What happened

I used this action in a recent workflow and it generated a warning:

Warning: The set-output command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

What you expected to happen

No such warning

How to reproduce it

Run any GitHub Actions workflow containing this action.

Environment

Hey there.

I'm using actions-ecosystem/action-get-latest-tag@v1 in my Github Actions workflow and worked as expected.

The step aborted suddenly with no reason apparently and logs shows the following:

Is it an infrequent scenario or it should be receive a patch?

Thanks in advance.

What happened

Sometimes this gives me the wrong version. I'm not sure why. For example, see the output of this workflow. The latest tag should be 2.9.0, but this action is repeatedly giving 2.8.1 as the latest (which was also created earlier).

What you expected to happen

I expected that I would get the highest release for the repo by default.

How to reproduce it

I'm not sure

What happened

I was just executing a workflow with the action-get-latest-tag task from a tag push trigger (tag 1.4.0) as every time but it keeps failing. I didn't notice any changes to this repository so there's a good chance this is isn't a bug with the action itself (but maybe a deprecation?).

Possibly caused by CVE-2022-24765 mitigation

What you expected to happen

The action should fetch the latest tag without failing.

How to reproduce it

• Create workflow with actions-ecosystem/action-get-latest-tag@v1 actions
• Execute via push tag trigger

Environment

Workflow

name: "Deploy: Production"

on:
  push:
    tags: [ "*" ]

env:
  ENVIRONMENT: production

jobs:
  preflight:
    name: "Preflight"
    runs-on: ubuntu-latest
    outputs:
      latest_tag: ${{ steps.latest-tag.outputs.tag }}

    steps:
      - name: Checkout repository
        uses: actions/checkout@v2

      - id: latest-tag
        name: Find latest tag
        uses: actions-ecosystem/action-get-latest-tag@v1

Logs

Run actions-ecosystem/action-get-latest-tag@v1
  with:
    semver_only: false
    initial_version: v0.0.0
    with_initial_version: true
  env:
    ENVIRONMENT: production

/usr/bin/docker run
--name REDACTED_REDACTED
--label REDACTED
--workdir /github/workspace
--rm 
-e ENVIRONMENT             -e REPOSITORY_PREFIX     -e INPUT_SEMVER_ONLY  -e INPUT_INITIAL_VERSION -e INPUT_WITH_INITIAL_VERSION 
-e HOME                    -e GITHUB_JOB            -e GITHUB_REF         -e GITHUB_SHA            -e GITHUB_REPOSITORY 
-e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID         -e GITHUB_RUN_NUMBER  -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT 
-e GITHUB_ACTOR            -e GITHUB_WORKFLOW       -e GITHUB_HEAD_REF    -e GITHUB_BASE_REF       -e GITHUB_EVENT_NAME 
-e GITHUB_SERVER_URL       -e GITHUB_API_URL        -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME       -e GITHUB_REF_PROTECTED 
-e GITHUB_REF_TYPE         -e GITHUB_WORKSPACE      -e GITHUB_ACTION      -e GITHUB_EVENT_PATH     -e GITHUB_ACTION_REPOSITORY 
-e GITHUB_ACTION_REF       -e GITHUB_PATH           -e GITHUB_ENV         -e GITHUB_STEP_SUMMARY   -e RUNNER_OS 
-e RUNNER_ARCH             -e RUNNER_NAME           -e RUNNER_TOOL_CACHE  -e RUNNER_TEMP           -e RUNNER_WORKSPACE 
-e ACTIONS_RUNTIME_URL     -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL  -e GITHUB_ACTIONS=true   -e CI=true 
-v "/var/run/docker.sock":"/var/run/docker.sock" 
-v "/home/runner/work/_temp/_github_home":"/github/home" 
-v "/home/runner/work/_temp/_github_workflow":"/github/workflow" 
-v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" 
-v "/home/runner/work/REDACTED/REDACTED":"/github/workspace" REDACTED:REDACTED

fatal: unsafe repository ('/github/workspace' is owned by someone else)
To add an exception for this directory, call:

	git config --global --add safe.directory /github/workspace

What happened

Warning: The set-output command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/

What you expected to happen

Warning should not be displayed
https://github.com/actions-ecosystem/action-get-latest-tag/blob/main/entrypoint.sh last line should be corrected

How to reproduce it

Would be enough if someone will use this action on github

Environment

Does not matter

What you want to add

It's not clear how this behaves with pre-releases, so it'd be great to see a documentation update, but the best outcome would be an input for whether or not to include pre-release tags.

Why this is needed

The latest tag someone wants may or may not be a pre-release version, e.g. 0.5.0 vs 1.0.0-beta.1 - which would be returned?

Hi

Based on the documentation it seems we can use this action even in repo which doesnt yet have any tags exist.

when using it like the following:

• name: Get Latest Tag
  uses: actions-ecosystem/action-get-latest-tag@v1
  with:
  with_initial_version: true # although default
  initial_version: '1.0.0'
  id: get-latest-tag

this step failed with fatal: No names found, cannot describe anything and does not returns the initial_version as the tag...
what am i missing here?