5a50727664284f2
+- uses: pnpm/action-setup@v2
with:
- version: 6.10.0
+ version: 6.32.9
- uses: actions/setup-node@v3
with:
node-version: '14'
cache: 'pnpm'
-- run: pnpm install
+- run: pnpm install --frozen-lockfile
- run: pnpm test
```
@@ -102,7 +136,7 @@ steps:
node-version: '14'
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
-- run: npm install
+- run: npm ci
- run: npm test
```
@@ -117,7 +151,7 @@ steps:
cache-dependency-path: |
server/app/package-lock.json
frontend/app/package-lock.json
-- run: npm install
+- run: npm ci
- run: npm test
```
@@ -152,7 +186,7 @@ jobs:
with:
node-version: ${{ matrix.node_version }}
architecture: ${{ matrix.architecture }}
- - run: npm install
+ - run: npm ci
- run: npm test
```
@@ -164,7 +198,7 @@ steps:
with:
node-version: '14.x'
registry-url: 'https://registry.npmjs.org'
-- run: npm install
+- run: npm ci
- run: npm publish
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
@@ -184,7 +218,7 @@ steps:
with:
node-version: '14.x'
registry-url: <registry url>
-- run: yarn install
+- run: yarn install --frozen-lockfile
- run: yarn publish
env:
NODE_AUTH_TOKEN: ${{ secrets.YARN_TOKEN }}
@@ -206,7 +240,7 @@ steps:
registry-url: 'https://registry.npmjs.org'
# Skip post-install scripts here, as a malicious
# script could steal NODE_AUTH_TOKEN.
-- run: npm install --ignore-scripts
+- run: npm ci --ignore-scripts
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
# `npm rebuild` will run all those post-install scripts for us.
diff --git a/src/installer.ts b/src/installer.ts
index a9baae0a..5b87d29a 100644
--- a/src/installer.ts
+++ b/src/installer.ts
@@ -373,6 +373,15 @@ async function queryDistForMatch(
let versions: string[] = [];
let nodeVersions = await getVersionsFromDist();
+ if (
+ versionSpec === 'current' ||
+ versionSpec === 'latest' ||
+ versionSpec === 'node'
+ ) {
+ core.info(`getting latest node version...`);
+ return nodeVersions[0].version;
+ }
+
nodeVersions.forEach((nodeVersion: INodeVersion) => {
// ensure this version supports your os and platform
if (nodeVersion.files.indexOf(dataFileName) >= 0) {