{"id":21034633,"url":"https://github.com/lpenz/ghaction-version-gen","last_synced_at":"2026-03-01T00:01:13.508Z","repository":{"id":38008747,"uuid":"380550783","full_name":"lpenz/ghaction-version-gen","owner":"lpenz","description":"Github action that outputs various version options for you to choose and use in a deploy action","archived":false,"fork":false,"pushed_at":"2026-02-11T23:13:22.000Z","size":149,"stargazers_count":3,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-02-12T09:43:19.527Z","etag":null,"topics":["docker","github-actions","github-actions-docker","rust"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lpenz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-06-26T16:43:52.000Z","updated_at":"2026-02-11T22:52:44.000Z","dependencies_parsed_at":"2024-11-16T15:05:46.163Z","dependency_job_id":"6f27ed3c-bc32-4126-b40f-16b571ce75ec","html_url":"https://github.com/lpenz/ghaction-version-gen","commit_stats":{"total_commits":61,"total_committers":2,"mean_commits":30.5,"dds":"0.032786885245901676","last_synced_commit":"a757c9f2f497f53ed73f32bde91373e2310463dc"},"previous_names":[],"tags_count":38,"template":false,"template_full_name":null,"purl":"pkg:github/lpenz/ghaction-version-gen","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lpenz%2Fghaction-version-gen","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lpenz%2Fghaction-version-gen/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lpenz%2Fghaction-version-gen/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lpenz%2Fghaction-version-gen/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lpenz","download_url":"https://codeload.github.com/lpenz/ghaction-version-gen/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lpenz%2Fghaction-version-gen/sbom","scorecard":{"id":600483,"data":{"date":"2025-08-11","repo":{"name":"github.com/lpenz/ghaction-version-gen","commit":"43b2c75670c87cead1c92a98d6ce3cd1bd38751e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.7,"checks":[{"name":"Maintained","score":10,"reason":"19 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:6: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/lpenz/ghaction-version-gen/ci.yml/main?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:5","Warn: containerImage not pinned by hash: Dockerfile:14: pin your Docker image by updating docker.io/alpine:3.22 to docker.io/alpine:3.22@sha256:4bcff63911fcb4448bd4fdacec207030997caf25e9bea4045fa6c8c44de311d1","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   8 third-party GitHubAction dependencies pinned","Info:   0 out of   2 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/ci.yml:16"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T00:17:15.146Z","repository_id":38008747,"created_at":"2025-08-21T00:17:15.146Z","updated_at":"2025-08-21T00:17:15.146Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29955885,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-28T22:53:01.873Z","status":"ssl_error","status_checked_at":"2026-02-28T22:52:50.699Z","response_time":90,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","github-actions","github-actions-docker","rust"],"created_at":"2024-11-19T13:07:48.509Z","updated_at":"2026-03-01T00:01:13.472Z","avatar_url":"https://github.com/lpenz.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![marketplace](https://img.shields.io/badge/marketplace-version--generator-blue?logo=github)](https://github.com/marketplace/actions/version-generator)\n[![CI](https://github.com/lpenz/ghaction-version-gen/actions/workflows/ci.yml/badge.svg)](https://github.com/lpenz/ghaction-version-gen/actions/workflows/ci.yml)\n[![coveralls](https://coveralls.io/repos/github/lpenz/ghaction-version-gen/badge.svg?branch=main)](https://coveralls.io/github/lpenz/ghaction-version-gen?branch=main)\n[![github](https://img.shields.io/github/v/release/lpenz/ghaction-version-gen?include_prereleases\u0026label=release\u0026logo=github)](https://github.com/lpenz/ghaction-version-gen/releases)\n[![docker](https://img.shields.io/docker/v/lpenz/ghaction-version-gen?label=release\u0026logo=docker\u0026sort=semver)](https://hub.docker.com/repository/docker/lpenz/ghaction-version-gen)\n\n# ghaction-version-gen\n\nghaction-version-gen is a docker github action that outputs a version\nnumber for you to use in a deploy action.\n\nThere are many ways to generate version information for a\nrepository. They usually involve processing `GITHUB_REF` in some\n[way](https://stackoverflow.com/questions/58177786/get-the-current-pushed-tag-in-github-actions),\nmaybe using even using [github-script](https://github.com/actions/github-script).\n\nThis repository is also an example of how to create a docker github\naction that compiles a rust entrypoint in a container and then moves\nit to a second, minimal container.\n\n\n## Outputs\n\nThe following are the *primary* outputs of this action, usually the\nones used for versioning:\n\n- `version_tagged`: for repositories that should only deploy on tags,\n  it's defined if the github event was a push of a tag.\n\n  The output itself is the tag, with the optional `v` stripped.\n\n  This output can be overriden via the `OVERRIDE_VERSION_TAGGED`\n  environment variable.\n\n- `version_commit`: for repositories that deploy on tags and on all\n  commits to `master` or `main`. It's defined if the github event was\n  a push of a tag or of one of those branches.\n\n  The output itself is the the tag that was pushed, or the most recent\n  tag on the branch followed by the distance between the branch and\n  the tag (always with the `v` stripped).\n\n  This output can be overriden via the `OVERRIDE_VERSION_COMMIT`\n  environment variable.\n\n- `version_docker_ci`: for repositories that deploy to\n  [hub.docker](http://hub.docker.com/) continuously. If the commit was\n  pushed to `master` or `main`, the variable has the value *\"latest\"*;\n  if a tag was pushed, it has the tag (`v` stripped); otherwise, it has\n  the value *\"null\"* as a string. This last case allows us to always\n  use the variable as the version for the [build-push-action], which\n  doesn't like empty strings.\n\n  This output can be overriden via the `OVERRIDE_VERSION_DOCKER_CI`\n  environment variable.\n\n\nYou can these variables in action in the [Examples](#examples) section.\n\nThis github action is also able to check if a project-specific version\nmatches with the latest tags. At the moment, only rust's *Cargo.toml*\nfile is checked. If there's a mismatch and a new tag is being pushed,\nthe action fails.\n\n\n### Secondary outputs\n\nThese are the *secondary* outputs that might be useful for debugging\nor as alternative versioning schemes:\n\n- `is_push`: if the github event was identified, \"true\" if the event\n  was a push or \"false\" otherwise.\n- `is_tag`: if the github ref was identified, \"true\" if the ref is a\n  tag, false otherwise.\n- `is_main`: \"true\" if the github ref was for a branch named `main` or\n  `master`.\n- `is_push_tag`: \"true\" if a tag was pushed.\n- `is_push_main`: \"true\" if `main` or `master` were pushed.\n- `commit`: the hash of the commit.\n- `commit_main`: the hash of the commit where the main/master branch\n  is.\n- `is_main_here`: \"true\" if the main/master branch coincides with the\n  current commit.\n- `git_describe_tags`: the output of `git describe --tags`\n- `tag_latest`: the most recent tag.\n- `distance`: the distance between the current commit and `tag_latest`.\n- `tag_distance`: `tag_latest-distance`\n- `tag_head`: the tag on HEAD, if there's a tag on HEAD (does not\n  depend on the gitub event).\n- `dash_distance`: `-` prepended to `distance`\n- `tag_latest_ltrimv`: `tag_latest` without the optional leading `v`.\n- `tag_head_ltrimv`: `tag_head` without the optionsl leading `v`, if\n  `tag_head` was defined.\n- `rust_crate_version`: the version in *Cargo.toml* if it exists.\n- `version_tagged`: `tag_head_ltrimv` if `is_push_tag`.\n- `version_commit`: `tag_head_ltrimv` if `is_push_tag` or\n  `tag_distance_ltrimv` if `is_push_main`.\n- `version_docker_ci`: *\"latest\"* if `is_push_main`, `tag_head_ltrimv`\n  if `is_push_tag`.\n- `version_mismatch`: if there's a version mismatch between the\n  contents of a file and the latest tag, this is the error\n  message. This also appears as a github action \"error\".\n\n\n## Examples\n\n### `version_tagged` and `version_commit`\n\nUsing `version_tagged` and `version_commit` is quite simple:\n\n```yml\njobs:\n  deploy:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v2\n      - id: version\n        uses: docker://lpenz/ghaction-version-gen:0.16.1\n      ...\n      - name: deploy\n        uses: \u003cdeploy action\u003e\n        if: steps.version.outputs.version_tagged != ''\n        with:\n          version: ${{ steps.version.outputs.version_tagged }}\n```\n\nThat gets the *deploy* step to run only when a tag is pushed, and sets\n`version` to the tag with the optional `v` prefix stripped.\n\nIf we replace `version_tagged` with `version_commit` in the example\nabove, we get an additional behavior: `version_commit` is also defined\nwhen `main` or `master` are pushed, and it assumes the value of the\nlast tag (`v` stripped) suffixed with `-` and the distance of the\npushed commit to that tag. This should be used in projects that want\nto deploy every time `main` is pushed.\n\n\n### `version_docker_ci`\n\nThe `version_docker_ci` variable was designed to work with the\ndocker's [build-push-action].  It should be used in projects where we\nwould use want to deploy from tags and from `main`/`master`, but we\nwant `main`/`master` to be identified as `latest` in docker hub.\n\nThis is how it's used:\n\n```yml\njobs:\n  deploy:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v2\n      - id: version\n        uses: docker://lpenz/ghaction-version-gen:0.13.4\n      - uses: docker/login-action@v1\n        with:\n          username: ${{ secrets.DOCKERHUB_USERNAME }}\n          password: ${{ secrets.DOCKERHUB_TOKEN }}\n      - uses: docker/build-push-action@v2\n        with:\n          push: ${{ steps.version.outputs.version_docker_ci != 'null' }}\n          tags: ${{ github.repository }}:${{ steps.version.outputs.version_docker_ci }}\n```\n\nNote that we don't make the [build-push-action] step conditional\nbecause we always want to build the container. Instead, we make `push`\nconditional, by checking that `version_docker_ci` is not `null`. We\nuse `null` instead of the empty string as a workaround, because the\naction doesn't let us use an empty string as the version in `tags`.\n\n\n[build-push-action]: https://github.com/marketplace/actions/build-and-push-docker-images\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flpenz%2Fghaction-version-gen","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flpenz%2Fghaction-version-gen","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flpenz%2Fghaction-version-gen/lists"}