chore(release): 1.1.1 [skip ci]

## [1.1.1](http://github.com/rlespinasse/github-slug-action/compare/1.1.0...1.1.1) (2020-10-07)

### Bug Fixes

* remove set-env due to CVE fix ([6c69465](6c69465e62))

.editorconfig

@@ -0,0 +1,11 @@
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+charset = utf-8
+indent_style = space
+indent_size = 2
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true

.github/actions/bats/Dockerfile

@@ -1,5 +1,3 @@
-FROM dduportal/bats:latest
+FROM bats/bats:latest
 
-COPY entrypoint.sh /entrypoint.sh
-
-ENTRYPOINT ["/entrypoint.sh"]
+CMD ["./tests"]

.github/actions/bats/entrypoint.sh

@@ -1,3 +0,0 @@
-#!/usr/bin/env sh
-
-/sbin/bats ./tests

.github/workflows/ci.yml

@@ -1,5 +1,5 @@
-name: ci
-on: push
+name: Build
+on: [push, pull_request]
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -7,10 +7,15 @@ jobs:
       - uses: actions/checkout@v1
       - uses: ./.github/actions/bats
       - uses: cycjimmy/semantic-release-action@v2
-        if: github.ref == 'refs/heads/master'
         with:
+          semantic_version: 17.0.7
+          branches: |
+            [
+              'v1.1.x',
+              'v2.x'
+            ]
           extra_plugins: |
-            @semantic-release/git
-            @semantic-release/changelog
+            @semantic-release/changelog@5.0.1
+            @semantic-release/git@9.0.0
         env:
           GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}

CHANGELOG.md

@@ -1,3 +1,10 @@
+## [1.1.1](http://github.com/rlespinasse/github-slug-action/compare/1.1.0...1.1.1) (2020-10-07)
+
+
+### Bug Fixes
+
+* remove set-env due to CVE fix ([6c69465](http://github.com/rlespinasse/github-slug-action/commit/6c69465e62a6430b5742c5bc0fce732f55630ee7))
+
 # [1.1.0](http://github.com/rlespinasse/github-slug-action/compare/1.0.2...1.1.0) (2019-11-11)
 
 

README.md

@@ -1,33 +1,24 @@
 # GitHub Slug action
 
+[![Actions Status](https://github.com/rlespinasse/github-slug-action/workflows/Build/badge.svg)](https://github.com/rlespinasse/github-slug-action/actions)
+
 This action slug and expose some github variables.
 
 `Slug` a variable will
 
 - put the variable content in lower case,
-- replace any caracter by `-` except `0-9` and `a-z`,
-- remove leading and trailing `-` caracter,
-- limit the string size to 63 caracters.
+- replace any character by `-` except `0-9` and `a-z`,
+- remove leading and trailing `-` character,
+- limit the string size to 63 characters.
 
 Others `Slug`-ish commands are available:
-- `Short SHA` a variable will limit the string size to 8 caracters.
 
-## Environment Variables
+- `Short SHA` a variable will limit the string size to 8 characters.
 
-| GitHub environment variable | Slug variable |
-| - | - |
-| GITHUB_REF | GITHUB_REF_SLUG |
-| GITHUB_HEAD_REF | GITHUB_HEAD_REF_SLUG |
-| GITHUB_BASE_REF | GITHUB_BASE_REF_SLUG |
-
-| GitHub environment variable | Short variable |
-| - | - |
-| GITHUB_SHA | GITHUB_SHA_SHORT |
-
-## Example usage
+## Exposed environment variables
 
 ```yaml
-- uses: rlespinasse/github-slug-action@master
+- uses: rlespinasse/github-slug-action@v1.1.x
 - name: Print slug variables
   run: |
     echo ${{ env.GITHUB_REF_SLUG }}
@@ -35,3 +26,35 @@ Others `Slug`-ish commands are available:
     echo ${{ env.GITHUB_BASE_REF_SLUG }}
     echo ${{ env.GITHUB_SHA_SHORT }}
 ```
+
+Read [default environment variables](https://help.github.com/en/actions/configuring-and-managing-workflows/using-environment-variables#default-environment-variables) page for more information.
+
+### GITHUB_REF_SLUG
+
+Slug the environment variable **GITHUB_REF**
+
+The branch or tag ref that triggered the workflow.
+_If neither a branch or tag is available for the event type, the variable will not exist._
+
+| Environment variable (GITHUB_REF) | Slug variable (GITHUB_REF_SLUG) |
+|-----------------------------------|---------------------------------|
+| refs/heads/master                 | master                          |
+| refs/heads/feat/new_feature       | feat-new-feature                |
+| refs/tags/v1.0.0                  | v1-0-0                          |
+| refs/tags/product@1.0.0-rc.2      | product-1-0-0-rc-2              |
+| refs/heads/New_Awesome_Product    | new-awesome-product             |
+
+_Additional variables (only set for forked repositories) :_
+
+- `GITHUB_HEAD_REF_SLUG` : The branch of the head repository **GITHUB_HEAD_REF**,
+- `GITHUB_BASE_REF_SLUG` : The branch of the base repository **GITHUB_BASE_REF**.
+
+### GITHUB_SHA_SHORT
+
+Short the environment variable **GITHUB_SHA**
+
+The commit SHA that triggered the workflow
+
+| Environment variable (GITHUB_SHA)        | Short variable (GITHUB_SHA_SHORT) |
+|------------------------------------------|-----------------------------------|
+| ffac537e6cbbf934b08745a378932722df287a53 | ffac537e                          |

SECURITY.md

@@ -0,0 +1,20 @@
+# Security Policy
+
+## Supported Versions
+
+| Version | Supported          |
+|---------|--------------------|
+| 1.1.x   | :white_check_mark: |
+| < 1.0.x | :x:                |
+
+## Reporting a Vulnerability
+
+You can report a Vulnerability by [my email](mailto:romain.lespinasse@gmail.com).
+
+_Vulnerability stages :_
+
+- Reported,
+- Confirmed (or declined),
+- Fixed on maintained version series.
+
+After a vulnerability fix, an GitHub issue will be created as document this vulnerability.

action.yml

@@ -1,9 +1,9 @@
 # action.yml
-name: 'GitHub Slug'
-description: 'Action to slug and expose some github variables'
+name: "GitHub Slug"
+description: "Action to slug and expose some github variables"
 runs:
-  using: 'docker'
-  image: 'Dockerfile'
+  using: "docker"
+  image: "Dockerfile"
 branding:
-  icon: 'crop'  
-  color: 'orange'
+  icon: "crop"
+  color: "orange"

entrypoint.sh

@@ -1,18 +1,20 @@
 #!/bin/sh -l
 
 slug_ref() {
-    echo "$1" \
-         | tr "[:upper:]" "[:lower:]" \
-         | sed -r 's#refs/[^\/]*/##;s/[~\^]+//g;s/[^a-zA-Z0-9]+/-/g;s/^-+\|-+$//g;s/^-*//;s/-*$//' \
-         | cut -c1-63
+  echo "$1" |
+    tr "[:upper:]" "[:lower:]" |
+    sed -r 's#refs/[^\/]*/##;s/[~\^]+//g;s/[^a-zA-Z0-9]+/-/g;s/^-+\|-+$//g;s/^-*//;s/-*$//' |
+    cut -c1-63
 }
 
-short_sha(){
-  echo "$1" \
-        | cut -c1-8
+short_sha() {
+  echo "$1" |
+    cut -c1-8
 }
 
-echo ::set-env name=GITHUB_REF_SLUG::"$(slug_ref "$GITHUB_REF")"
-echo ::set-env name=GITHUB_HEAD_REF_SLUG::"$(slug_ref "$GITHUB_HEAD_REF")"
-echo ::set-env name=GITHUB_BASE_REF_SLUG::"$(slug_ref "$GITHUB_BASE_REF")"
-echo ::set-env name=GITHUB_SHA_SHORT::"$(short_sha "$GITHUB_SHA")"
+{
+  echo "GITHUB_REF_SLUG=$(slug_ref "$GITHUB_REF")"
+  echo "GITHUB_HEAD_REF_SLUG=$(slug_ref "$GITHUB_HEAD_REF")"
+  echo "GITHUB_BASE_REF_SLUG=$(slug_ref "$GITHUB_BASE_REF")"
+  echo "GITHUB_SHA_SHORT=$(short_sha "$GITHUB_SHA")"
+} >>"$GITHUB_ENV"

package.json

@@ -1,9 +1,9 @@
 {
   "name": "github-slug-action",
-  "version": "1.0.1",
+  "version": "0.0.0",
   "license": "MIT",
   "scripts": {
-    "test": "docker run -w /workdir -v $(pwd):/workdir dduportal/bats:latest ./tests",
+    "test": "docker run -w /workdir -v $(pwd):/workdir bats/bats:latest ./tests",
     "release": "semantic-release"
   },
   "repository": {
@@ -11,9 +11,9 @@
     "url": "http://github.com/rlespinasse/github-slug-action.git"
   },
   "devDependencies": {
-    "@semantic-release/changelog": "^3.0.5",
-    "@semantic-release/git": "^7.0.18",
-    "semantic-release": "^15.13.30"
+    "@semantic-release/changelog": "5.0.1",
+    "@semantic-release/git": "9.0.0",
+    "semantic-release": "17.0.7"
   },
   "release": {
     "tagFormat": "${version}",
@@ -23,6 +23,10 @@
       "@semantic-release/changelog",
       "@semantic-release/git",
       "@semantic-release/github"
+    ],
+    "branches": [
+      "v1.1.x",
+      "v2.x"
     ]
   }
 }