Fix GitHub API not providing details for existing PRs in private repos #4064
+68
−2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
obnyis
commented
Jul 18, 2025
| }) | ||
| let existingPullNumber: number | undefined = undefined | ||
| if (pulls?.length === 0 || pulls === null || pulls === undefined) { | ||
| core.error( |
Contributor
Author
There was a problem hiding this comment.
I used error here just so I could find it easier during testing, but should I change this to info or warning instead?
Owner
|
Interesting. Thank you for looking into this. First of all, please confirm what version of this action you are using.
This is not happening on private repos on Please provide as much detail as you can about your testing setup. |
Contributor
Author
|
Using the latest version of the action with This is on GitHub-hosted cloud enterprise. I tested the API using curl commands directly, on a new repo that only had 2 pull requests (one closed and one open) Starting from a query without any parameters, I was able to confirm that a single element was in the response array, and the value in Then tried only adding the |
Owner
|
@obnyis I now understand why this happens. It's a bug that affects the list endpoint when called on forks with the same owner as the repository parent. This has occurred since the ability to fork a repository to the same organization as its parent was added. I can see that there is already an internal issue tracking this bug. I'm now going to see if I can reproduce it in my test suite so I have a way to track this behaviour. |
Contributor
Author
|
@peter-evans Thanks for looking into that, and confirming the bug is on forks only. I've changed my own tests and workflows to prevent the action running on forks, and confirmed that it works correctly when running on the source repo. I'll leave it up to you for when you want to close this PR, or if you want me to keep it open and refactor any part of it. |
peter-evans
added a commit
that referenced
this pull request
Dec 5, 2025
* fix: GitHub API not providing details for existing PRs in private repos (#4064) * fix: extract fallback into func getPullNumber --------- Co-authored-by: Noah Miller <[email protected]>
Owner
|
Thank you! I managed to reproduce the issue in my test suite and released your fix in |
JeanBarriere
pushed a commit
to sede-open/create-pull-request-v7
that referenced
this pull request
Dec 8, 2025
…ans#4245) * fix: GitHub API not providing details for existing PRs in private repos (peter-evans#4064) * fix: extract fallback into func getPullNumber --------- Co-authored-by: Noah Miller <[email protected]>
mergify bot
added a commit
to robfrank/linklift
that referenced
this pull request
Dec 14, 2025
Bumps the github-actions group with 9 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.0` | `6.0.1` | | [actions/setup-java](https://github.com/actions/setup-java) | `5.0.0` | `5.1.0` | | [graalvm/setup-graalvm](https://github.com/graalvm/setup-graalvm) | `1.4.3` | `1.4.4` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.4.2` | `2.5.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.31.5` | `4.31.7` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `7.0.9` | `7.0.11` | | [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.268.0` | `1.269.0` | | [updatecli/updatecli-action](https://github.com/updatecli/updatecli-action) | `2.96.0` | `2.97.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `6.0.0` | `6.1.0` | Updates `actions/checkout` from 6.0.0 to 6.0.1 Release notes *Sourced from [actions/checkout's releases](https://github.com/actions/checkout/releases).* > v6.0.1 > ------ > > What's Changed > -------------- > > * Update all references from v5 and v4 to v6 by [`@ericsciple`](https://github.com/ericsciple) in [actions/checkout#2314](https://redirect.github.com/actions/checkout/pull/2314) > * Add worktree support for persist-credentials includeIf by [`@ericsciple`](https://github.com/ericsciple) in [actions/checkout#2327](https://redirect.github.com/actions/checkout/pull/2327) > * Clarify v6 README by [`@ericsciple`](https://github.com/ericsciple) in [actions/checkout#2328](https://redirect.github.com/actions/checkout/pull/2328) > > **Full Changelog**: <actions/checkout@v6...v6.0.1> Commits * [`8e8c483`](actions/checkout@8e8c483) Clarify v6 README ([#2328](https://redirect.github.com/actions/checkout/issues/2328)) * [`033fa0d`](actions/checkout@033fa0d) Add worktree support for persist-credentials includeIf ([#2327](https://redirect.github.com/actions/checkout/issues/2327)) * [`c2d88d3`](actions/checkout@c2d88d3) Update all references from v5 and v4 to v6 ([#2314](https://redirect.github.com/actions/checkout/issues/2314)) * See full diff in [compare view](actions/checkout@1af3b93...8e8c483) Updates `actions/setup-java` from 5.0.0 to 5.1.0 Release notes *Sourced from [actions/setup-java's releases](https://github.com/actions/setup-java/releases).* > v5.1.0 > ------ > > What's Changed > -------------- > > ### New Features > > * Add support for `.sdkmanrc` file in `java-version-file` parameter by [`@guicamest`](https://github.com/guicamest) in [actions/setup-java#736](https://redirect.github.com/actions/setup-java/pull/736) > * Add support for Microsoft OpenJDK 25 builds by [`@the-mod`](https://github.com/the-mod) in [actions/setup-java#927](https://redirect.github.com/actions/setup-java/pull/927) > > ### Bug Fixes & Improvements > > * Update Regex to Support All ASDF Versions for the supported distributions in tool-versions File by [`@aparnajyothi-y`](https://github.com/aparnajyothi-y) in [actions/setup-java#767](https://redirect.github.com/actions/setup-java/pull/767) > * Enhance error logging for network failures to include endpoint/IP details, add retry mechanism and update workflows to use macos-15-intel by [`@priya-kinthali`](https://github.com/priya-kinthali) in [actions/setup-java#946](https://redirect.github.com/actions/setup-java/pull/946) > * Update SapMachine URLs by [`@RealCLanger`](https://github.com/RealCLanger) in [actions/setup-java#955](https://redirect.github.com/actions/setup-java/pull/955) > * Add GitHub Token Support for GraalVM and Refactor Code by [`@mahabaleshwars`](https://github.com/mahabaleshwars) in [actions/setup-java#849](https://redirect.github.com/actions/setup-java/pull/849) > > ### Documentation changes > > * Update documentation to use checkout and Java v5 by [`@lmvysakh`](https://github.com/lmvysakh) in [actions/setup-java#903](https://redirect.github.com/actions/setup-java/pull/903) > * Clarify JAVA\_HOME and PATH setup in README by [`@chiranjib-swain`](https://github.com/chiranjib-swain) in [actions/setup-java#841](https://redirect.github.com/actions/setup-java/pull/841) > > ### Dependency updates > > * Upgrade prettier from 2.8.8 to 3.6.2 and document breaking changes in v5 by [`@dependabot`](https://github.com/dependabot) in [actions/setup-java#873](https://redirect.github.com/actions/setup-java/pull/873) > * Upgrade actions/publish-action from 0.3.0 to 0.4.0 by [`@dependabot`](https://github.com/dependabot) in [actions/setup-java#912](https://redirect.github.com/actions/setup-java/pull/912) > > New Contributors > ---------------- > > * [`@lmvysakh`](https://github.com/lmvysakh) made their first contribution in [actions/setup-java#903](https://redirect.github.com/actions/setup-java/pull/903) > * [`@chiranjib-swain`](https://github.com/chiranjib-swain) made their first contribution in [actions/setup-java#841](https://redirect.github.com/actions/setup-java/pull/841) > * [`@the-mod`](https://github.com/the-mod) made their first contribution in [actions/setup-java#927](https://redirect.github.com/actions/setup-java/pull/927) > * [`@priya-kinthali`](https://github.com/priya-kinthali) made their first contribution in [actions/setup-java#946](https://redirect.github.com/actions/setup-java/pull/946) > * [`@guicamest`](https://github.com/guicamest) made their first contribution in [actions/setup-java#736](https://redirect.github.com/actions/setup-java/pull/736) > > **Full Changelog**: <actions/setup-java@v5...v5.1.0> Commits * [`f2beeb2`](actions/setup-java@f2beeb2) Bump actions/publish-action from 0.3.0 to 0.4.0 ([#912](https://redirect.github.com/actions/setup-java/issues/912)) * [`4e7e684`](actions/setup-java@4e7e684) feat: Add support for `.sdkmanrc` file in `java-version-file` parameter ([#736](https://redirect.github.com/actions/setup-java/issues/736)) * [`46c56d6`](actions/setup-java@46c56d6) Add GitHub Token Support for GraalVM and Refactor Code ([#849](https://redirect.github.com/actions/setup-java/issues/849)) * [`66b9457`](actions/setup-java@66b9457) Update SapMachine URLs ([#955](https://redirect.github.com/actions/setup-java/issues/955)) * [`6ba5449`](actions/setup-java@6ba5449) Enhance error logging for network failures to include endpoint/IP details, ad... * [`de5a937`](actions/setup-java@de5a937) adds microsoft openjdk25 builds ([#927](https://redirect.github.com/actions/setup-java/issues/927)) * [`ead9eaa`](actions/setup-java@ead9eaa) Update Regex to Support All ASDF Versions for the supported distributions in ... * [`8c57fa3`](actions/setup-java@8c57fa3) Clarify JAVA\_HOME and PATH setup in README ([#841](https://redirect.github.com/actions/setup-java/issues/841)) * [`a7ab372`](actions/setup-java@a7ab372) Bump prettier from 2.8.8 to 3.6.2 ([#873](https://redirect.github.com/actions/setup-java/issues/873)) * [`d0351b4`](actions/setup-java@d0351b4) Update documentation to use checkout and Java v5 ([#903](https://redirect.github.com/actions/setup-java/issues/903)) * See full diff in [compare view](actions/setup-java@dded088...f2beeb2) Updates `graalvm/setup-graalvm` from 1.4.3 to 1.4.4 Release notes *Sourced from [graalvm/setup-graalvm's releases](https://github.com/graalvm/setup-graalvm/releases).* > v1.4.4 > ------ > > What's Changed > -------------- > > * Bump actions/checkout from 5.0.0 to 6.0.0 in the github-actions-updates group by [`@dependabot`](https://github.com/dependabot)[bot] in [graalvm/setup-graalvm#198](https://redirect.github.com/graalvm/setup-graalvm/pull/198) > * Bump the npm-updates group with 10 updates by [`@dependabot`](https://github.com/dependabot)[bot] in [graalvm/setup-graalvm#197](https://redirect.github.com/graalvm/setup-graalvm/pull/197) > > **Full Changelog**: <graalvm/setup-graalvm@v1.4.3...v1.4.4> Commits * [`790e289`](graalvm/setup-graalvm@790e289) Bump version to `1.4.4`. * [`434a92b`](graalvm/setup-graalvm@434a92b) Update dist files. * [`fe4a6b3`](graalvm/setup-graalvm@fe4a6b3) Update dependencies * [`d8578a7`](graalvm/setup-graalvm@d8578a7) Bump the npm-updates group with 10 updates * [`98e485c`](graalvm/setup-graalvm@98e485c) Bump actions/checkout in the github-actions-updates group * See full diff in [compare view](graalvm/setup-graalvm@dec5790...790e289) Updates `softprops/action-gh-release` from 2.4.2 to 2.5.0 Release notes *Sourced from [softprops/action-gh-release's releases](https://github.com/softprops/action-gh-release/releases).* > v2.5.0 > ------ > > What's Changed > -------------- > > ### Exciting New Features 🎉 > > * feat: mark release as draft until all artifacts are uploaded by [`@dumbmoron`](https://github.com/dumbmoron) in [softprops/action-gh-release#692](https://redirect.github.com/softprops/action-gh-release/pull/692) > > ### Other Changes 🔄 > > * chore(deps): bump the npm group across 1 directory with 5 updates by [`@dependabot`](https://github.com/dependabot)[bot] in [softprops/action-gh-release#697](https://redirect.github.com/softprops/action-gh-release/pull/697) > * chore(deps): bump actions/checkout from 5.0.0 to 5.0.1 in the github-actions group by [`@dependabot`](https://github.com/dependabot)[bot] in [softprops/action-gh-release#689](https://redirect.github.com/softprops/action-gh-release/pull/689) > > New Contributors > ---------------- > > * [`@dumbmoron`](https://github.com/dumbmoron) made their first contribution in [softprops/action-gh-release#692](https://redirect.github.com/softprops/action-gh-release/pull/692) > > **Full Changelog**: <softprops/action-gh-release@v2.4.2...v2.5.0> Changelog *Sourced from [softprops/action-gh-release's changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md).* > 2.5.0 > ----- > > What's Changed > -------------- > > ### Exciting New Features 🎉 > > * feat: mark release as draft until all artifacts are uploaded by [`@dumbmoron`](https://github.com/dumbmoron) in [softprops/action-gh-release#692](https://redirect.github.com/softprops/action-gh-release/pull/692) > > ### Other Changes 🔄 > > * dependency updates > > 2.4.2 > ----- > > What's Changed > -------------- > > ### Exciting New Features 🎉 > > * feat: Ensure generated release notes cannot be over 125000 characters by [`@BeryJu`](https://github.com/BeryJu) in [softprops/action-gh-release#684](https://redirect.github.com/softprops/action-gh-release/pull/684) > > ### Other Changes 🔄 > > * dependency updates > > 2.4.1 > ----- > > What's Changed > -------------- > > ### Other Changes 🔄 > > * fix(util): support brace expansion globs containing commas in parseInputFiles by [`@Copilot`](https://github.com/Copilot) in [softprops/action-gh-release#672](https://redirect.github.com/softprops/action-gh-release/pull/672) > * fix: gracefully fallback to body when body\_path cannot be read by [`@Copilot`](https://github.com/Copilot) in [softprops/action-gh-release#671](https://redirect.github.com/softprops/action-gh-release/pull/671) > > 2.4.0 > ----- > > What's Changed > -------------- > > ### Exciting New Features 🎉 > > * feat(action): respect working\_directory for files globs by [`@stephenway`](https://github.com/stephenway) in [softprops/action-gh-release#667](https://redirect.github.com/softprops/action-gh-release/pull/667) > > 2.3.4 > ----- > > What's Changed > -------------- > > ### Bug fixes 🐛 > > * fix(action): handle 422 already\_exists race condition by [`@stephenway`](https://github.com/stephenway) in [softprops/action-gh-release#665](https://redirect.github.com/softprops/action-gh-release/pull/665) > > ### Other Changes 🔄 ... (truncated) Commits * [`a06a81a`](softprops/action-gh-release@a06a81a) release 2.5.0 * [`7da8983`](softprops/action-gh-release@7da8983) feat: mark release as draft until all artifacts are uploaded ([#692](https://redirect.github.com/softprops/action-gh-release/issues/692)) * [`8797328`](softprops/action-gh-release@8797328) chore(deps): bump actions/checkout in the github-actions group ([#689](https://redirect.github.com/softprops/action-gh-release/issues/689)) * [`1bfc62a`](softprops/action-gh-release@1bfc62a) chore(deps): bump the npm group across 1 directory with 5 updates ([#697](https://redirect.github.com/softprops/action-gh-release/issues/697)) * See full diff in [compare view](softprops/action-gh-release@5be0e66...a06a81a) Updates `github/codeql-action` from 4.31.5 to 4.31.7 Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v4.31.7 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v4.31.7/CHANGELOG.md) for more information. > > v4.31.6 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 4.31.6 - 01 Dec 2025 > -------------------- > > No user facing changes. > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v4.31.6/CHANGELOG.md) for more information. Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 4.31.7 - 05 Dec 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.7. [#3343](https://redirect.github.com/github/codeql-action/pull/3343) > > 4.31.6 - 01 Dec 2025 > -------------------- > > No user facing changes. > > 4.31.5 - 24 Nov 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.6. [#3321](https://redirect.github.com/github/codeql-action/pull/3321) > > 4.31.4 - 18 Nov 2025 > -------------------- > > No user facing changes. > > 4.31.3 - 13 Nov 2025 > -------------------- > > * CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see [Upcoming deprecation of CodeQL Action v3](https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/). > * Update default CodeQL bundle version to 2.23.5. [#3288](https://redirect.github.com/github/codeql-action/pull/3288) > > 4.31.2 - 30 Oct 2025 > -------------------- > > No user facing changes. > > 4.31.1 - 30 Oct 2025 > -------------------- > > * The `add-snippets` input has been removed from the `analyze` action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced. > > 4.31.0 - 24 Oct 2025 > -------------------- > > * Bump minimum CodeQL bundle version to 2.17.6. [#3223](https://redirect.github.com/github/codeql-action/pull/3223) > * When SARIF files are uploaded by the `analyze` or `upload-sarif` actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the `upload-sarif` action. For `analyze`, this may affect Advanced Setup for CodeQL users who specify a value other than `always` for the `upload` input. [#3222](https://redirect.github.com/github/codeql-action/pull/3222) > > 4.30.9 - 17 Oct 2025 > -------------------- > > * Update default CodeQL bundle version to 2.23.3. [#3205](https://redirect.github.com/github/codeql-action/pull/3205) > * Experimental: A new `setup-codeql` action has been added which is similar to `init`, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. [#3204](https://redirect.github.com/github/codeql-action/pull/3204) > > 4.30.8 - 10 Oct 2025 > -------------------- > > No user facing changes. ... (truncated) Commits * [`cf1bb45`](github/codeql-action@cf1bb45) Merge pull request [#3344](https://redirect.github.com/github/codeql-action/issues/3344) from github/update-v4.31.7-f5c63fadd * [`f4ebe95`](github/codeql-action@f4ebe95) Update changelog for v4.31.7 * [`f5c63fa`](github/codeql-action@f5c63fa) Merge pull request [#3343](https://redirect.github.com/github/codeql-action/issues/3343) from github/update-bundle/codeql-bundle-v2.23.7 * [`a2c01e7`](github/codeql-action@a2c01e7) Add changelog note * [`ac34c13`](github/codeql-action@ac34c13) Update default bundle to codeql-bundle-v2.23.7 * [`267c467`](github/codeql-action@267c467) Merge pull request [#3339](https://redirect.github.com/github/codeql-action/issues/3339) from github/dependabot/npm\_and\_yarn/npm-minor-77d264... * [`aeabef7`](github/codeql-action@aeabef7) Merge branch 'main' into dependabot/npm\_and\_yarn/npm-minor-77d26487b0 * [`78357d3`](github/codeql-action@78357d3) Merge pull request [#3341](https://redirect.github.com/github/codeql-action/issues/3341) from github/mbg/ci/update-cs-config-cli-tests * [`d61a6fa`](github/codeql-action@d61a6fa) Update CLI config test to account for overlay db changes on PRs * [`ce27e95`](github/codeql-action@ce27e95) Rebuild * Additional commits viewable in [compare view](github/codeql-action@fdbfb4d...cf1bb45) Updates `peter-evans/create-pull-request` from 7.0.9 to 7.0.11 Release notes *Sourced from [peter-evans/create-pull-request's releases](https://github.com/peter-evans/create-pull-request/releases).* > Create Pull Request v7.0.11 > --------------------------- > > What's Changed > -------------- > > * fix: restrict remote prune to self-hosted runners by [`@peter-evans`](https://github.com/peter-evans) in [peter-evans/create-pull-request#4250](https://redirect.github.com/peter-evans/create-pull-request/pull/4250) > > **Full Changelog**: <peter-evans/create-pull-request@v7.0.10...v7.0.11> > > Create Pull Request v7.0.10 > --------------------------- > > ⚙️ Fixes an issue where updating a pull request failed when targeting a forked repository with the same owner as its parent. > > What's Changed > -------------- > > * build(deps): bump the github-actions group with 2 updates by [`@dependabot`](https://github.com/dependabot)[bot] in [peter-evans/create-pull-request#4235](https://redirect.github.com/peter-evans/create-pull-request/pull/4235) > * build(deps-dev): bump prettier from 3.6.2 to 3.7.3 in the npm group by [`@dependabot`](https://github.com/dependabot)[bot] in [peter-evans/create-pull-request#4240](https://redirect.github.com/peter-evans/create-pull-request/pull/4240) > * fix: provider list pulls fallback for multi fork same owner by [`@peter-evans`](https://github.com/peter-evans) in [peter-evans/create-pull-request#4245](https://redirect.github.com/peter-evans/create-pull-request/pull/4245) > > New Contributors > ---------------- > > * [`@obnyis`](https://github.com/obnyis) made their first contribution in [peter-evans/create-pull-request#4064](https://redirect.github.com/peter-evans/create-pull-request/pull/4064) > > **Full Changelog**: <peter-evans/create-pull-request@v7.0.9...v7.0.10> Commits * [`22a9089`](peter-evans/create-pull-request@22a9089) fix: restrict remote prune to self-hosted runners ([#4250](https://redirect.github.com/peter-evans/create-pull-request/issues/4250)) * [`d4f3be6`](peter-evans/create-pull-request@d4f3be6) fix: provider list pulls fallback for multi fork same owner ([#4245](https://redirect.github.com/peter-evans/create-pull-request/issues/4245)) * [`bc8a47f`](peter-evans/create-pull-request@bc8a47f) build(deps-dev): bump prettier from 3.6.2 to 3.7.3 in the npm group ([#4240](https://redirect.github.com/peter-evans/create-pull-request/issues/4240)) * [`a67ef28`](peter-evans/create-pull-request@a67ef28) build(deps): bump the github-actions group with 2 updates ([#4235](https://redirect.github.com/peter-evans/create-pull-request/issues/4235)) * See full diff in [compare view](peter-evans/create-pull-request@84ae59a...22a9089) Updates `ruby/setup-ruby` from 1.268.0 to 1.269.0 Release notes *Sourced from [ruby/setup-ruby's releases](https://github.com/ruby/setup-ruby/releases).* > v1.269.0 > -------- > > What's Changed > -------------- > > * Account for Bundler 4 by [`@eregon`](https://github.com/eregon) in [ruby/setup-ruby#832](https://redirect.github.com/ruby/setup-ruby/pull/832) > > **Full Changelog**: <ruby/setup-ruby@v1.268.0...v1.269.0> Commits * [`d697be2`](ruby/setup-ruby@d697be2) Account for Bundler 4 * See full diff in [compare view](ruby/setup-ruby@8aeb6ff...d697be2) Updates `updatecli/updatecli-action` from 2.96.0 to 2.97.0 Release notes *Sourced from [updatecli/updatecli-action's releases](https://github.com/updatecli/updatecli-action/releases).* > v2.97.0 🌈 > --------- > > Changes > ------- > > * deps: update updatecli version to v0.111.0 @[updateclibot[bot]](https://github.com/apps/updateclibot) ([#986](https://redirect.github.com/updatecli/updatecli-action/issues/986)) > * deps(updatecli/policies): bump all policies @[updateclibot[bot]](https://github.com/apps/updateclibot) ([#985](https://redirect.github.com/updatecli/updatecli-action/issues/985)) > > 🧰 Maintenance > ------------- > > * deps: bump Updatecli GH action to v2.96.0 @[updateclibot[bot]](https://github.com/apps/updateclibot) ([#982](https://redirect.github.com/updatecli/updatecli-action/issues/982)) > > Contributors > ------------ > > [`@updateclibot`](https://github.com/updateclibot)[bot] and [updateclibot[bot]](https://github.com/apps/updateclibot) Commits * [`9a21b69`](updatecli/updatecli-action@9a21b69) deps: update updatecli version to v0.111.0 ([#986](https://redirect.github.com/updatecli/updatecli-action/issues/986)) * [`afc5668`](updatecli/updatecli-action@afc5668) deps(updatecli/policies): bump all policies ([#985](https://redirect.github.com/updatecli/updatecli-action/issues/985)) * [`613ad53`](updatecli/updatecli-action@613ad53) deps: bump Updatecli GH action to v2.96.0 ([#982](https://redirect.github.com/updatecli/updatecli-action/issues/982)) * See full diff in [compare view](updatecli/updatecli-action@5ca3636...9a21b69) Updates `actions/setup-node` from 6.0.0 to 6.1.0 Release notes *Sourced from [actions/setup-node's releases](https://github.com/actions/setup-node/releases).* > v6.1.0 > ------ > > What's Changed > -------------- > > ### Enhancement: > > * Remove always-auth configuration handling by [`@priyagupta108`](https://github.com/priyagupta108) in [actions/setup-node#1436](https://redirect.github.com/actions/setup-node/pull/1436) > > ### Dependency updates: > > * Upgrade `@actions/cache` from 4.0.3 to 4.1.0 by [`@dependabot`](https://github.com/dependabot)[bot] in [actions/setup-node#1384](https://redirect.github.com/actions/setup-node/pull/1384) > * Upgrade actions/checkout from 5 to 6 by [`@dependabot`](https://github.com/dependabot)[bot] in [actions/setup-node#1439](https://redirect.github.com/actions/setup-node/pull/1439) > * Upgrade js-yaml from 3.14.1 to 3.14.2 by [`@dependabot`](https://github.com/dependabot)[bot] in [actions/setup-node#1435](https://redirect.github.com/actions/setup-node/pull/1435) > > ### Documentation update: > > * Add example for restore-only cache in documentation by [`@aparnajyothi-y`](https://github.com/aparnajyothi-y) in [actions/setup-node#1419](https://redirect.github.com/actions/setup-node/pull/1419) > > **Full Changelog**: <actions/setup-node@v6...v6.1.0> Commits * [`395ad32`](actions/setup-node@395ad32) Bump js-yaml from 3.14.1 to 3.14.2 ([#1435](https://redirect.github.com/actions/setup-node/issues/1435)) * [`a4d2e2b`](actions/setup-node@a4d2e2b) Bump actions/checkout from 5 to 6 ([#1439](https://redirect.github.com/actions/setup-node/issues/1439)) * [`b9b25d4`](actions/setup-node@b9b25d4) Remove always-auth configuration handling from action ([#1436](https://redirect.github.com/actions/setup-node/issues/1436)) * [`633bb92`](actions/setup-node@633bb92) Bump `@actions/cache` from 4.0.3 to 4.1.0 ([#1384](https://redirect.github.com/actions/setup-node/issues/1384)) * [`dda4788`](actions/setup-node@dda4788) Add example for restore-only cache in documentation ([#1419](https://redirect.github.com/actions/setup-node/issues/1419)) * See full diff in [compare view](actions/setup-node@2028fbc...395ad32) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This should hopefully fix #3742 - tested on a private enterprise repo
I did some testing to discover why this was failing, and found that the "List pull requests" endpoint always returns an empty array if run against an enterprise owned repo when the
headquery is set - I asume this also applies to other private repos.