{"id":13702262,"url":"https://github.com/amondnet/vercel-action","last_synced_at":"2026-04-02T17:53:00.396Z","repository":{"id":38244376,"uuid":"264434109","full_name":"amondnet/vercel-action","owner":"amondnet","description":"This action make a deployment with github actions instead of Vercel builder.","archived":false,"fork":false,"pushed_at":"2026-03-30T01:15:55.000Z","size":66233,"stargazers_count":743,"open_issues_count":78,"forks_count":112,"subscribers_count":5,"default_branch":"master","last_synced_at":"2026-03-31T17:46:58.667Z","etag":null,"topics":["github-actions","vercel","zeit-now"],"latest_commit_sha":null,"homepage":"https://vercel.com/docs/cli","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/amondnet.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null},"funding":{"github":["amondnet"],"patreon":"amond","open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2020-05-16T12:39:37.000Z","updated_at":"2026-03-29T17:47:27.000Z","dependencies_parsed_at":"2024-01-14T19:14:24.216Z","dependency_job_id":"a380009f-55ed-4506-b3f8-ab725efaeb57","html_url":"https://github.com/amondnet/vercel-action","commit_stats":{"total_commits":167,"total_committers":28,"mean_commits":5.964285714285714,"dds":0.3772455089820359,"last_synced_commit":"7749da08b793ab6912f9de328f4bb209ca8743a3"},"previous_names":[],"tags_count":27,"template":false,"template_full_name":null,"purl":"pkg:github/amondnet/vercel-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amondnet%2Fvercel-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amondnet%2Fvercel-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amondnet%2Fvercel-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amondnet%2Fvercel-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/amondnet","download_url":"https://codeload.github.com/amondnet/vercel-action/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/amondnet%2Fvercel-action/sbom","scorecard":{"id":190290,"data":{"date":"2025-08-11","repo":{"name":"github.com/amondnet/vercel-action","commit":"888da851026e0573da056b061931bcb765a915c4"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":4,"reason":"Found 12/29 approved changesets -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":5,"reason":"5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/deploy.yml:1","Warn: no topLevel permission defined: .github/workflows/example-angular.yml:1","Warn: no topLevel permission defined: .github/workflows/example-express-basic-auth.yml:1","Warn: no topLevel permission defined: .github/workflows/example-nextjs.yml:1","Warn: no topLevel permission defined: .github/workflows/example-scope.yml:1","Warn: no topLevel permission defined: .github/workflows/example-static.yml:1","Warn: no topLevel permission defined: .github/workflows/test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":4,"reason":"dependency not pinned by hash detected -- score normalized to 4","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/amondnet/vercel-action/deploy.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/example-angular.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/amondnet/vercel-action/example-angular.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/example-angular.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/amondnet/vercel-action/example-angular.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/example-express-basic-auth.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/amondnet/vercel-action/example-express-basic-auth.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/example-nextjs.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/amondnet/vercel-action/example-nextjs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/example-scope.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/amondnet/vercel-action/example-scope.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/example-static.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/amondnet/vercel-action/example-static.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/amondnet/vercel-action/test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/amondnet/vercel-action/test.yml/master?enable=pin","Info:   0 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   2 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":1,"reason":"SAST tool is not run on all commits -- score normalized to 1","details":["Warn: 2 commits out of 20 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"127 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-c75v-2vq8-878f","Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-6chw-6frg-f759","Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw","Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25","Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw","Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq","Warn: Project is vulnerable to: GHSA-3wcq-x3mq-6r9p","Warn: Project is vulnerable to: GHSA-r9p9-mrjm-926w","Warn: Project is vulnerable to: GHSA-434g-2637-qmqr","Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m","Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw","Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p","Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747","Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh","Warn: Project is vulnerable to: GHSA-q9mw-68c2-j6m5","Warn: Project is vulnerable to: GHSA-6h5x-7c5m-7cr7","Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc","Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx","Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q","Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c","Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3","Warn: Project is vulnerable to: MAL-2023-462","Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj","Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j","Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27","Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37","Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22","Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp","Warn: Project is vulnerable to: GHSA-896r-f27r-55mw","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp","Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq","Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488","Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-92xj-mqp7-vmcj","Warn: Project is vulnerable to: GHSA-wxgw-qj99-44c2","Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5","Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp","Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq","Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr","Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765","Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g","Warn: Project is vulnerable to: GHSA-jmqm-f2gx-4fjv","Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w","Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6","Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59","Warn: Project is vulnerable to: GHSA-566m-qj78-rww5","Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3","Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j","Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-h9rv-jmmf-4pgx","Warn: Project is vulnerable to: GHSA-hxcc-f52p-wc94","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p","Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6","Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj","Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj","Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9","Warn: Project is vulnerable to: GHSA-c9g6-9335-x697","Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq","Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9","Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw","Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc","Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh","Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3","Warn: Project is vulnerable to: GHSA-884p-74jh-xrg2","Warn: Project is vulnerable to: GHSA-j7fq-p9q7-5wfv","Warn: Project is vulnerable to: GHSA-9m6j-fcg5-2442","Warn: Project is vulnerable to: GHSA-hh27-ffr2-f2jc","Warn: Project is vulnerable to: GHSA-rqff-837h-mm52","Warn: Project is vulnerable to: GHSA-8v38-pw62-9cw2","Warn: Project is vulnerable to: GHSA-hgjh-723h-mx2j","Warn: Project is vulnerable to: GHSA-jf5r-8hm2-f872","Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6","Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v","Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h","Warn: Project is vulnerable to: GHSA-4fc4-chg7-h8gh","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q","Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc","Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh","Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp","Warn: Project is vulnerable to: GHSA-wm7h-9275-46v2","Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-f82v-jwr5-mffw","Warn: Project is vulnerable to: GHSA-c59h-r6p8-q9wc","Warn: Project is vulnerable to: GHSA-g77x-44xx-532m","Warn: Project is vulnerable to: GHSA-7gfc-8cq8-jh5f","Warn: Project is vulnerable to: GHSA-qpjv-v59x-3qc4","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7","Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q","Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38","Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc","Warn: Project is vulnerable to: GHSA-pwfr-8pq7-x9qv","Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw","Warn: Project is vulnerable to: GHSA-c76h-2ccp-4975","Warn: Project is vulnerable to: GHSA-cxrh-j4jr-qwg3"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T20:32:17.619Z","repository_id":38244376,"created_at":"2025-08-16T20:32:17.619Z","updated_at":"2025-08-16T20:32:17.619Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31312744,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["github-actions","vercel","zeit-now"],"created_at":"2024-08-02T21:00:32.984Z","updated_at":"2026-04-02T17:53:00.389Z","avatar_url":"https://github.com/amondnet.png","language":"TypeScript","funding_links":["https://github.com/sponsors/amondnet","https://patreon.com/amond"],"categories":["TypeScript","JavaScript"],"sub_categories":[],"readme":"# Vercel Action\n\n![deploy website preview](https://github.com/amondnet/vercel-action/workflows/deploy%20website%20preview/badge.svg)\n![test now-deployment action](https://github.com/amondnet/vercel-action/workflows/test%20now-deployment%20action/badge.svg)\n![example - static](https://github.com/amondnet/vercel-action/workflows/example%20-%20static/badge.svg)\n![example - basic auth](https://github.com/amondnet/vercel-action/workflows/example%20-%20basic%20auth/badge.svg)\n![example - angular](https://github.com/amondnet/vercel-action/workflows/example%20-%20angular/badge.svg)\n\n![stars](https://badgen.net/github/stars/amondnet/vercel-action)\n![forks](https://badgen.net/github/forks/amondnet/vercel-action)\n![HitCount](http://hits.dwyl.com/amondnet/vercel-action.svg)\n\n[![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=amondnet_vercel-action\u0026metric=sqale_rating)](https://sonarcloud.io/dashboard?id=amondnet_vercel-action)\n[![Technical Debt](https://sonarcloud.io/api/project_badges/measure?project=amondnet_vercel-action\u0026metric=sqale_index)](https://sonarcloud.io/dashboard?id=amondnet_vercel-action)\n[![Bugs](https://sonarcloud.io/api/project_badges/measure?project=amondnet_vercel-action\u0026metric=bugs)](https://sonarcloud.io/dashboard?id=amondnet_vercel-action)\n[![Code Smells](https://sonarcloud.io/api/project_badges/measure?project=amondnet_vercel-action\u0026metric=code_smells)](https://sonarcloud.io/dashboard?id=amondnet_vercel-action)\n[![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=amondnet_vercel-action\u0026metric=reliability_rating)](https://sonarcloud.io/dashboard?id=amondnet_vercel-action)\n[![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=amondnet_vercel-action\u0026metric=security_rating)](https://sonarcloud.io/dashboard?id=amondnet_vercel-action)\n\nThis action was formerly [Zeit Now Deployment](https://github.com/marketplace/actions/zeit-now-deployment). [Migration Guide](#migration-from-v2)\n![stars](https://badgen.net/github/stars/amondnet/now-deployment) ![forks](https://badgen.net/github/forks/amondnet/now-deployment)\n\n## Introduction to Vercel\nVercel is a cloud platform for **static sites** and **Serverless Functions** that fits perfectly with your workflow. It enables developers to host **Jamstack** websites and web services that **deploy instantly**, **scale automatically**, and requires **no supervision**, all with **no configuration**.\n\nThis action make a Vercel deployment with github actions.\n\n- [x] Deploy to Vercel.\n- [x] Comment on pull request.\n- [x] Comment on commit.\n- [x] [Password Protect ( Basic Auth )](https://github.com/amondnet/vercel-action#basic-auth-example)\n- [x] [Alias domain to deployment.](https://github.com/amondnet/vercel-action#alias-domains)\n- [x] [Create Deployment on GitHub.](https://github.com/amondnet/vercel-action#github-deployments)\n\n## Result\n\n![preview](./preview.png)\n\n[pull request example](https://github.com/amondnet/now-deployment/pull/2)\n\n[commit](https://github.com/amondnet/now-deployment/commit/3d926623510294463c589327f5420663b1b0b35f)\n## Inputs\n\n| Name                             |         Required         | Default | Description                                                                                       |\n|----------------------------------|:------------------------:|---------|---------------------------------------------------------------------------------------------------|\n| vercel-token                     | \u003cul\u003e\u003cli\u003e- [x] \u003c/li\u003e\u003c/ol\u003e |         | Vercel token. see https://vercel.com/account/tokens                                                                                   |\n| github-comment                   | \u003cul\u003e\u003cli\u003e- [ ] \u003c/li\u003e\u003c/ol\u003e |  true   | Its type can be either **string or boolean**. When string, it leaves PR a comment with the string. When boolean, it leaves PR a default comment(true) or does not leave a comment at all(false).                                                      |\n| github-token                     | \u003cul\u003e\u003cli\u003e- [ ] \u003c/li\u003e\u003c/ol\u003e |         | if you want to comment on pull request or commit. `${{ secrets.GITHUB_TOKEN }}` ([GitHub token docs](https://docs.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token))                                                         |\n| github-deployment                | \u003cul\u003e\u003cli\u003e- [ ] \u003c/li\u003e\u003c/ol\u003e |  false  | if you want to create a [GitHub Deployment](https://docs.github.com/en/rest/deployments/deployments), set `true`.                                                      |\n| github-deployment-environment    | \u003cul\u003e\u003cli\u003e- [ ] \u003c/li\u003e\u003c/ol\u003e |         | The environment for the GitHub deployment (e.g., `production`, `staging`, `preview`). If not specified, auto-detects: `production` when `vercel-args` contains `--prod`, otherwise `preview`. |\n| vercel-project-id                | \u003cul\u003e\u003cli\u003e- [x] \u003c/li\u003e\u003c/ol\u003e |         | ❗Vercel CLI 17+,The `name` property in vercel.json is deprecated (https://zeit.ink/5F)                  |\n| vercel-org-id                    | \u003cul\u003e\u003cli\u003e- [x] \u003c/li\u003e\u003c/ol\u003e |         | Vercel team ID (also used as `teamId` for API deployments). See [How can I use GitHub Actions with Vercel](https://vercel.com/kb/guide/how-can-i-use-github-actions-with-vercel) |\n| vercel-args                      | \u003cul\u003e\u003cli\u003e- [ ] \u003c/li\u003e\u003c/ol\u003e |         | ⚠️ **Deprecated.** Use the new API inputs below instead. When provided, falls back to CLI-based deployment. |\n| working-directory                | \u003cul\u003e\u003cli\u003e- [ ] \u003c/li\u003e\u003c/ol\u003e |         | the working directory                                                                             |\n| scope                            | \u003cul\u003e\u003cli\u003e- [ ] \u003c/li\u003e\u003c/ol\u003e |         | ⚠️ **Deprecated.** Team slug for CLI `--scope` flag. For API deployments, use `vercel-org-id` instead.\n| alias-domains                    | \u003cul\u003e\u003cli\u003e- [ ] \u003c/li\u003e\u003c/ol\u003e |         | You can assign a domain to this deployment. Please note that this domain must have been configured in the project. You can use pull request number via `{{PR_NUMBER}}` and branch via `{{BRANCH}}`.\n| vercel-project-name              | \u003cul\u003e\u003cli\u003e- [ ] \u003c/li\u003e\u003c/ol\u003e |         | The name of the project; if absent we'll use the `vercel inspect` command to determine. [#27](https://github.com/amondnet/vercel-action/issues/27) \u0026 [#28](https://github.com/amondnet/vercel-action/issues/28)\n| vercel-version                   | \u003cul\u003e\u003cli\u003e- [x] \u003c/li\u003e\u003c/ol\u003e |         | vercel-cli package version if absent we will use one declared in [package.json](https://github.com/amondnet/vercel-action/blob/master/package.json)\n\n### API Deployment Inputs (New)\n\nThese inputs use the `@vercel/client` API directly instead of the CLI. They are used when `vercel-args` is **not** provided.\n\n| Name                       | Required | Default   | Description                                                        |\n|----------------------------|:--------:|-----------|--------------------------------------------------------------------|\n| target                     |    No    | `preview` | Deployment target: `production` or `preview`                       |\n| prebuilt                   |    No    | `false`   | Deploy prebuilt output (requires `vercel build` step before)       |\n| vercel-output-dir          |    No    |           | Custom path to prebuilt output. Defaults to `{working-directory}/.vercel/output` |\n| force                      |    No    | `false`   | Force new deployment, bypassing dedupe and build cache             |\n| env                        |    No    |           | Environment variables (`KEY=VALUE` per line)                       |\n| build-env                  |    No    |           | Build-time environment variables (`KEY=VALUE` per line)            |\n| regions                    |    No    |           | Deployment regions, comma-separated (e.g. `iad1,sfo1`)            |\n| archive                    |    No    |           | Upload format: `tgz` for compressed archive                       |\n| root-directory             |    No    |           | Root directory of the project relative to the repository root      |\n| auto-assign-custom-domains |    No    | `true`    | Automatically assign custom domains to this deployment             |\n| custom-environment         |    No    |           | Custom environment slug or ID                                      |\n| public                     |    No    | `false`   | Make deployment source publicly accessible                         |\n| with-cache                 |    No    | `false`   | Retain build cache from previous deployments                       |\n\n## Outputs\n\n### `preview-url`\n\nThe url of deployment preview.\n\n### `preview-name`\n\nThe name of deployment name.\n\n### `deployment-id`\n\nThe GitHub Deployment ID. Only set when `github-deployment` is `true`. Can be used by downstream steps to reference the deployment.\n\n## How To Use\n\n### Disable Vercel for GitHub\n\n\u003e The Vercel for GitHub integration automatically deploys your GitHub projects with Vercel, providing Preview Deployment URLs, and automatic Custom Domain updates.\n\u003e See [Git Configuration](https://vercel.com/docs/project-configuration/git-configuration) for more details.\n\nWe would like to use `github actions` for build and deploy instead of `Vercel`.\n\nDisable automatic deployments by setting `git.deploymentEnabled: false` in your project configuration.\n\n#### Using `vercel.ts` (recommended)\n\nInstall `@vercel/config` and create a `vercel.ts` file:\n\n```typescript\nimport type { VercelConfig } from '@vercel/config/v1';\n\nexport const config: VercelConfig = {\n  public: false,\n  git: {\n    deploymentEnabled: false,\n  },\n};\n```\n\n#### Using `vercel.json`\n\n```json\n{\n  \"public\": false,\n  \"git\": {\n    \"deploymentEnabled\": false\n  }\n}\n```\n\n\u003e **Note:** The `github.enabled` property is deprecated. Use `git.deploymentEnabled` instead.\n\u003e See [Turning off all automatic deployments](https://vercel.com/docs/project-configuration/git-configuration#turning-off-all-automatic-deployments).\n\n### Skip vercel's build step\n\nSince we do the `build` in `github actions`, we don't need to build in `vercel`.\n\n#### Method 1 - via vercel interface\n\n- Specify \"Other\" as the framework preset, and\n- Enable the Override option for the Build Command, and\n- Leave the Build Command **empty**.\n- This will prevent the build from being attempted and serve your content as-is.\n\nSee [docs](https://vercel.com/docs/concepts/deployments/build-step#build-command) for more details\n\n#### Method 2 - via project configuration\n\nYou can override the build command in your project configuration to skip Vercel's build step.\n\n**`vercel.ts`** (recommended):\n\n```typescript\nimport type { VercelConfig } from '@vercel/config/v1';\n\nexport const config: VercelConfig = {\n  buildCommand: '',\n};\n```\n\n**`vercel.json`**:\n\n```json\n{\n  \"buildCommand\": \"\"\n}\n```\n\nSee [Build Command docs](https://vercel.com/docs/deployments/configure-a-build#build-command) and [Programmatic Configuration](https://vercel.com/docs/project-configuration/vercel-ts) for more details.\n\n#### Method 3 - Prebuilt deployments (recommended)\n\nYou can build your project locally (or in GitHub Actions) using `vercel build` and upload only the build artifacts to Vercel — without giving Vercel access to the source code. This uses the [Build Output API](https://vercel.com/docs/build-output-api/v3) specification.\n\n```yaml\nname: deploy website\non: [pull_request]\njobs:\n  deploy:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n      - name: Install Vercel CLI\n        run: npm install --global vercel@latest\n      - name: Pull Vercel Environment Information\n        run: vercel pull --yes --environment=preview --token=${{ secrets.VERCEL_TOKEN }}\n        env:\n          VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}\n          VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}\n      - name: Build Project Artifacts\n        run: vercel build --token=${{ secrets.VERCEL_TOKEN }}\n        env:\n          VERCEL_ORG_ID: ${{ secrets.VERCEL_ORG_ID }}\n          VERCEL_PROJECT_ID: ${{ secrets.VERCEL_PROJECT_ID }}\n      - uses: amondnet/vercel-action@v25\n        with:\n          vercel-token: ${{ secrets.VERCEL_TOKEN }}\n          github-token: ${{ secrets.GITHUB_TOKEN }}\n          vercel-org-id: ${{ secrets.VERCEL_ORG_ID }}\n          vercel-project-id: ${{ secrets.VERCEL_PROJECT_ID }}\n          prebuilt: true\n```\n\nSee [Vercel's official GitHub Actions example](https://github.com/vercel/examples/tree/main/ci-cd/github-actions) for more details.\n\n### Project Linking\n\nYou should link a project via [Vercel CLI](https://vercel.com/download) in locally.\n\nWhen running `vercel` in a directory for the first time, [Vercel CLI](https://vercel.com/download) needs to know which scope and Project you want to deploy your directory to. You can choose to either link an existing project or to create a new one.\n\n\u003e NOTE: Project linking requires at least version 17 of [Vercel CLI](https://vercel.com/download). If you have an earlier version, please [update](https://vercel.com/guides/updating-vercel-cli) to the latest version.\n\n```bash\nvercel\n```\n\n```bash\n? Set up and deploy “~/web/my-lovely-project”? [Y/n] y\n? Which scope do you want to deploy to? My Awesome Team\n? Link to existing project? [y/N] y\n? What’s the name of your existing project? my-lovely-project\n🔗 Linked to awesome-team/my-lovely-project (created .vercel and added it to .gitignore)\n```\n\nOnce set up, a new `.vercel` directory will be added to your directory. The `.vercel` directory contains both the organization(`vercel-org-id`) and project(`vercel-project-id`) id of your project.\n\n```json\n{ \"orgId\": \"example_org_id\", \"projectId\": \"example_project_id\" }\n```\n\nYou can save both values in the secrets setting in your repository. Read the [Official documentation](https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets) if you want further info on how secrets work on Github.\n\n### Github Actions\n\n* This is a complete `.github/workflows/deploy.yml` example.\n\nSet the `vercel-project-id` and `vercel-org-id` you found above.\n\n```yaml\nname: deploy website\non: [pull_request]\njobs:\n  deploy:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v2\n      #  your build commands\n      # - run: |\n      #    ng build --prod\n      - uses: amondnet/vercel-action@v25 # deploy\n        with:\n          vercel-token: ${{ secrets.VERCEL_TOKEN }} # Required\n          github-token: ${{ secrets.GITHUB_TOKEN }} # Optional\n          vercel-args: --prod # Optional\n          vercel-org-id: ${{ secrets.ORG_ID}} # Required\n          vercel-project-id: ${{ secrets.PROJECT_ID}} # Required\n          working-directory: ./sub-directory\n```\n\n### Angular Example\n\nSee [.github/workflows/example-angular.yml](/.github/workflows/example-angular.yml) ,\n\n### Basic Auth Example\n\nHow to add Basic Authentication to a Vercel deployment\n\nSee [.github/workflows/example-express-basic-auth.yml](.github/workflows/example-express-basic-auth.yml)\n\n[source code](https://github.com/amondnet/vercel-action/tree/master/example/express-basic-auth)\n\n| `@now/node-server` is deprecated and stopped working. Use `@vercel/node` instead. #61\n\n### Alias Domains\n\nYou can assign a domain to this deployment. Please note that this domain must have been [configured](https://vercel.com/docs/v2/custom-domains#adding-a-domain) in the project.\n\nIf you want to assign domain to branch or pr, you should add [Wildcard Domain](https://vercel.com/docs/v2/custom-domains#wildcard-domains).\n\nYou can use pull request number via `{{PR_NUMBER}}` and branch via `{{BRANCH}}`\n\n#### Example\n\nWildcard Domains : *.angular.vercel-action.amond.dev\n\n*Per Pull Request*\n\nhttps://pr-{{PR_NUMBER}}.angular.vercel-action.amond.dev\n\n- PR-1 -\u003e https://pr-1.angular.vercel-action.amond.dev\n- PR-2 -\u003e https://pr-2.angular.vercel-action.amond.dev\n\n*Per Branch*\n\nhttps://{{BRANCH}}.angular.vercel-action.amond.dev\n\n- develop -\u003e https://develop.angular.vercel-action.amond.dev\n- master -\u003e https://master.angular.vercel-action.amond.dev\n- master -\u003e https://master.angular.vercel-action.amond.dev\n\nSee [.github/workflows/example-angular.yml](/.github/workflows/example-angular.yml)\n\n```yaml\nname: deploy website\non: [pull_request]\njobs:\n  deploy:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v2\n      - uses: amondnet/vercel-action@v25\n        with:\n          vercel-token: ${{ secrets.VERCEL_TOKEN }} # Required\n          github-token: ${{ secrets.GITHUB_TOKEN }} # Optional\n          vercel-args: --prod # Optional\n          vercel-org-id: ${{ secrets.ORG_ID}} # Required\n          vercel-project-id: ${{ secrets.PROJECT_ID}} # Required\n          working-directory: ./sub-directory # Your Working Directory, Optional\n          alias-domains: | # Optional\n            staging.angular.vercel-action.amond.dev\n            pr-{{PR_NUMBER}}.angular.vercel-action.amond.dev\n```\n\n### GitHub Deployments\n\nYou can create [GitHub Deployments](https://docs.github.com/en/rest/deployments/deployments) to track your Vercel deployments directly in GitHub's Environments tab.\n\nSet `github-deployment` to `true` and provide a `github-token` with `deployments: write` permission.\n\nThe environment is auto-detected from `vercel-args`: `production` when `--prod` is present, otherwise `preview`. You can override this with `github-deployment-environment`.\n\n```yaml\nname: deploy website\non: [pull_request]\njobs:\n  deploy:\n    runs-on: ubuntu-latest\n    permissions:\n      deployments: write\n    steps:\n      - uses: actions/checkout@v2\n      - uses: amondnet/vercel-action@v25\n        id: vercel\n        with:\n          vercel-token: ${{ secrets.VERCEL_TOKEN }}\n          github-token: ${{ secrets.GITHUB_TOKEN }}\n          vercel-org-id: ${{ secrets.ORG_ID}}\n          vercel-project-id: ${{ secrets.PROJECT_ID}}\n          github-deployment: true\n          # github-deployment-environment: staging  # Optional override\n      - run: echo \"Deployment ID is ${{ steps.vercel.outputs.deployment-id }}\"\n```\n\nThe deployment lifecycle:\n1. A GitHub Deployment is created with status `in_progress` before the Vercel deploy\n2. On success, the status is updated to `success` with the preview URL\n3. On failure, the status is updated to `failure`\n4. Previous deployments to the same environment are automatically deactivated\n\n\u003e **Note:** GitHub Deployment errors are non-blocking. If the GitHub API call fails, the Vercel deployment will still proceed normally.\n\n## Migration from v2\n\n1. Change action name in `workflows` from `now-deployment` to `vercel-action`\n   ```yaml\n   - name: Vercel Action\n     uses: amondnet/vercel-action@v25\n   ```\n2. Change input values.\n    - `zeit-token` -\u003e `vercel-token`\n    - `now-org-id` -\u003e `vercel-org-id`\n    - `now-project-id` -\u003e `vercel-project-id`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Famondnet%2Fvercel-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Famondnet%2Fvercel-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Famondnet%2Fvercel-action/lists"}