Added output (#60)

* Added output

* removed formatting changes

* more formatting changes

* Fix merge conflicts

* Small test refactoring

* tests are passing

* Add a test

* Add a small jest mock for addLabels. Not used.

* Add tests for more cases

* get rid of an unused jest mock

* fix review points

* rebuild + minor README fix

* fix review points

* update tests

* fix formatting

* add tests, fix bug

* cleanup

---------

Co-authored-by: Daniel Shteremberg <dshteremberg@labelbox.com>
Co-authored-by: Daniel Shteremberg <Daniel@Daniel-Shterembergs-MacBook-Pro.local>
Co-authored-by: Patrick Ellis <patrick.j.ellis@gmail.com>
Co-authored-by: Andrey Lobanovich <andrei.lobanovich@akvelon.com>

.eslintignore

@@ -0,0 +1,7 @@
+# Ignore list
+/*
+
+# Do not ignore these folders:
+!__tests__/
+!__mocks__/
+!src/

.eslintrc.js

@@ -0,0 +1,51 @@
+// This is a reusable configuration file copied from https://github.com/actions/reusable-workflows/tree/main/reusable-configurations. Please don't make changes to this file as it's the subject of an automatic update.
+module.exports = {
+  extends: [
+    'eslint:recommended',
+    'plugin:@typescript-eslint/recommended',
+    'plugin:eslint-plugin-jest/recommended',
+    'eslint-config-prettier'
+  ],
+  parser: '@typescript-eslint/parser',
+  plugins: ['@typescript-eslint', 'eslint-plugin-node', 'eslint-plugin-jest'],
+  rules: {
+    '@typescript-eslint/no-require-imports': 'error',
+    '@typescript-eslint/no-non-null-assertion': 'off',
+    '@typescript-eslint/no-explicit-any': 'off',
+    '@typescript-eslint/no-empty-function': 'off',
+    '@typescript-eslint/ban-ts-comment': [
+      'error',
+      {
+        'ts-ignore': 'allow-with-description'
+      }
+    ],
+    'no-console': 'error',
+    'yoda': 'error',
+    'prefer-const': [
+      'error',
+      {
+        destructuring: 'all'
+      }
+    ],
+    'no-control-regex': 'off',
+    'no-constant-condition': ['error', {checkLoops: false}],
+    'node/no-extraneous-import': 'error'
+  },
+  overrides: [
+    {
+      files: ['**/*{test,spec}.ts'],
+      rules: {
+        '@typescript-eslint/no-unused-vars': 'off',
+        'jest/no-standalone-expect': 'off',
+        'jest/no-conditional-expect': 'off',
+        'no-console': 'off',
+
+      }
+    }
+  ],
+  env: {
+    node: true,
+    es6: true,
+    'jest/globals': true
+  }
+};

.gitattributes

@@ -1,4 +1,4 @@
-* text=auto
+* text=auto eol=lf
 .licenses/** -diff linguist-generated=true
 
 # don't diff machine generated files

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,35 @@
+---
+name: Bug report
+about: Create a bug report
+title: ''
+labels: bug, needs triage
+assignees: ''
+
+---
+
+<!--- Please direct any generic questions related to actions to our support community forum at https://github.community/c/code-to-cloud/github-actions/41 --->
+<!--- Before opening up a new bug report, please make sure to check for similar existing issues -->
+
+**Description:**
+A clear and concise description of what the bug is.
+
+**Action version:**
+Specify the action version
+
+**Platform:**
+- [ ] Ubuntu
+- [ ] macOS
+- [ ] Windows
+
+**Runner type:**
+- [ ] Hosted
+- [ ] Self-hosted
+
+**Repro steps:**  
+A description with steps to reproduce the issue. If your have a public example or repo to share, please provide the link.
+
+**Expected behavior:**
+A description of what you expected to happen.
+
+**Actual behavior:**
+A description of what is actually happening.

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1 @@
+blank_issues_enabled: false

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,18 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: feature request, needs triage
+assignees: ''
+---
+<!--- Please direct any generic questions related to actions to our support community forum at https://github.community/c/code-to-cloud/github-actions/41 --->
+<!--- Before opening up a new feature request, please make sure to check for similar existing issues and pull requests -->
+
+**Description:**
+Describe your proposal.
+
+**Justification:**
+Justification or a use case for your proposal.
+
+**Are you willing to submit a PR?**
+<!--- We accept contributions! -->

.github/pull_request_template.md

@@ -0,0 +1,9 @@
+**Description:**
+Describe your changes.
+
+**Related issue:**
+Add link to the related issue.
+
+**Check list:**
+- [ ] Mark if documentation changes are required.
+- [ ] Mark if tests were added or updated to cover the changes.

.github/workflows/basic-validation.yml

@@ -0,0 +1,17 @@
+name: Basic validation
+
+on:
+  pull_request:
+    paths-ignore:
+      - '**.md'
+  push:
+    branches:
+      - main
+      - releases/*
+    paths-ignore:
+      - '**.md'
+
+jobs:
+  call-basic-validation:
+    name: Basic validation
+    uses: actions/reusable-workflows/.github/workflows/basic-validation.yml@main

.github/workflows/build_test.yml

@@ -1,28 +0,0 @@
-name: Build & Test
-
-on:
-  pull_request:
-    paths-ignore:
-      - '**.md'
-  push:
-    branches:
-      - main
-      - releases/*
-    paths-ignore:
-      - '**.md'
-
-jobs:
-  build:
-    runs-on: ${{ matrix.os }}
-    strategy:
-      matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-    steps:
-      - uses: actions/checkout@v2
-      - name: Setup node 16
-        uses: actions/setup-node@v2
-        with:
-          node-version: 16.x
-      - run: npm install
-      - run: npm run build
-      - run: npm test

.github/workflows/check-dist.yml

@@ -0,0 +1,17 @@
+name: Check dist/
+
+on:
+  push:
+    branches:
+      - main
+    paths-ignore:
+      - '**.md'
+  pull_request:
+    paths-ignore:
+      - '**.md'
+  workflow_dispatch:
+
+jobs:
+  call-check-dist:
+    name: Check dist/
+    uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,14 @@
+name: CodeQL analysis
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: '0 3 * * 0'
+
+jobs:
+  call-codeQL-analysis:
+    name: CodeQL analysis
+    uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main

.github/workflows/licensed.yml

@@ -0,0 +1,15 @@
+name: Licensed
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  call-licensed:
+    name: Licensed
+    uses: actions/reusable-workflows/.github/workflows/licensed.yml@main

.github/workflows/release-new-action-version.yml

@@ -0,0 +1,28 @@
+name: Release new action version
+
+on:
+  release:
+    types: [released]
+  workflow_dispatch:
+    inputs:
+      TAG_NAME:
+        description: 'Tag name that the major tag will point to'
+        required: true
+
+env:
+  TAG_NAME: ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }}
+permissions:
+  contents: write
+
+jobs:
+  update_tag:
+    name: Update the major tag to include the ${{ github.event.inputs.TAG_NAME || github.event.release.tag_name }} changes
+    environment:
+      name: releaseNewActionVersion
+    runs-on: ubuntu-latest
+    steps:
+      - name: Update the ${{ env.TAG_NAME }} tag
+        uses: actions/publish-action@v0.2.2
+        with:
+          source-tag: ${{ env.TAG_NAME }}
+          slack-webhook: ${{ secrets.SLACK_WEBHOOK }}

.github/workflows/update-config-files.yml

@@ -0,0 +1,11 @@
+name: Update configuration files
+
+on:
+  schedule:
+    - cron: '0 3 * * 0'
+  workflow_dispatch:
+
+jobs:
+  call-update-configuration-files:
+    name: Update configuration files
+    uses: actions/reusable-workflows/.github/workflows/update-config-files.yml@main

.github/workflows/update_and_check_licenses.yml

@@ -1,50 +0,0 @@
-name: Licenses
-
-on:
-  push:
-    branches: [main]
-    paths: [package.json, package-lock.json]
-  pull_request:
-    branches: [main]
-    paths: [package.json, package-lock.json]
-  workflow_dispatch:
-
-jobs:
-  # Updates our cache of license files in response to changes to our dependencies
-  # declared in package-lock.json. Automatically commits the changes and pushes
-  # them to your branch. NB `check_license_status` should always run *after* this
-  #
-  # see https://github.com/actions/labeler/pull/155 for more context
-  update_licenses:
-    runs-on: ubuntu-latest
-    name: Update Licenses
-    steps:
-      - uses: actions/checkout@v1
-      - uses: jonabc/setup-licensed@v1
-        with:
-          version: '3.x'
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-      - run: npm install --production
-      - uses: jonabc/licensed-ci@v1
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-
-  # Fails if any of our dependencies have licenses that our incompatible with our
-  # requirements (see .licensed.yml) OR if any of our dependencies have been
-  # upgraded to a new version without us having updated their corresponding
-  # license metadata file in .licenses/
-  #
-  # see https://github.com/actions/labeler/pull/91 for more context
-  check_licenses:
-    needs: update_licenses
-    if: always() # always run after we update the license cache. if it failed, we will probably just fail as well
-    runs-on: ubuntu-latest
-    name: Check Licenses
-    steps:
-      - uses: actions/checkout@v2
-      - uses: jonabc/setup-licensed@v1.0.2
-        with:
-          version: '3.x'
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-      - run: npm install
-      - run: licensed status

.licenses/npm/@actions/core.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@actions/core"
-version: 1.6.0
+version: 1.10.0
 type: npm
 summary: Actions core lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/core

.licenses/npm/@actions/github.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@actions/github"
-version: 5.0.0
+version: 5.1.1
 type: npm
 summary: Actions github lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/github

.licenses/npm/@actions/http-client.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@actions/http-client"
-version: 1.0.11
+version: 2.0.1
 type: npm
 summary: Actions Http Client
-homepage: https://github.com/actions/http-client#readme
+homepage: https://github.com/actions/toolkit/tree/main/packages/http-client
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/auth-token.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@octokit/auth-token"
-version: 2.4.5
+version: 2.5.0
 type: npm
 summary: GitHub API token authentication for browsers and Node.js
-homepage: https://github.com/octokit/auth-token.js#readme
+homepage: 
 license: mit
 licenses:
 - sources: LICENSE

.licenses/npm/@octokit/core.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/core"
-version: 3.5.1
+version: 3.6.0
 type: npm
 summary: Extendable client for GitHub's REST & GraphQL APIs
 homepage: 

.licenses/npm/@octokit/graphql.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/graphql"
-version: 4.6.4
+version: 4.8.0
 type: npm
 summary: GitHub GraphQL API client for browsers and Node
 homepage: 

.licenses/npm/@octokit/openapi-types-12.11.0.dep.yml

@@ -0,0 +1,20 @@
+---
+name: "@octokit/openapi-types"
+version: 12.11.0
+type: npm
+summary: Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com
+homepage:
+license: mit
+licenses:
+- sources: LICENSE
+  text: |-
+    Copyright 2020 Gregor Martynus
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+- sources: README.md
+  text: "[MIT](LICENSE)"
+notices: []

.licenses/npm/@octokit/openapi-types-18.0.0.dep.yml

@@ -1,8 +1,8 @@
 ---
 name: "@octokit/openapi-types"
-version: 7.3.2
+version: 18.0.0
 type: npm
-summary: Generated TypeScript definitions based on GitHub's OpenAPI spec
+summary: Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com
 homepage: 
 license: mit
 licenses:

.licenses/npm/@octokit/plugin-paginate-rest.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/plugin-paginate-rest"
-version: 2.13.5
+version: 2.21.3
 type: npm
 summary: Octokit plugin to paginate REST API endpoint responses
 homepage: 

.licenses/npm/@octokit/plugin-rest-endpoint-methods.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/plugin-rest-endpoint-methods"
-version: 5.3.1
+version: 5.16.2
 type: npm
 summary: Octokit plugin adding one method for all of api.github.com REST API endpoints
 homepage: 

.licenses/npm/@octokit/plugin-retry.dep.yml

@@ -0,0 +1,34 @@
+---
+name: "@octokit/plugin-retry"
+version: 5.0.4
+type: npm
+summary: Automatic retry plugin for octokit
+homepage: 
+license: mit
+licenses:
+- sources: LICENSE
+  text: |
+    MIT License
+
+    Copyright (c) 2018 Octokit contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+- sources: README.md
+  text: "[MIT](LICENSE)"
+notices: []

.licenses/npm/@octokit/request-error-4.0.2.dep.yml

@@ -0,0 +1,34 @@
+---
+name: "@octokit/request-error"
+version: 4.0.2
+type: npm
+summary: Error class for Octokit request errors
+homepage: 
+license: mit
+licenses:
+- sources: LICENSE
+  text: |
+    The MIT License
+
+    Copyright (c) 2019 Octokit contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in
+    all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+    THE SOFTWARE.
+- sources: README.md
+  text: "[MIT](LICENSE)"
+notices: []

.licenses/npm/@octokit/request.dep.yml

@@ -1,9 +1,9 @@
 ---
 name: "@octokit/request"
-version: 5.6.0
+version: 5.6.3
 type: npm
-summary: "Send parameterized requests to GitHubâ\x80\x99s APIs with sensible defaults
-  in browsers and Node"
+summary: Send parameterized requests to GitHub's APIs with sensible defaults in browsers
+  and Node
 homepage: 
 license: mit
 licenses:

.licenses/npm/@octokit/types-10.0.0.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/types"
-version: 6.16.4
+version: 10.0.0
 type: npm
 summary: Shared TypeScript definitions for Octokit projects
 homepage: 

.licenses/npm/@octokit/types-6.41.0.dep.yml

@@ -0,0 +1,20 @@
+---
+name: "@octokit/types"
+version: 6.41.0
+type: npm
+summary: Shared TypeScript definitions for Octokit projects
+homepage:
+license: mit
+licenses:
+- sources: LICENSE
+  text: |
+    MIT License Copyright (c) 2019 Octokit contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice (including the next paragraph) shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+- sources: README.md
+  text: "[MIT](LICENSE)"
+notices: []

.licenses/npm/balanced-match.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: balanced-match
-version: 1.0.0
+version: 1.0.2
 type: npm
 summary: Match balanced character pairs, like "{" and "}"
 homepage: https://github.com/juliangruber/balanced-match

.licenses/npm/before-after-hook.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: before-after-hook
-version: 2.2.2
+version: 2.2.3
 type: npm
 summary: asynchronous before/error/after hooks for internal functionality
 homepage: 

.licenses/npm/bottleneck.dep.yml

@@ -1,14 +1,16 @@
 ---
-name: concat-map
-version: 0.0.1
+name: bottleneck
+version: 2.19.5
 type: npm
-summary: concatenative mapdashery
-homepage: 
-license: other
+summary: Distributed task scheduler and rate limiter
+homepage:
+license: mit
 licenses:
 - sources: LICENSE
   text: |
-    This software is released under the MIT license:
+    The MIT License (MIT)
+
+    Copyright (c) 2014 Simon Grondin
 
     Permission is hereby granted, free of charge, to any person obtaining a copy of
     this software and associated documentation files (the "Software"), to deal in
@@ -26,6 +28,4 @@ licenses:
     COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
     IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
     CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-- sources: README.markdown
-  text: MIT
 notices: []

.licenses/npm/brace-expansion.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: brace-expansion
-version: 1.1.11
+version: 2.0.1
 type: npm
 summary: Brace expansion as known from sh/bash
 homepage: https://github.com/juliangruber/brace-expansion

.licenses/npm/minimatch.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: minimatch
-version: 3.0.4
+version: 7.4.3
 type: npm
 summary: a glob matcher in javascript
 homepage: 
@@ -10,7 +10,7 @@ licenses:
   text: |
     The ISC License
 
-    Copyright (c) Isaac Z. Schlueter and Contributors
+    Copyright (c) 2011-2022 Isaac Z. Schlueter and Contributors
 
     Permission to use, copy, modify, and/or distribute this software for any
     purpose with or without fee is hereby granted, provided that the above

.licenses/npm/node-fetch.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: node-fetch
-version: 2.6.1
+version: 2.6.7
 type: npm
 summary: A light-weight module that brings window.fetch to node.js
 homepage: https://github.com/bitinn/node-fetch

.licenses/npm/tr46.dep.yml

@@ -0,0 +1,30 @@
+---
+name: tr46
+version: 0.0.3
+type: npm
+summary: An implementation of the Unicode TR46 spec
+homepage: https://github.com/Sebmaster/tr46.js#readme
+license: mit
+licenses:
+- sources: Auto-generated MIT license text
+  text: |
+    MIT License
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+notices: []

.licenses/npm/uuid.dep.yml

@@ -0,0 +1,20 @@
+---
+name: uuid
+version: 8.3.2
+type: npm
+summary: RFC4122 (v1, v4, and v5) UUIDs
+homepage: 
+license: mit
+licenses:
+- sources: LICENSE.md
+  text: |
+    The MIT License (MIT)
+
+    Copyright (c) 2010-2020 Robert Kieffer and other contributors
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+notices: []

.licenses/npm/webidl-conversions.dep.yml

@@ -0,0 +1,23 @@
+---
+name: webidl-conversions
+version: 3.0.1
+type: npm
+summary: Implements the WebIDL algorithms for converting to and from JavaScript values
+homepage: 
+license: bsd-2-clause
+licenses:
+- sources: LICENSE.md
+  text: |
+    # The BSD 2-Clause License
+
+    Copyright (c) 2014, Domenic Denicola
+    All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+
+    2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+notices: []

.licenses/npm/whatwg-url.dep.yml

@@ -0,0 +1,32 @@
+---
+name: whatwg-url
+version: 5.0.0
+type: npm
+summary: An implementation of the WHATWG URL Standard's URL API and parsing machinery
+homepage: 
+license: mit
+licenses:
+- sources: LICENSE.txt
+  text: |
+    The MIT License (MIT)
+
+    Copyright (c) 2015–2016 Sebastian Mayr
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in
+    all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+    THE SOFTWARE.
+notices: []

.prettierignore

@@ -0,0 +1,8 @@
+# Ignore list
+/*
+
+# Do not ignore these folders:
+!__tests__/
+!__mocks__/
+!.github/
+!src/

.prettierrc.js

@@ -0,0 +1,11 @@
+// This is a reusable configuration file copied from https://github.com/actions/reusable-workflows/tree/main/reusable-configurations. Please don't make changes to this file as it's the subject of an automatic update.
+module.exports = {
+  printWidth: 80,
+  tabWidth: 2,
+  useTabs: false,
+  semi: true,
+  singleQuote: true,
+  trailingComma: 'none',
+  bracketSpacing: false,
+  arrowParens: 'avoid'
+};

CODEOWNERS

@@ -1 +1 @@
-* @actions/actions-runtime
+* @actions/setup-actions-team

README.md

@@ -1,13 +1,6 @@
 # Pull Request Labeler
 
-<p align="left">
-  <a href="https://github.com/actions/labeler/actions?query=workflow%3A%22Build+%26+Test%22++">
-    <img alt="build and test status" src="https://github.com/actions/labeler/actions/workflows/build_test.yml/badge.svg">
-  </a>
-  <a href="https://david-dm.org/actions/labeler">
-    <img alt="dependencies" src="https://status.david-dm.org/gh/actions/labeler.svg">
-  </a>
-</p>
+[![Basic validation](https://github.com/actions/labeler/actions/workflows/basic-validation.yml/badge.svg?branch=main)](https://github.com/actions/labeler/actions/workflows/basic-validation.yml)
 
 Automatically label new pull requests based on the paths of files being changed.
 
@@ -17,7 +10,7 @@ Automatically label new pull requests based on the paths of files being changed.
 
 Create a `.github/labeler.yml` file with a list of labels and [minimatch](https://github.com/isaacs/minimatch) globs to match to apply the label.
 
-The key is the name of the label in your repository that you want to add (eg: "merge conflict", "needs-updating") and the value is the path (glob) of the changed files (eg: `src/**/*`, `tests/*.spec.js`) or a match object.
+The key is the name of the label in your repository that you want to add (e.g. `merge conflict`, `needs-updating`) and the value is the path (glob) of the changed files (e.g. `src/**`, `tests/*.spec.js`) or a match object.
 
 #### Match Object
 
@@ -47,15 +40,25 @@ label1:
 
 From a boolean logic perspective, top-level match objects are `OR`-ed together and individual match rules within an object are `AND`-ed. Combined with `!` negation, you can write complex matching rules.
 
+> ⚠️ This action uses [minimatch](https://www.npmjs.com/package/minimatch) to apply glob patterns.
+> For historical reasons, paths starting with dot (e.g. `.github`) are not matched by default.
+> You need to set `dot: true` to change this behavior.
+> See [Inputs](#inputs) table below for details.
+
 #### Basic Examples
 
 ```yml
 # Add 'label1' to any changes within 'example' folder or any subfolders
 label1:
-- example/**/*
+- example/**
 
 # Add 'label2' to any file changes within 'example2' folder
 label2: example2/*
+
+# Add label3 to any change to .txt files within the entire repository. Quotation marks are required for the leading asterisk
+label3:
+- '**/*.txt'
+
 ```
 
 #### Common Examples
@@ -66,9 +69,8 @@ repo:
 - '*'
 
 # Add '@domain/core' label to any change within the 'core' package
-@domain/core:
-- package/core/*
-- package/core/**/*
+'@domain/core':
+- package/core/**
 
 # Add 'test' label to any change to *.spec.js files within the source dir
 test:
@@ -76,7 +78,7 @@ test:
 
 # Add 'source' label to any change to src files within the source dir EXCEPT for the docs sub-folder
 source:
-- any: ['src/**/*', '!src/docs/*']
+- any: ['src/**', '!src/docs/*']
 
 # Add 'frontend` label to any change to *.js files as long as the `main.js` hasn't changed
 frontend:
@@ -86,7 +88,7 @@ frontend:
 
 ### Create Workflow
 
-Create a workflow (eg: `.github/workflows/labeler.yml` see [Creating a Workflow file](https://help.github.com/en/articles/configuring-a-workflow#creating-a-workflow-file)) to utilize the labeler action with content:
+Create a workflow (e.g. `.github/workflows/labeler.yml` see [Creating a Workflow file](https://help.github.com/en/articles/configuring-a-workflow#creating-a-workflow-file)) to utilize the labeler action with content:
 
 ```yml
 name: "Pull Request Labeler"
@@ -95,25 +97,96 @@ on:
 
 jobs:
   triage:
+    permissions:
+      contents: read
+      pull-requests: write
     runs-on: ubuntu-latest
     steps:
     - uses: actions/labeler@v4
-      with:
-        repo-token: "${{ secrets.GITHUB_TOKEN }}"
 ```
 
-_Note: This grants access to the `GITHUB_TOKEN` so the action can make calls to GitHub's rest API_
-
 #### Inputs
 
 Various inputs are defined in [`action.yml`](action.yml) to let you configure the labeler:
 
-| Name | Description | Default |
-| - | - | - |
-| `repo-token` | Token to use to authorize label changes. Typically the GITHUB_TOKEN secret | N/A |
-| `configuration-path` | The path to the label configuration file | `.github/labeler.yml` |
-| `sync-labels` | Whether or not to remove labels when matching files are reverted or no longer changed by the PR | `false`
+| Name                 | Description                                                                                     | Default               |
+|----------------------|-------------------------------------------------------------------------------------------------|-----------------------|
+| `repo-token`         | Token to use to authorize label changes. Typically the GITHUB_TOKEN secret                      | N/A                   |
+| `configuration-path` | The path to the label configuration file                                                        | `.github/labeler.yml` |
+| `sync-labels`        | Whether or not to remove labels when matching files are reverted or no longer changed by the PR | `false`               |
+| `dot`                | Whether or not to auto-include paths starting with dot (e.g. `.github`)                         | `false`               |
 
-# Contributions
+When `dot` is disabled and you want to include _all_ files in a folder:
+
+```yml
+label1:
+- path/to/folder/**/*
+- path/to/folder/**/.*
+```
+
+If `dot` is enabled:
+
+```yml
+label1:
+- path/to/folder/**
+```
+
+#### Outputs 
+
+Labeler provides the following outputs:  
+
+| Name         | Description                                               |
+|--------------|-----------------------------------------------------------|
+| `new-labels` | A comma-separated list of all new labels                  |
+| `all-labels` | A comma-separated list of all labels that the PR contains |
+
+The following example performs steps based on the output of labeler:
+```yml
+name: "My workflow"
+on:
+- pull_request_target
+
+jobs:
+  triage:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+    steps:
+    - id: label-the-PR
+      uses: actions/labeler@v3
+      
+    - id: run-frontend-tests
+      if: contains(fromJson(steps.label-the-PR.outputs.all-labels), 'frontend')
+      run: |
+        echo "Running frontend tests..."
+        # Put your commands for running frontend tests here
+  
+    - id: run-backend-tests
+      if: contains(fromJson(steps.label-the-PR.outputs.all-labels), 'backend')
+      run: |
+        echo "Running backend tests..."
+        # Put your commands for running backend tests here
+```
+
+## Permissions
+
+In order to add labels to pull requests, the GitHub labeler action requires
+write permissions on the pull-request. However, when the action runs on a pull
+request from a forked repository, GitHub only grants read access tokens for
+`pull_request` events, at most. If you encounter an `Error: HttpError: Resource
+not accessible by integration`, it's likely due to these permission constraints.
+To resolve this issue, you can modify the `on:` section of your workflow to use
+[`pull_request_target`](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target)
+instead of `pull_request` (see example [above](#create-workflow)). This change
+allows the action to have write access, because `pull_request_target` alters the
+[context of the
+action](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target)
+and safely grants additional permissions. Refer to the [GitHub token
+permissions
+documentation](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)
+for more details about access levels and event contexts.
+
+## Contributions
 
 Contributions are welcome! See the [Contributor's Guide](CONTRIBUTING.md).

__mocks__/@actions/github.ts

@@ -1,34 +1,33 @@
 export const context = {
   payload: {
     pull_request: {
-      number: 123,
-    },
+      number: 123
+    }
   },
   repo: {
-    owner: "monalisa",
-    repo: "helloworld",
-  },
+    owner: 'monalisa',
+    repo: 'helloworld'
+  }
 };
 
 const mockApi = {
   rest: {
     issues: {
-      addLabels: jest.fn(),
-      removeLabel: jest.fn(),
+      setLabels: jest.fn()
     },
     pulls: {
       get: jest.fn().mockResolvedValue({}),
       listFiles: {
         endpoint: {
-          merge: jest.fn().mockReturnValue({}),
-        },
-      },
+          merge: jest.fn().mockReturnValue({})
+        }
+      }
     },
     repos: {
-      getContent: jest.fn(),
-    },
+      getContent: jest.fn()
+    }
   },
-  paginate: jest.fn(),
+  paginate: jest.fn()
 };
 
 export const getOctokit = jest.fn().mockImplementation(() => mockApi);

__tests__/labeler.test.ts

@@ -1,29 +1,43 @@
-import { checkGlobs } from "../src/labeler";
+import {checkGlobs} from '../src/labeler';
 
-import * as core from "@actions/core";
+import * as core from '@actions/core';
 
-jest.mock("@actions/core");
+jest.mock('@actions/core');
 
 beforeAll(() => {
-  jest.spyOn(core, "getInput").mockImplementation((name, options) => {
-    return jest.requireActual("@actions/core").getInput(name, options);
+  jest.spyOn(core, 'getInput').mockImplementation((name, options) => {
+    return jest.requireActual('@actions/core').getInput(name, options);
   });
 });
 
-const matchConfig = [{ any: ["*.txt"] }];
+const matchConfig = [{any: ['*.txt']}];
 
-describe("checkGlobs", () => {
-  it("returns true when our pattern does match changed files", () => {
-    const changedFiles = ["foo.txt", "bar.txt"];
-    const result = checkGlobs(changedFiles, matchConfig);
+describe('checkGlobs', () => {
+  it('returns true when our pattern does match changed files', () => {
+    const changedFiles = ['foo.txt', 'bar.txt'];
+    const result = checkGlobs(changedFiles, matchConfig, false);
 
     expect(result).toBeTruthy();
   });
 
-  it("returns false when our pattern does not match changed files", () => {
-    const changedFiles = ["foo.docx"];
-    const result = checkGlobs(changedFiles, matchConfig);
+  it('returns false when our pattern does not match changed files', () => {
+    const changedFiles = ['foo.docx'];
+    const result = checkGlobs(changedFiles, matchConfig, false);
 
     expect(result).toBeFalsy();
   });
+
+  it('returns false for a file starting with dot if `dot` option is false', () => {
+    const changedFiles = ['.foo.txt'];
+    const result = checkGlobs(changedFiles, matchConfig, false);
+
+    expect(result).toBeFalsy();
+  });
+
+  it('returns true for a file starting with dot if `dot` option is true', () => {
+    const changedFiles = ['.foo.txt'];
+    const result = checkGlobs(changedFiles, matchConfig, true);
+
+    expect(result).toBeTruthy();
+  });
 });

__tests__/main.test.ts

@@ -1,116 +1,223 @@
-import { run } from "../src/labeler";
-import * as github from "@actions/github";
-import * as core from "@actions/core";
+import {run} from '../src/labeler';
+import * as github from '@actions/github';
+import * as core from '@actions/core';
 
-const fs = jest.requireActual("fs");
+const fs = jest.requireActual('fs');
 
-jest.mock("@actions/core");
-jest.mock("@actions/github");
+jest.mock('@actions/core');
+jest.mock('@actions/github');
 
-const gh = github.getOctokit("_");
-const addLabelsMock = jest.spyOn(gh.rest.issues, "addLabels");
-const removeLabelMock = jest.spyOn(gh.rest.issues, "removeLabel");
-const reposMock = jest.spyOn(gh.rest.repos, "getContent");
-const paginateMock = jest.spyOn(gh, "paginate");
-const getPullMock = jest.spyOn(gh.rest.pulls, "get");
+const gh = github.getOctokit('_');
+const setLabelsMock = jest.spyOn(gh.rest.issues, 'setLabels');
+const reposMock = jest.spyOn(gh.rest.repos, 'getContent');
+const paginateMock = jest.spyOn(gh, 'paginate');
+const getPullMock = jest.spyOn(gh.rest.pulls, 'get');
+const coreWarningMock = jest.spyOn(core, 'warning');
+const setOutputSpy = jest.spyOn(core, 'setOutput');
 
 const yamlFixtures = {
-  "only_pdfs.yml": fs.readFileSync("__tests__/fixtures/only_pdfs.yml"),
+  'only_pdfs.yml': fs.readFileSync('__tests__/fixtures/only_pdfs.yml')
+};
+
+const configureInput = (
+  mockInput: Partial<{
+    'repo-token': string;
+    'configuration-path': string;
+    'sync-labels': boolean;
+    dot: boolean;
+  }>
+) => {
+  jest
+    .spyOn(core, 'getInput')
+    .mockImplementation((name: string, ...opts) => mockInput[name]);
+  jest
+    .spyOn(core, 'getBooleanInput')
+    .mockImplementation((name: string, ...opts) => mockInput[name]);
 };
 
 afterAll(() => jest.restoreAllMocks());
 
-describe("run", () => {
-  it("adds labels to PRs that match our glob patterns", async () => {
-    usingLabelerConfigYaml("only_pdfs.yml");
-    mockGitHubResponseChangedFiles("foo.pdf");
-
-    await run();
-
-    expect(removeLabelMock).toHaveBeenCalledTimes(0);
-    expect(addLabelsMock).toHaveBeenCalledTimes(1);
-    expect(addLabelsMock).toHaveBeenCalledWith({
-      owner: "monalisa",
-      repo: "helloworld",
-      issue_number: 123,
-      labels: ["touched-a-pdf-file"],
-    });
-  });
-
-  it("does not add labels to PRs that do not match our glob patterns", async () => {
-    usingLabelerConfigYaml("only_pdfs.yml");
-    mockGitHubResponseChangedFiles("foo.txt");
-
-    await run();
-
-    expect(removeLabelMock).toHaveBeenCalledTimes(0);
-    expect(addLabelsMock).toHaveBeenCalledTimes(0);
-  });
-
-  it("(with sync-labels: true) it deletes preexisting PR labels that no longer match the glob pattern", async () => {
-    let mockInput = {
-      "repo-token": "foo",
-      "configuration-path": "bar",
-      "sync-labels": true,
-    };
-
-    jest
-      .spyOn(core, "getInput")
-      .mockImplementation((name: string, ...opts) => mockInput[name]);
-
-    usingLabelerConfigYaml("only_pdfs.yml");
-    mockGitHubResponseChangedFiles("foo.txt");
+describe('run', () => {
+  it('(with dot: false) adds labels to PRs that match our glob patterns', async () => {
+    configureInput({});
+    usingLabelerConfigYaml('only_pdfs.yml');
+    mockGitHubResponseChangedFiles('foo.pdf');
     getPullMock.mockResolvedValue(<any>{
       data: {
-        labels: [{ name: "touched-a-pdf-file" }],
-      },
+        labels: []
+      }
     });
 
     await run();
 
-    expect(addLabelsMock).toHaveBeenCalledTimes(0);
-    expect(removeLabelMock).toHaveBeenCalledTimes(1);
-    expect(removeLabelMock).toHaveBeenCalledWith({
-      owner: "monalisa",
-      repo: "helloworld",
+    expect(setLabelsMock).toHaveBeenCalledTimes(1);
+
+    expect(setLabelsMock).toHaveBeenCalledWith({
+      owner: 'monalisa',
+      repo: 'helloworld',
       issue_number: 123,
-      name: "touched-a-pdf-file",
+      labels: ['touched-a-pdf-file']
     });
+    expect(setOutputSpy).toHaveBeenCalledWith(
+      'new-labels',
+      'touched-a-pdf-file'
+    );
+    expect(setOutputSpy).toHaveBeenCalledWith(
+      'all-labels',
+      'touched-a-pdf-file'
+    );
   });
 
-  it("(with sync-labels: false) it issues no delete calls even when there are preexisting PR labels that no longer match the glob pattern", async () => {
-    let mockInput = {
-      "repo-token": "foo",
-      "configuration-path": "bar",
-      "sync-labels": false,
-    };
-
-    jest
-      .spyOn(core, "getInput")
-      .mockImplementation((name: string, ...opts) => mockInput[name]);
-
-    usingLabelerConfigYaml("only_pdfs.yml");
-    mockGitHubResponseChangedFiles("foo.txt");
+  it('(with dot: true) adds labels to PRs that match our glob patterns', async () => {
+    configureInput({dot: true});
+    usingLabelerConfigYaml('only_pdfs.yml');
+    mockGitHubResponseChangedFiles('.foo.pdf');
     getPullMock.mockResolvedValue(<any>{
       data: {
-        labels: [{ name: "touched-a-pdf-file" }],
-      },
+        labels: []
+      }
     });
 
     await run();
 
-    expect(addLabelsMock).toHaveBeenCalledTimes(0);
-    expect(removeLabelMock).toHaveBeenCalledTimes(0);
+    expect(setLabelsMock).toHaveBeenCalledTimes(1);
+    expect(setLabelsMock).toHaveBeenCalledWith({
+      owner: 'monalisa',
+      repo: 'helloworld',
+      issue_number: 123,
+      labels: ['touched-a-pdf-file']
+    });
+    expect(setOutputSpy).toHaveBeenCalledWith(
+      'new-labels',
+      'touched-a-pdf-file'
+    );
+    expect(setOutputSpy).toHaveBeenCalledWith(
+      'all-labels',
+      'touched-a-pdf-file'
+    );
+  });
+
+  it('(with dot: false) does not add labels to PRs that do not match our glob patterns', async () => {
+    configureInput({});
+    usingLabelerConfigYaml('only_pdfs.yml');
+    mockGitHubResponseChangedFiles('.foo.pdf');
+    getPullMock.mockResolvedValue(<any>{
+      data: {
+        labels: []
+      }
+    });
+
+    await run();
+
+    expect(setLabelsMock).toHaveBeenCalledTimes(0);
+    expect(setOutputSpy).toHaveBeenCalledWith('new-labels', '');
+    expect(setOutputSpy).toHaveBeenCalledWith('all-labels', '');
+  });
+
+  it('(with dot: true) does not add labels to PRs that do not match our glob patterns', async () => {
+    configureInput({dot: true});
+    usingLabelerConfigYaml('only_pdfs.yml');
+    mockGitHubResponseChangedFiles('foo.txt');
+
+    await run();
+
+    expect(setLabelsMock).toHaveBeenCalledTimes(0);
+  });
+
+  it('(with sync-labels: true) it deletes preexisting PR labels that no longer match the glob pattern', async () => {
+    configureInput({
+      'repo-token': 'foo',
+      'configuration-path': 'bar',
+      'sync-labels': true
+    });
+
+    usingLabelerConfigYaml('only_pdfs.yml');
+    mockGitHubResponseChangedFiles('foo.txt');
+    getPullMock.mockResolvedValue(<any>{
+      data: {
+        labels: [{name: 'touched-a-pdf-file'}, {name: 'manually-added'}]
+      }
+    });
+
+    await run();
+
+    expect(setLabelsMock).toHaveBeenCalledTimes(1);
+    expect(setLabelsMock).toHaveBeenCalledWith({
+      owner: 'monalisa',
+      repo: 'helloworld',
+      issue_number: 123,
+      labels: ['manually-added']
+    });
+    expect(setOutputSpy).toHaveBeenCalledWith('new-labels', '');
+    expect(setOutputSpy).toHaveBeenCalledWith('all-labels', 'manually-added');
+  });
+
+  it('(with sync-labels: false) it issues no delete calls even when there are preexisting PR labels that no longer match the glob pattern', async () => {
+    configureInput({
+      'repo-token': 'foo',
+      'configuration-path': 'bar',
+      'sync-labels': false
+    });
+
+    usingLabelerConfigYaml('only_pdfs.yml');
+    mockGitHubResponseChangedFiles('foo.txt');
+    getPullMock.mockResolvedValue(<any>{
+      data: {
+        labels: [{name: 'touched-a-pdf-file'}, {name: 'manually-added'}]
+      }
+    });
+
+    await run();
+
+    expect(setLabelsMock).toHaveBeenCalledTimes(0);
+    expect(setOutputSpy).toHaveBeenCalledWith('new-labels', '');
+    expect(setOutputSpy).toHaveBeenCalledWith(
+      'all-labels',
+      'touched-a-pdf-file,manually-added'
+    );
+  });
+
+  it('(with sync-labels: false) it only logs the excess labels', async () => {
+    configureInput({
+      'repo-token': 'foo',
+      'configuration-path': 'bar',
+      'sync-labels': false
+    });
+
+    usingLabelerConfigYaml('only_pdfs.yml');
+    mockGitHubResponseChangedFiles('foo.pdf');
+
+    const existingLabels = Array.from({length: 100}).map((_, idx) => ({
+      name: `existing-label-${idx}`
+    }));
+    getPullMock.mockResolvedValue(<any>{
+      data: {
+        labels: existingLabels
+      }
+    });
+
+    await run();
+
+    expect(setLabelsMock).toHaveBeenCalledTimes(0);
+
+    expect(coreWarningMock).toHaveBeenCalledTimes(1);
+    expect(coreWarningMock).toHaveBeenCalledWith(
+      'Maximum of 100 labels allowed. Excess labels: touched-a-pdf-file',
+      {title: 'Label limit for a PR exceeded'}
+    );
+    const allLabels: string = existingLabels.map(i => i.name).join(',');
+    expect(setOutputSpy).toHaveBeenCalledWith('new-labels', '');
+    expect(setOutputSpy).toHaveBeenCalledWith('all-labels', allLabels);
   });
 });
 
 function usingLabelerConfigYaml(fixtureName: keyof typeof yamlFixtures): void {
   reposMock.mockResolvedValue(<any>{
-    data: { content: yamlFixtures[fixtureName], encoding: "utf8" },
+    data: {content: yamlFixtures[fixtureName], encoding: 'utf8'}
   });
 }
 
 function mockGitHubResponseChangedFiles(...files: string[]): void {
-  const returnValue = files.map((f) => ({ filename: f }));
+  const returnValue = files.map(f => ({filename: f}));
   paginateMock.mockReturnValue(<any>returnValue);
 }

action.yml

@@ -3,7 +3,9 @@ description: 'Automatically label new pull requests based on the paths of files
 author: 'GitHub'
 inputs:
   repo-token:
-    description: 'The GITHUB_TOKEN secret'
+    description: 'The GitHub token used to manage labels'
+    required: false
+    default: ${{ github.token }}
   configuration-path:
     description: 'The path for the label configurations'
     default: '.github/labeler.yml'
@@ -12,7 +14,16 @@ inputs:
     description: 'Whether or not to remove labels when matching files are reverted'
     default: false
     required: false
+  dot:
+    description: 'Whether or not to auto-include paths starting with dot (e.g. `.github`)'
+    default: false
+    required: false
 
+outputs:
+  new-labels:
+    description: 'A comma-separated list of all new labels'
+  all-labels:
+    description: 'A comma-separated list of all labels that the PR contains'
 runs:
   using: 'node16'
   main: 'dist/index.js'

package.json

@@ -1,12 +1,14 @@
 {
   "name": "labeler",
-  "version": "3.1.0",
+  "version": "4.1.0",
   "description": "Labels pull requests by files altered",
   "main": "lib/main.js",
   "scripts": {
     "build": "tsc && ncc build lib/main.js",
-    "format": "prettier --write \"**/*.ts\"",
-    "format-check": "prettier --check \"**/*.ts\"",
+    "format": "prettier --no-error-on-unmatched-pattern --config ./.prettierrc.js --write \"**/*.{ts,yml,yaml}\"",
+    "format-check": "prettier --no-error-on-unmatched-pattern --config ./.prettierrc.js --check \"**/*.{ts,yml,yaml}\"",
+    "lint": "eslint --config ./.eslintrc.js \"**/*.ts\"",
+    "lint:fix": "eslint --config ./.eslintrc.js \"**/*.ts\" --fix",
     "test": "jest"
   },
   "repository": {
@@ -22,20 +24,27 @@
   "author": "GitHub",
   "license": "MIT",
   "dependencies": {
-    "@actions/core": "^1.6.0",
-    "@actions/github": "^5.0.0",
+    "@actions/core": "^1.10.0",
+    "@actions/github": "^5.1.1",
+    "@octokit/plugin-retry": "^5.0.4",
     "js-yaml": "^4.1.0",
-    "minimatch": "^3.0.4"
+    "minimatch": "^7.4.3"
   },
   "devDependencies": {
-    "@types/jest": "^27.4.0",
-    "@types/node": "^16.11.7",
-    "@types/minimatch": "^3.0.5",
+    "@types/jest": "^27.4.1",
     "@types/js-yaml": "^4.0.5",
-    "@vercel/ncc": "^0.33.3",
+    "@types/minimatch": "^5.1.2",
+    "@types/node": "^16.11.7",
+    "@typescript-eslint/eslint-plugin": "^5.60.1",
+    "@typescript-eslint/parser": "^5.60.1",
+    "@vercel/ncc": "^0.36.1",
+    "eslint": "^8.43.0",
+    "eslint-config-prettier": "^8.8.0",
+    "eslint-plugin-jest": "^27.2.2",
+    "eslint-plugin-node": "^11.1.0",
     "jest": "^27.5.1",
-    "prettier": "^2.5.1",
+    "prettier": "^2.8.8",
     "ts-jest": "^27.1.3",
-    "typescript": "^4.5.5"
+    "typescript": "^4.9.5"
   }
 }

src/labeler.ts

@@ -1,7 +1,8 @@
-import * as core from "@actions/core";
-import * as github from "@actions/github";
-import * as yaml from "js-yaml";
-import { Minimatch, IMinimatch } from "minimatch";
+import * as core from '@actions/core';
+import * as github from '@actions/github';
+import * as pluginRetry from '@octokit/plugin-retry';
+import * as yaml from 'js-yaml';
+import {Minimatch} from 'minimatch';
 
 interface MatchConfig {
   all?: string[];
@@ -11,24 +12,28 @@ interface MatchConfig {
 type StringOrMatchConfig = string | MatchConfig;
 type ClientType = ReturnType<typeof github.getOctokit>;
 
+// GitHub Issues cannot have more than 100 labels
+const GITHUB_MAX_LABELS = 100;
+
 export async function run() {
   try {
-    const token = core.getInput("repo-token", { required: true });
-    const configPath = core.getInput("configuration-path", { required: true });
-    const syncLabels = !!core.getInput("sync-labels", { required: false });
+    const token = core.getInput('repo-token');
+    const configPath = core.getInput('configuration-path', {required: true});
+    const syncLabels = !!core.getInput('sync-labels');
+    const dot = core.getBooleanInput('dot');
 
     const prNumber = getPrNumber();
     if (!prNumber) {
-      console.log("Could not get pull request number from context, exiting");
+      core.info('Could not get pull request number from context, exiting');
       return;
     }
 
-    const client: ClientType = github.getOctokit(token);
+    const client: ClientType = github.getOctokit(token, {}, pluginRetry.retry);
 
-    const { data: pullRequest } = await client.rest.pulls.get({
+    const {data: pullRequest} = await client.rest.pulls.get({
       owner: github.context.repo.owner,
       repo: github.context.repo.repo,
-      pull_number: prNumber,
+      pull_number: prNumber
     });
 
     core.debug(`fetching changed files for pr #${prNumber}`);
@@ -38,23 +43,55 @@ export async function run() {
       configPath
     );
 
-    const labels: string[] = [];
-    const labelsToRemove: string[] = [];
+    const preexistingLabels = pullRequest.labels.map(l => l.name);
+    const allLabels: Set<string> = new Set<string>(preexistingLabels);
+
     for (const [label, globs] of labelGlobs.entries()) {
       core.debug(`processing ${label}`);
-      if (checkGlobs(changedFiles, globs)) {
-        labels.push(label);
-      } else if (pullRequest.labels.find((l) => l.name === label)) {
-        labelsToRemove.push(label);
+      if (checkGlobs(changedFiles, globs, dot)) {
+        allLabels.add(label);
+      } else if (syncLabels) {
+        allLabels.delete(label);
       }
     }
 
-    if (labels.length > 0) {
-      await addLabels(client, prNumber, labels);
-    }
+    const labelsToAdd = [...allLabels].slice(0, GITHUB_MAX_LABELS);
+    const excessLabels = [...allLabels].slice(GITHUB_MAX_LABELS);
 
-    if (syncLabels && labelsToRemove.length) {
-      await removeLabels(client, prNumber, labelsToRemove);
+    try {
+      let newLabels: string[] = [];
+
+      if (!isListEqual(labelsToAdd, preexistingLabels)) {
+        await setLabels(client, prNumber, labelsToAdd);
+        newLabels = labelsToAdd.filter(l => !preexistingLabels.includes(l));
+      }
+
+      core.setOutput('new-labels', newLabels.join(','));
+      core.setOutput('all-labels', labelsToAdd.join(','));
+
+      if (excessLabels.length) {
+        core.warning(
+          `Maximum of ${GITHUB_MAX_LABELS} labels allowed. Excess labels: ${excessLabels.join(
+            ', '
+          )}`,
+          {title: 'Label limit for a PR exceeded'}
+        );
+      }
+    } catch (error: any) {
+      if (
+        error.name === 'HttpError' &&
+        error.message === 'Resource not accessible by integration'
+      ) {
+        core.warning(
+          `The action requires write permission to add labels to pull requests. For more information please refer to the action documentation: https://github.com/actions/labeler#permissions`,
+          {
+            title: `${process.env['GITHUB_ACTION_REPOSITORY']} running under '${github.context.eventName}' is misconfigured`
+          }
+        );
+        core.setFailed(error.message);
+      } else {
+        throw error;
+      }
     }
   } catch (error: any) {
     core.error(error);
@@ -78,15 +115,15 @@ async function getChangedFiles(
   const listFilesOptions = client.rest.pulls.listFiles.endpoint.merge({
     owner: github.context.repo.owner,
     repo: github.context.repo.repo,
-    pull_number: prNumber,
+    pull_number: prNumber
   });
 
   const listFilesResponse = await client.paginate(listFilesOptions);
   const changedFiles = listFilesResponse.map((f: any) => f.filename);
 
-  core.debug("found changed files:");
+  core.debug('found changed files:');
   for (const file of changedFiles) {
-    core.debug("  " + file);
+    core.debug('  ' + file);
   }
 
   return changedFiles;
@@ -116,7 +153,7 @@ async function fetchContent(
     owner: github.context.repo.owner,
     repo: github.context.repo.repo,
     path: repoPath,
-    ref: github.context.sha,
+    ref: github.context.sha
   });
 
   return Buffer.from(response.data.content, response.data.encoding).toString();
@@ -127,7 +164,7 @@ function getLabelGlobMapFromObject(
 ): Map<string, StringOrMatchConfig[]> {
   const labelGlobs: Map<string, StringOrMatchConfig[]> = new Map();
   for (const label in configObject) {
-    if (typeof configObject[label] === "string") {
+    if (typeof configObject[label] === 'string') {
       labelGlobs.set(label, [configObject[label]]);
     } else if (configObject[label] instanceof Array) {
       labelGlobs.set(label, configObject[label]);
@@ -142,34 +179,35 @@ function getLabelGlobMapFromObject(
 }
 
 function toMatchConfig(config: StringOrMatchConfig): MatchConfig {
-  if (typeof config === "string") {
+  if (typeof config === 'string') {
     return {
-      any: [config],
+      any: [config]
     };
   }
 
   return config;
 }
 
-function printPattern(matcher: IMinimatch): string {
-  return (matcher.negate ? "!" : "") + matcher.pattern;
+function printPattern(matcher: Minimatch): string {
+  return (matcher.negate ? '!' : '') + matcher.pattern;
 }
 
 export function checkGlobs(
   changedFiles: string[],
-  globs: StringOrMatchConfig[]
+  globs: StringOrMatchConfig[],
+  dot: boolean
 ): boolean {
   for (const glob of globs) {
     core.debug(` checking pattern ${JSON.stringify(glob)}`);
     const matchConfig = toMatchConfig(glob);
-    if (checkMatch(changedFiles, matchConfig)) {
+    if (checkMatch(changedFiles, matchConfig, dot)) {
       return true;
     }
   }
   return false;
 }
 
-function isMatch(changedFile: string, matchers: IMinimatch[]): boolean {
+function isMatch(changedFile: string, matchers: Minimatch[]): boolean {
   core.debug(`    matching patterns against file ${changedFile}`);
   for (const matcher of matchers) {
     core.debug(`   - ${printPattern(matcher)}`);
@@ -184,8 +222,12 @@ function isMatch(changedFile: string, matchers: IMinimatch[]): boolean {
 }
 
 // equivalent to "Array.some()" but expanded for debugging and clarity
-function checkAny(changedFiles: string[], globs: string[]): boolean {
-  const matchers = globs.map((g) => new Minimatch(g));
+function checkAny(
+  changedFiles: string[],
+  globs: string[],
+  dot: boolean
+): boolean {
+  const matchers = globs.map(g => new Minimatch(g, {dot}));
   core.debug(`  checking "any" patterns`);
   for (const changedFile of changedFiles) {
     if (isMatch(changedFile, matchers)) {
@@ -199,8 +241,12 @@ function checkAny(changedFiles: string[], globs: string[]): boolean {
 }
 
 // equivalent to "Array.every()" but expanded for debugging and clarity
-function checkAll(changedFiles: string[], globs: string[]): boolean {
-  const matchers = globs.map((g) => new Minimatch(g));
+function checkAll(
+  changedFiles: string[],
+  globs: string[],
+  dot: boolean
+): boolean {
+  const matchers = globs.map(g => new Minimatch(g, {dot}));
   core.debug(` checking "all" patterns`);
   for (const changedFile of changedFiles) {
     if (!isMatch(changedFile, matchers)) {
@@ -213,15 +259,19 @@ function checkAll(changedFiles: string[], globs: string[]): boolean {
   return true;
 }
 
-function checkMatch(changedFiles: string[], matchConfig: MatchConfig): boolean {
+function checkMatch(
+  changedFiles: string[],
+  matchConfig: MatchConfig,
+  dot: boolean
+): boolean {
   if (matchConfig.all !== undefined) {
-    if (!checkAll(changedFiles, matchConfig.all)) {
+    if (!checkAll(changedFiles, matchConfig.all, dot)) {
       return false;
     }
   }
 
   if (matchConfig.any !== undefined) {
-    if (!checkAny(changedFiles, matchConfig.any)) {
+    if (!checkAny(changedFiles, matchConfig.any, dot)) {
       return false;
     }
   }
@@ -229,32 +279,19 @@ function checkMatch(changedFiles: string[], matchConfig: MatchConfig): boolean {
   return true;
 }
 
-async function addLabels(
+function isListEqual(listA: string[], listB: string[]): boolean {
+  return listA.length === listB.length && listA.every(el => listB.includes(el));
+}
+
+async function setLabels(
   client: ClientType,
   prNumber: number,
   labels: string[]
 ) {
-  await client.rest.issues.addLabels({
+  await client.rest.issues.setLabels({
     owner: github.context.repo.owner,
     repo: github.context.repo.repo,
     issue_number: prNumber,
-    labels: labels,
+    labels: labels
   });
 }
-
-async function removeLabels(
-  client: ClientType,
-  prNumber: number,
-  labels: string[]
-) {
-  await Promise.all(
-    labels.map((label) =>
-      client.rest.issues.removeLabel({
-        owner: github.context.repo.owner,
-        repo: github.context.repo.repo,
-        issue_number: prNumber,
-        name: label,
-      })
-    )
-  );
-}

src/main.ts

@@ -1,3 +1,3 @@
-import { run } from "./labeler";
+import {run} from './labeler';
 
 run();