Merge pull request #157 from actions/non-beta-projects

Remove beta references

.github/workflows/check-dist.yml

@@ -20,10 +20,10 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       - name: Set Node.js 12.x
-        uses: actions/setup-node@v2.5.1
+        uses: actions/setup-node@v3
         with:
           node-version: 12.x
           cache: npm
@@ -46,7 +46,7 @@ jobs:
         id: diff
 
       # If index.js was different than expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v3
         if: ${{ failure() && steps.diff.conclusion == 'failure' }}
         with:
           name: dist

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,70 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: 'CodeQL'
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [main]
+  schedule:
+    - cron: '18 2 * * 2'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ['javascript']
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+        # Learn more about CodeQL language support at https://git.io/codeql-language-support
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
+
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
+
+      #- run: |
+      #   make bootstrap
+      #   make release
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/test.yml

@@ -13,8 +13,10 @@ jobs:
   build: # make sure build/ci work properly
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - run: |
           npm install
       - run: |
           npm run build
+      - run: |
+          npm run test

.licenses/npm/@actions/core.dep.yml

@@ -1,6 +1,6 @@
 ---
-name: "@actions/core"
+name: '@actions/core'
-version: 1.6.0
+version: 1.9.0
 type: npm
 summary: Actions core lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/core

.licenses/npm/@actions/github.dep.yml

@@ -1,6 +1,6 @@
 ---
-name: "@actions/github"
+name: '@actions/github'
-version: 5.0.0
+version: 5.0.3
 type: npm
 summary: Actions github lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/github

.licenses/npm/@actions/http-client.dep.yml

@@ -1,9 +1,9 @@
 ---
-name: "@actions/http-client"
+name: '@actions/http-client'
-version: 1.0.11
+version: 2.0.1
 type: npm
 summary: Actions Http Client
-homepage: https://github.com/actions/http-client#readme
+homepage: https://github.com/actions/toolkit/tree/main/packages/http-client
 license: mit
 licenses:
   - sources: LICENSE

.licenses/npm/@octokit/auth-token.dep.yml

@@ -1,5 +1,5 @@
 ---
-name: "@octokit/auth-token"
+name: '@octokit/auth-token'
 version: 2.5.0
 type: npm
 summary: GitHub API token authentication for browsers and Node.js
@@ -30,5 +30,5 @@ licenses:
       OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
       THE SOFTWARE.
   - sources: README.md
-  text: "[MIT](LICENSE)"
+    text: '[MIT](LICENSE)'
 notices: []

.licenses/npm/@octokit/core.dep.yml

@@ -1,6 +1,6 @@
 ---
-name: "@octokit/core"
+name: '@octokit/core'
-version: 3.5.1
+version: 3.6.0
 type: npm
 summary: Extendable client for GitHub's REST & GraphQL APIs
 homepage:
@@ -30,5 +30,5 @@ licenses:
       OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
       THE SOFTWARE.
   - sources: README.md
-  text: "[MIT](LICENSE)"
+    text: '[MIT](LICENSE)'
 notices: []

.licenses/npm/@octokit/endpoint.dep.yml

@@ -1,5 +1,5 @@
 ---
-name: "@octokit/endpoint"
+name: '@octokit/endpoint'
 version: 6.0.12
 type: npm
 summary: Turns REST API endpoints into generic request options
@@ -30,5 +30,5 @@ licenses:
       OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
       THE SOFTWARE.
   - sources: README.md
-  text: "[MIT](LICENSE)"
+    text: '[MIT](LICENSE)'
 notices: []

.licenses/npm/@octokit/graphql.dep.yml

@@ -1,5 +1,5 @@
 ---
-name: "@octokit/graphql"
+name: '@octokit/graphql'
 version: 4.8.0
 type: npm
 summary: GitHub GraphQL API client for browsers and Node
@@ -30,5 +30,5 @@ licenses:
       OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
       THE SOFTWARE.
   - sources: README.md
-  text: "[MIT](LICENSE)"
+    text: '[MIT](LICENSE)'
 notices: []

.licenses/npm/@octokit/openapi-types.dep.yml

@@ -1,5 +1,5 @@
 ---
-name: "@octokit/openapi-types"
+name: '@octokit/openapi-types'
 version: 11.2.0
 type: npm
 summary: Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com
@@ -16,5 +16,5 @@ licenses:
 
       THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
   - sources: README.md
-  text: "[MIT](LICENSE)"
+    text: '[MIT](LICENSE)'
 notices: []

.licenses/npm/@octokit/plugin-paginate-rest.dep.yml

@@ -1,5 +1,5 @@
 ---
-name: "@octokit/plugin-paginate-rest"
+name: '@octokit/plugin-paginate-rest'
 version: 2.17.0
 type: npm
 summary: Octokit plugin to paginate REST API endpoint responses
@@ -16,5 +16,5 @@ licenses:
 
       THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
   - sources: README.md
-  text: "[MIT](LICENSE)"
+    text: '[MIT](LICENSE)'
 notices: []

.licenses/npm/@octokit/plugin-rest-endpoint-methods.dep.yml

@@ -1,5 +1,5 @@
 ---
-name: "@octokit/plugin-rest-endpoint-methods"
+name: '@octokit/plugin-rest-endpoint-methods'
 version: 5.13.0
 type: npm
 summary: Octokit plugin adding one method for all of api.github.com REST API endpoints
@@ -16,5 +16,5 @@ licenses:
 
       THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
   - sources: README.md
-  text: "[MIT](LICENSE)"
+    text: '[MIT](LICENSE)'
 notices: []

.licenses/npm/@octokit/request-error.dep.yml

@@ -1,5 +1,5 @@
 ---
-name: "@octokit/request-error"
+name: '@octokit/request-error'
 version: 2.1.0
 type: npm
 summary: Error class for Octokit request errors
@@ -30,5 +30,5 @@ licenses:
       OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
       THE SOFTWARE.
   - sources: README.md
-  text: "[MIT](LICENSE)"
+    text: '[MIT](LICENSE)'
 notices: []

.licenses/npm/@octokit/request.dep.yml

@@ -1,5 +1,5 @@
 ---
-name: "@octokit/request"
+name: '@octokit/request'
 version: 5.6.3
 type: npm
 summary: Send parameterized requests to GitHub's APIs with sensible defaults in browsers
@@ -31,5 +31,5 @@ licenses:
       OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
       THE SOFTWARE.
   - sources: README.md
-  text: "[MIT](LICENSE)"
+    text: '[MIT](LICENSE)'
 notices: []

.licenses/npm/@octokit/types.dep.yml

@@ -1,5 +1,5 @@
 ---
-name: "@octokit/types"
+name: '@octokit/types'
 version: 6.34.0
 type: npm
 summary: Shared TypeScript definitions for Octokit projects
@@ -16,5 +16,5 @@ licenses:
 
       THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
   - sources: README.md
-  text: "[MIT](LICENSE)"
+    text: '[MIT](LICENSE)'
 notices: []

.licenses/npm/before-after-hook.dep.yml

@@ -210,5 +210,5 @@ licenses:
        See the License for the specific language governing permissions and
        limitations under the License.
   - sources: README.md
-  text: "[Apache 2.0](LICENSE)"
+    text: '[Apache 2.0](LICENSE)'
 notices: []

.licenses/npm/deprecation.dep.yml

@@ -24,5 +24,5 @@ licenses:
       ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
       IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
   - sources: README.md
-  text: "[ISC](LICENSE)"
+    text: '[ISC](LICENSE)'
 notices: []

.licenses/npm/universal-user-agent.dep.yml

@@ -16,5 +16,5 @@ licenses:
 
       THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
   - sources: README.md
-  text: "[ISC](LICENSE.md)"
+    text: '[ISC](LICENSE.md)'
 notices: []

CODEOWNERS

@@ -0,0 +1 @@
+* @actions/actions-add-to-project

README.md

@@ -1,16 +1,29 @@
 # actions/add-to-project
 
-🚨 **This action is a work in progress. Please do not use it except for
+Use this action to automatically add the current issue or pull request to a [GitHub project](https://docs.github.com/en/issues/trying-out-the-new-projects-experience/about-projects).
-experimentation until a release has been prepared.** 🚨
+Note that this action does not support [GitHub projects (classic)](https://docs.github.com/en/issues/organizing-your-work-with-project-boards).
 
-Use this action to automatically add issues to a GitHub Project. Note that this
+## Current Status
-is for [GitHub Projects
-(beta)](https://docs.github.com/en/issues/trying-out-the-new-projects-experience/about-projects),
-not the original GitHub Projects.
 
-To use the action, create a workflow that runs when issues are opened in your
+[![build-test](https://github.com/actions/add-to-project/actions/workflows/test.yml/badge.svg)](https://github.com/actions/add-to-project/actions/workflows/test.yml)
-repository. Run this action in a step, optionally configuring any filters you
+
-may want to add, such as only adding issues with certain labels.
+> **NOTE:** This Action (currently) only supports auto-adding Issues/Pull Requests to a Project which lives in the same organization as your target Repository.
+
+> **NOTE:** ⚠️ This action no longer uses the deprecated ProjectNext API. If you are looking for the old version of that action, use version [v0.0.5](https://github.com/actions/add-to-project/releases/tag/v0.0.5).
+
+## Usage
+
+_See [action.yml](action.yml) for [metadata](https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions) that defines the inputs, outputs, and runs configuration for this action._
+
+_For more information about workflows, see [Using workflows](https://docs.github.com/en/actions/using-workflows)._
+
+Create a workflow that runs when Issues or Pull Requests are opened or labeled in your repository; this workflow also supports adding Issues to your project which are transferred into your repository. Optionally configure any filters you may want to add, such as only adding issues with certain labels. You may match labels with an `AND` or an `OR` operator, or exclude labels with a `NOT` operator.
+
+Once you've configured your workflow, save it as a `.yml` file in your target Repository's `.github/workflows` directory.
+
+### Examples
+
+#### Example Usage: Issue opened with labels `bug` OR `needs-triage`
 
 ```yaml
 name: Add bugs to bugs project
@@ -25,25 +38,110 @@ jobs:
     name: Add issue to project
     runs-on: ubuntu-latest
     steps:
-      # Pointing to a branch name generally isn't the safest way to refer to an action,
+      - uses: actions/add-to-project@RELEASE_VERSION
-      # but this is how you can use this action now before we've begun creating releases.
-      # Another option would be to point to a full commit SHA.
-      - uses: actions/add-to-project@main
         with:
           project-url: https://github.com/orgs/<orgName>/projects/<projectNumber>
           github-token: ${{ secrets.ADD_TO_PROJECT_PAT }}
-          labeled: bug
+          labeled: bug, needs-triage
+          label-operator: OR
 ```
 
+#### Example Usage: Adds all issues opened that do not include the label `bug` OR `needs-triage`
+
+```yaml
+name: Adds all issues that don't include the 'bug' or 'needs-triage' labels to project board
+
+on:
+  issues:
+    types:
+      - opened
+
+jobs:
+  add-to-project:
+    name: Add issue to project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/add-to-project@RELEASE_VERSION
+        with:
+          project-url: https://github.com/orgs/<orgName>/projects/<projectNumber>
+          github-token: ${{ secrets.ADD_TO_PROJECT_PAT }}
+          labeled: bug, needs-triage
+          label-operator: NOT
+```
+
+#### Example Usage: Pull Requests labeled with `needs-review` and `size/XL`
+
+```yaml
+name: Add needs-review and size/XL pull requests to projects
+
+on:
+  pull_request:
+    types:
+      - labeled
+
+jobs:
+  add-to-project:
+    name: Add issue to project
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/add-to-project@RELEASE_VERSION
+        with:
+          project-url: https://github.com/orgs/<orgName>/projects/<projectNumber>
+          github-token: ${{ secrets.ADD_TO_PROJECT_PAT }}
+          labeled: needs-review, size/XL
+          label-operator: AND
+```
+
+### Further reading and additional resources
+
+- [actions/add-to-project](#actionsadd-to-project)
+  - [Current Status](#current-status)
+  - [Usage](#usage)
+    - [Examples](#examples)
+      - [Example Usage: Issue opened with labels `bug` OR `needs-triage`](#example-usage-issue-opened-with-labels-bug-or-needs-triage)
+      - [Example Usage: Adds all issues opened that do not include the label `bug` OR `needs-triage`](#example-usage-adds-all-issues-opened-that-do-not-include-the-label-bug-or-needs-triage)
+      - [Example Usage: Pull Requests labeled with `needs-review` and `size/XL`](#example-usage-pull-requests-labeled-with-needs-review-and-sizexl)
+    - [Further reading and additional resources](#further-reading-and-additional-resources)
+  - [Inputs](#inputs)
+  - [Supported Events](#supported-events)
+  - [Creating a PAT and adding it to your repository](#creating-a-pat-and-adding-it-to-your-repository)
+  - [Development](#development)
+  - [Publish to a distribution branch](#publish-to-a-distribution-branch)
+- [License](#license)
+
 ## Inputs
 
-- `project-url` is the URL of the GitHub Project to add issues to.
+- <a name="project-url">`project-url`</a> **(required)** is the URL of the GitHub project to add issues to.
-- `github-token` is a [personal access
+  _eg: `https://github.com/orgs|users/<ownerName>/projects/<projectNumber>`_
-  token](https://github.com/settings/tokens/new) with the `repo`, `write:org` and
+- <a name="github-token">`github-token`</a> **(required)** is a [personal access
-  `read:org` scopes.
+  token](https://github.com/settings/tokens/new) with `repo` and `project` scopes.
-- `labeled` is a comma-separated list of labels. For an issue to be added to the
+  _See [Creating a PAT and adding it to your repository](#creating-a-pat-and-adding-it-to-your-repository) for more details_
-  project, it must have _one_ of the labels in the list. Omitting this key means
+- <a name="labeled">`labeled`</a> **(optional)** is a comma-separated list of labels used to filter applicable issues. When this key is provided, an issue must have _one_ of the labels in the list to be added to the project. Omitting this key means that any issue will be added.
-  that all issues will be added.
+- <a name="labeled">`label-operator`</a> **(optional)** is the behavior of the labels filter, either `AND`, `OR` or `NOT` that controls if the issue should be matched with `all` `labeled` input or any of them, default is `OR`.
+
+## Supported Events
+
+Currently this action supports the following [`issues` events](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#issues):
+
+- `opened`
+- `transferred`
+- `labeled`
+
+and the following [`pull_request` events](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request):
+
+- `opened`
+- `labeled`
+
+Using these events ensure that a given issue or pull request, in the workflow's repo, is added to the [specified project](#project-url). If [labeled input(s)](#labeled) are defined, then issues will only be added if they contain at least _one_ of the labels in the list.
+
+## Creating a PAT and adding it to your repository
+
+- create a new [personal access
+  token](https://github.com/settings/tokens/new) with `repo` and `project` scopes
+  _See [Creating a personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) for more information_
+
+- add the newly created PAT as a repository secret, this secret will be referenced by the [github-token input](#github-token)
+  _See [Encrypted secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-a-repository) for more information_
 
 ## Development
 
@@ -76,3 +174,7 @@ the "dist/" directory.
 ```
 
 Now, a release can be created from the branch containing the built action.
+
+# License
+
+The scripts and documentation in this project are released under the [MIT License](LICENSE)

__tests__/add-to-project.test.ts

@@ -1,6 +1,7 @@
 import * as core from '@actions/core'
 import * as github from '@actions/github'
-import {addToProject} from '../src/add-to-project'
+
+import {addToProject, mustGetOwnerTypeQuery} from '../src/add-to-project'
 
 describe('addToProject', () => {
   let outputs: Record<string, string>
@@ -29,18 +30,18 @@ describe('addToProject', () => {
         test: /getProject/,
         return: {
           organization: {
-            projectNext: {
+            projectV2: {
-              id: 'project-next-id'
+              id: 'project-id'
             }
           }
         }
       },
       {
-        test: /addProjectNextItem/,
+        test: /addProjectV2ItemById/,
         return: {
-          addProjectNextItem: {
+          addProjectV2ItemById: {
-            projectNextItem: {
+            item: {
-              id: 'project-next-item-id'
+              id: 'project-item-id'
             }
           }
         }
@@ -49,14 +50,14 @@ describe('addToProject', () => {
 
     await addToProject()
 
-    expect(outputs.itemId).toEqual('project-next-item-id')
+    expect(outputs.itemId).toEqual('project-item-id')
   })
 
-  test('adds matching issues with a label filter', async () => {
+  test('adds matching issues with a label filter without label-operator', async () => {
     mockGetInput({
       'project-url': 'https://github.com/orgs/github/projects/1',
       'github-token': 'gh_token',
-      labeled: 'bug'
+      labeled: 'bug, new'
     })
 
     github.context.payload = {
@@ -71,18 +72,18 @@ describe('addToProject', () => {
         test: /getProject/,
         return: {
           organization: {
-            projectNext: {
+            projectV2: {
-              id: 'project-next-id'
+              id: 'project-id'
             }
           }
         }
       },
       {
-        test: /addProjectNextItem/,
+        test: /addProjectV2ItemById/,
         return: {
-          addProjectNextItem: {
+          addProjectV2ItemById: {
-            projectNextItem: {
+            item: {
-              id: 'project-next-item-id'
+              id: 'project-item-id'
             }
           }
         }
@@ -91,10 +92,53 @@ describe('addToProject', () => {
 
     await addToProject()
 
-    expect(outputs.itemId).toEqual('project-next-item-id')
+    expect(outputs.itemId).toEqual('project-item-id')
   })
 
-  test('does not add un-matching issues with a label filter', async () => {
+  test('adds matching pull-requests with a label filter without label-operator', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'bug, new'
+    })
+
+    github.context.payload = {
+      // eslint-disable-next-line camelcase
+      pull_request: {
+        number: 1,
+        labels: [{name: 'bug'}]
+      }
+    }
+
+    mockGraphQL(
+      {
+        test: /getProject/,
+        return: {
+          organization: {
+            projectV2: {
+              id: 'project-id'
+            }
+          }
+        }
+      },
+      {
+        test: /addProjectV2ItemById/,
+        return: {
+          addProjectV2ItemById: {
+            item: {
+              id: 'project-item-id'
+            }
+          }
+        }
+      }
+    )
+
+    await addToProject()
+
+    expect(outputs.itemId).toEqual('project-item-id')
+  })
+
+  test('does not add un-matching issues with a label filter without label-operator', async () => {
     mockGetInput({
       'project-url': 'https://github.com/orgs/github/projects/1',
       'github-token': 'gh_token',
@@ -114,6 +158,449 @@ describe('addToProject', () => {
     expect(infoSpy).toHaveBeenCalledWith(`Skipping issue 1 because it does not have one of the labels: bug`)
     expect(gqlMock).not.toHaveBeenCalled()
   })
+
+  test('adds matching issues with labels filter with AND label-operator', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'bug, new',
+      'label-operator': 'AND'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: [{name: 'bug'}, {name: 'new'}]
+      }
+    }
+
+    mockGraphQL(
+      {
+        test: /getProject/,
+        return: {
+          organization: {
+            projectV2: {
+              id: 'project-id'
+            }
+          }
+        }
+      },
+      {
+        test: /addProjectV2ItemById/,
+        return: {
+          addProjectV2ItemById: {
+            item: {
+              id: 'project-item-id'
+            }
+          }
+        }
+      }
+    )
+
+    await addToProject()
+
+    expect(outputs.itemId).toEqual('project-item-id')
+  })
+
+  test('does not add un-matching issues with labels filter with AND label-operator', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'bug, new',
+      'label-operator': 'AND'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: [{name: 'bug'}, {name: 'other'}]
+      }
+    }
+
+    const infoSpy = jest.spyOn(core, 'info')
+    const gqlMock = mockGraphQL()
+    await addToProject()
+    expect(infoSpy).toHaveBeenCalledWith(`Skipping issue 1 because it doesn't match all the labels: bug, new`)
+    expect(gqlMock).not.toHaveBeenCalled()
+  })
+
+  test('does not add matching issues with labels filter with NOT label-operator', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'bug, new',
+      'label-operator': 'NOT'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: [{name: 'bug'}]
+      }
+    }
+
+    const infoSpy = jest.spyOn(core, 'info')
+    const gqlMock = mockGraphQL()
+    await addToProject()
+    expect(infoSpy).toHaveBeenCalledWith(`Skipping issue 1 because it contains one of the labels: bug, new`)
+    expect(gqlMock).not.toHaveBeenCalled()
+  })
+
+  test('adds issues that do not have labels present in the label list with NOT label-operator', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'bug, new',
+      'label-operator': 'NOT'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: [{name: 'other'}]
+      }
+    }
+
+    mockGraphQL(
+      {
+        test: /getProject/,
+        return: {
+          organization: {
+            projectV2: {
+              id: 'project-next-id'
+            }
+          }
+        }
+      },
+      {
+        test: /addProjectV2ItemById/,
+        return: {
+          addProjectV2ItemById: {
+            item: {
+              id: 'project-next-item-id'
+            }
+          }
+        }
+      }
+    )
+
+    await addToProject()
+
+    expect(outputs.itemId).toEqual('project-next-item-id')
+  })
+
+  test('adds matching issues with multiple label filters', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'accessibility,backend,bug'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: [{name: 'accessibility'}, {name: 'backend'}]
+      }
+    }
+
+    const gqlMock = mockGraphQL(
+      {
+        test: /getProject/,
+        return: {
+          organization: {
+            projectV2: {
+              id: 'project-id'
+            }
+          }
+        }
+      },
+      {
+        test: /addProjectV2ItemById/,
+        return: {
+          addProjectV2ItemById: {
+            item: {
+              id: 'project-item-id'
+            }
+          }
+        }
+      }
+    )
+
+    const infoSpy = jest.spyOn(core, 'info')
+
+    await addToProject()
+
+    expect(gqlMock).toHaveBeenCalled()
+    expect(infoSpy).not.toHaveBeenCalled()
+    expect(outputs.itemId).toEqual('project-item-id')
+  })
+
+  test('does not add un-matching issues with multiple label filters', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'accessibility, backend, bug'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: [{name: 'data'}, {name: 'frontend'}, {name: 'improvement'}]
+      }
+    }
+
+    const infoSpy = jest.spyOn(core, 'info')
+    const gqlMock = mockGraphQL()
+    await addToProject()
+    expect(infoSpy).toHaveBeenCalledWith(
+      `Skipping issue 1 because it does not have one of the labels: accessibility, backend, bug`
+    )
+    expect(gqlMock).not.toHaveBeenCalled()
+  })
+
+  test('handles spaces and extra commas gracefully in label filter input', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'accessibility  ,   backend    ,,  . ,     bug'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: [{name: 'accessibility'}, {name: 'backend'}, {name: 'bug'}],
+        'label-operator': 'AND'
+      }
+    }
+
+    const gqlMock = mockGraphQL(
+      {
+        test: /getProject/,
+        return: {
+          organization: {
+            projectV2: {
+              id: 'project-id'
+            }
+          }
+        }
+      },
+      {
+        test: /addProjectV2ItemById/,
+        return: {
+          addProjectV2ItemById: {
+            item: {
+              id: 'project-item-id'
+            }
+          }
+        }
+      }
+    )
+
+    const infoSpy = jest.spyOn(core, 'info')
+
+    await addToProject()
+
+    expect(gqlMock).toHaveBeenCalled()
+    expect(infoSpy).not.toHaveBeenCalled()
+    expect(outputs.itemId).toEqual('project-item-id')
+  })
+
+  test(`throws an error when url isn't a valid project url`, async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/repositories',
+      'github-token': 'gh_token'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: []
+      }
+    }
+
+    const infoSpy = jest.spyOn(core, 'info')
+    const gqlMock = mockGraphQL()
+    await expect(addToProject()).rejects.toThrow(
+      'https://github.com/orgs/github/repositories. Project URL should match the format https://github.com/<orgs-or-users>/<ownerName>/projects/<projectNumber>'
+    )
+    expect(infoSpy).not.toHaveBeenCalled()
+    expect(gqlMock).not.toHaveBeenCalled()
+  })
+
+  test(`throws an error when url isn't under the github.com domain`, async () => {
+    mockGetInput({
+      'project-url': 'https://notgithub.com/orgs/github/projects/1',
+      'github-token': 'gh_token'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: []
+      }
+    }
+
+    const infoSpy = jest.spyOn(core, 'info')
+    const gqlMock = mockGraphQL()
+    await expect(addToProject()).rejects.toThrow(
+      'https://notgithub.com/orgs/github/projects/1. Project URL should match the format https://github.com/<orgs-or-users>/<ownerName>/projects/<projectNumber>'
+    )
+    expect(infoSpy).not.toHaveBeenCalled()
+    expect(gqlMock).not.toHaveBeenCalled()
+  })
+
+  test('constructs the correct graphQL query given an organization owner', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'bug, new'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: [{name: 'bug'}]
+      }
+    }
+
+    const gqlMock = mockGraphQL(
+      {
+        test: /getProject/,
+        return: {
+          organization: {
+            projectV2: {
+              id: 'project-id'
+            }
+          }
+        }
+      },
+      {
+        test: /addProjectV2ItemById/,
+        return: {
+          addProjectV2ItemById: {
+            item: {
+              id: 'project-item-id'
+            }
+          }
+        }
+      }
+    )
+
+    await addToProject()
+
+    expect(gqlMock).toHaveBeenNthCalledWith(1, expect.stringContaining('organization(login: $ownerName)'), {
+      ownerName: 'github',
+      projectNumber: 1
+    })
+  })
+
+  test('constructs the correct graphQL query given a user owner', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/users/monalisa/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'bug, new'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: [{name: 'bug'}]
+      }
+    }
+
+    const gqlMock = mockGraphQL(
+      {
+        test: /getProject/,
+        return: {
+          organization: {
+            projectV2: {
+              id: 'project-id'
+            }
+          }
+        }
+      },
+      {
+        test: /addProjectV2ItemById/,
+        return: {
+          addProjectV2ItemById: {
+            item: {
+              id: 'project-item-id'
+            }
+          }
+        }
+      }
+    )
+
+    await addToProject()
+
+    expect(gqlMock).toHaveBeenNthCalledWith(1, expect.stringContaining('user(login: $ownerName)'), {
+      ownerName: 'monalisa',
+      projectNumber: 1
+    })
+  })
+
+  test('compares labels case-insensitively', async () => {
+    mockGetInput({
+      'project-url': 'https://github.com/orgs/github/projects/1',
+      'github-token': 'gh_token',
+      labeled: 'FOO, Bar, baz',
+      'label-operator': 'AND'
+    })
+
+    github.context.payload = {
+      issue: {
+        number: 1,
+        labels: [{name: 'foo'}, {name: 'BAR'}, {name: 'baz'}]
+      }
+    }
+
+    mockGraphQL(
+      {
+        test: /getProject/,
+        return: {
+          organization: {
+            projectV2: {
+              id: 'project-next-id'
+            }
+          }
+        }
+      },
+      {
+        test: /addProjectV2ItemById/,
+        return: {
+          addProjectV2ItemById: {
+            item: {
+              id: 'project-next-item-id'
+            }
+          }
+        }
+      }
+    )
+
+    await addToProject()
+
+    expect(outputs.itemId).toEqual('project-next-item-id')
+  })
+})
+
+describe('mustGetOwnerTypeQuery', () => {
+  test('returns organization for orgs ownerType', async () => {
+    const ownerTypeQuery = mustGetOwnerTypeQuery('orgs')
+
+    expect(ownerTypeQuery).toEqual('organization')
+  })
+
+  test('returns user for users ownerType', async () => {
+    const ownerTypeQuery = mustGetOwnerTypeQuery('users')
+
+    expect(ownerTypeQuery).toEqual('user')
+  })
+
+  test('throws an error when an unsupported ownerType is set', async () => {
+    expect(() => {
+      mustGetOwnerTypeQuery('unknown')
+    }).toThrow(`Unsupported ownerType: unknown. Must be one of 'orgs' or 'users'`)
+  })
 })
 
 function mockGetInput(mocks: Record<string, string>): jest.SpyInstance {

action.yml

@@ -1,6 +1,8 @@
-name: Add to Project
+name: Add To GitHub projects
 description: Automatically add issues and PRs to GitHub projects
 author: GitHub
+branding:
+  icon: table
 inputs:
   project-url:
     required: true
@@ -11,6 +13,9 @@ inputs:
   labeled:
     required: false
     description: A comma-separated list of labels to use as a filter for issue to be added
+  label-operator:
+    required: false
+    description: The behavior of the labels filter, AND to match all labels, OR to match any label, NOT to exclude any listed label (default is OR)
 runs:
   using: 'node16'
   main: 'dist/index.js'

package.json

@@ -1,11 +1,11 @@
 {
   "name": "@actions/add-to-project",
-  "description": "Automatically issues and PRs to GitHub projects",
+  "description": "Automatically adds issues and PRs to GitHub projects",
   "version": "0.0.0",
   "author": "GitHub and contributors",
   "dependencies": {
-    "@actions/core": "^1.6.0",
+    "@actions/core": "^1.9.0",
-    "@actions/github": "^5.0.0"
+    "@actions/github": "^5.0.3"
   },
   "engines": {
     "node": ">=16.0.0 <17.0.0",
@@ -13,19 +13,19 @@
   },
   "devDependencies": {
     "@github/prettier-config": "^0.0.4",
-    "@types/jest": "^27.4.0",
+    "@types/jest": "^27.5.0",
-    "@types/node": "^12.12.6",
+    "@types/node": "~16.11.45",
-    "@typescript-eslint/parser": "^5.10.2",
+    "@typescript-eslint/parser": "^5.30.7",
-    "@vercel/ncc": "^0.33.1",
+    "@vercel/ncc": "^0.34.0",
-    "concurrently": "^7.0.0",
+    "concurrently": "^7.3.0",
-    "eslint": "^8.8.0",
+    "eslint": "^8.20.0",
-    "eslint-plugin-github": "^4.3.5",
+    "eslint-plugin-github": "^4.3.6",
-    "eslint-plugin-jest": "^26.0.0",
+    "eslint-plugin-jest": "^26.6.0",
-    "eslint-plugin-prettier": "^4.0.0",
+    "eslint-plugin-prettier": "^4.2.1",
-    "jest": "^27.4.7",
+    "jest": "^27.5.1",
-    "prettier": "2.5.1",
+    "prettier": "2.7.1",
-    "ts-jest": "^27.1.3",
+    "ts-jest": "^27.1.4",
-    "typescript": "^4.5.5"
+    "typescript": "^4.7.4"
   },
   "keywords": [
     "actions",

src/add-to-project.ts

@@ -8,21 +8,21 @@ const urlParse =
 
 interface ProjectNodeIDResponse {
   organization?: {
-    projectNext: {
+    projectV2: {
       id: string
     }
   }
 
   user?: {
-    projectNext: {
+    projectV2: {
       id: string
     }
   }
 }
 
 interface ProjectAddItemResponse {
-  addProjectNextItem: {
+  addProjectV2ItemById: {
-    projectNextItem: {
+    item: {
       id: string
     }
   }
@@ -35,20 +35,30 @@ export async function addToProject(): Promise<void> {
     core
       .getInput('labeled')
       .split(',')
-      .map(l => l.trim())
+      .map(l => l.trim().toLowerCase())
       .filter(l => l.length > 0) ?? []
+  const labelOperator = core.getInput('label-operator').trim().toLocaleLowerCase()
+
   const octokit = github.getOctokit(ghToken)
+
   const urlMatch = projectUrl.match(urlParse)
   const issue = github.context.payload.issue ?? github.context.payload.pull_request
-  const issueLabels: string[] = (issue?.labels ?? []).map((l: {name: string}) => l.name)
+  const issueLabels: string[] = (issue?.labels ?? []).map((l: {name: string}) => l.name.toLowerCase())
 
-  // Ensure the issue matches our `labeled` filter, if provided.
+  // Ensure the issue matches our `labeled` filter based on the label-operator.
-  if (labeled.length > 0) {
+  if (labelOperator === 'and') {
-    const hasLabel = issueLabels.some(l => labeled.includes(l))
+    if (!labeled.every(l => issueLabels.includes(l))) {
-
+      core.info(`Skipping issue ${issue?.number} because it doesn't match all the labels: ${labeled.join(', ')}`)
-    if (!hasLabel) {
+      return
+    }
+  } else if (labelOperator === 'not') {
+    if (labeled.length > 0 && issueLabels.some(l => labeled.includes(l))) {
+      core.info(`Skipping issue ${issue?.number} because it contains one of the labels: ${labeled.join(', ')}`)
+      return
+    }
+  } else {
+    if (labeled.length > 0 && !issueLabels.some(l => labeled.includes(l))) {
       core.info(`Skipping issue ${issue?.number} because it does not have one of the labels: ${labeled.join(', ')}`)
-
       return
     }
   }
@@ -74,7 +84,7 @@ export async function addToProject(): Promise<void> {
   const idResp = await octokit.graphql<ProjectNodeIDResponse>(
     `query getProject($ownerName: String!, $projectNumber: Int!) {
       ${ownerTypeQuery}(login: $ownerName) {
-        projectNext(number: $projectNumber) {
+        projectV2(number: $projectNumber) {
           id
         }
       }
@@ -85,7 +95,7 @@ export async function addToProject(): Promise<void> {
     }
   )
 
-  const projectId = idResp[ownerTypeQuery]?.projectNext.id
+  const projectId = idResp[ownerTypeQuery]?.projectV2.id
   const contentId = issue?.node_id
 
   core.debug(`Project node ID: ${projectId}`)
@@ -93,25 +103,25 @@ export async function addToProject(): Promise<void> {
 
   // Next, use the GraphQL API to add the issue to the project.
   const addResp = await octokit.graphql<ProjectAddItemResponse>(
-    `mutation addIssueToProject($input: AddProjectNextItemInput!) {
+    `mutation addIssueToProject($input: AddProjectV2ItemByIdInput!) {
-      addProjectNextItem(input: $input) {
+      addProjectV2ItemById(input: $input) {
-        projectNextItem {
+        item {
           id
         }
       }
     }`,
     {
       input: {
-        contentId,
+        projectId,
-        projectId
+        contentId
       }
     }
   )
 
-  core.setOutput('itemId', addResp.addProjectNextItem.projectNextItem.id)
+  core.setOutput('itemId', addResp.addProjectV2ItemById.item.id)
 }
 
-function mustGetOwnerTypeQuery(ownerType?: string): 'organization' | 'user' {
+export function mustGetOwnerTypeQuery(ownerType?: string): 'organization' | 'user' {
   const ownerTypeQuery = ownerType === 'orgs' ? 'organization' : ownerType === 'users' ? 'user' : null
 
   if (!ownerTypeQuery) {