{"id":44926792,"url":"https://github.com/step-security/github-tag-action","last_synced_at":"2026-02-18T05:02:58.685Z","repository":{"id":338673102,"uuid":"1157097490","full_name":"step-security/github-tag-action","owner":"step-security","description":"A Github Action to automatically bump and tag master, on merge, with the latest SemVer formatted version. Works on any platform. Secure drop-in replacement for mathieudutour/github-tag-action.","archived":false,"fork":false,"pushed_at":"2026-02-15T20:09:17.000Z","size":1160,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-02-16T01:30:47.999Z","etag":null,"topics":["step-security-maintained-actions"],"latest_commit_sha":null,"homepage":"https://docs.stepsecurity.io/actions/stepsecurity-maintained-actions","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/step-security.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-13T12:31:13.000Z","updated_at":"2026-02-15T19:21:10.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/step-security/github-tag-action","commit_stats":null,"previous_names":["step-security/github-tag-action"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/step-security/github-tag-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/step-security%2Fgithub-tag-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/step-security%2Fgithub-tag-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/step-security%2Fgithub-tag-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/step-security%2Fgithub-tag-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/step-security","download_url":"https://codeload.github.com/step-security/github-tag-action/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/step-security%2Fgithub-tag-action/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29569853,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-18T04:18:28.490Z","status":"ssl_error","status_checked_at":"2026-02-18T04:13:49.018Z","response_time":162,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["step-security-maintained-actions"],"created_at":"2026-02-18T05:02:48.447Z","updated_at":"2026-02-18T05:02:58.666Z","avatar_url":"https://github.com/step-security.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"# GitHub Tag Action\n\nA GitHub Action to automatically bump and tag master, on merge, with the latest SemVer formatted version. Works on any platform.\n\n## Usage\n\n```yaml\nname: Bump version\non:\n push:\n branches:\n - master\njobs:\n build:\n runs-on: ubuntu-latest\n steps:\n - uses: actions/checkout@v6\n - name: Bump version and push tag\n id: tag_version\n uses: step-security/github-tag-action@v6\n with:\n github_token: ${{ secrets.GITHUB_TOKEN }}\n - name: Create a GitHub release\n uses: ncipollo/release-action@v1\n with:\n tag: ${{ steps.tag_version.outputs.new_tag }}\n name: Release ${{ steps.tag_version.outputs.new_tag }}\n body: ${{ steps.tag_version.outputs.changelog }}\n```\n\n### 📥 Inputs\n\n- **github_token** _(required)_ - Required for permission to tag the repo. Usually `${{ secrets.GITHUB_TOKEN }}`.\n- **commit_sha** _(optional)_ - The commit SHA value to add the tag. If specified, it uses this value instead GITHUB_SHA. It could be useful when a previous step merged a branch into github.ref.\n\n#### Fetch all tags\n\n- **fetch_all_tags** _(optional)_ - By default, this action fetch the last 100 tags from Github. Sometimes, this is not enough and using this action will fetch all tags recursively (default: `false`).\n\n#### Filter branches\n\n- **release_branches** _(optional)_ - Comma separated list of branches (JavaScript regular expression accepted) that will generate the release tags. Other branches and pull-requests generate versions postfixed with the commit hash and do not generate any repository tag. Examples: `master` or `.*` or `release.*,hotfix.*,master`... (default: `master,main`).\n- **pre_release_branches** _(optional)_ - Comma separated list of branches (JavaScript regular expression accepted) that will generate the pre-release tags.\n\n#### Customize the tag\n\n- **default_bump** _(optional)_ - Which type of bump to use when [none is explicitly provided](#bumping) when commiting to a release branch (default: `patch`). You can also set `false` to avoid generating a new tag when none is explicitly provided. Can be `patch, minor or major`.\n- **default_prerelease_bump** _(optional)_ - Which type of bump to use when [none is explicitly provided](#bumping) when commiting to a prerelease branch (default: `prerelease`). You can also set `false` to avoid generating a new tag when none is explicitly provided. Can be `prerelease, prepatch, preminor or premajor`.\n- **custom_tag** _(optional)_ - Custom tag name. If specified, it overrides bump settings.\n- **create_annotated_tag** _(optional)_ - Boolean to create an annotated rather than a lightweight one (default: `false`).\n- **tag_prefix** _(optional)_ - A prefix to the tag name (default: `v`).\n- **append_to_pre_release_tag** _(optional)_ - A suffix to the pre-release tag name (default: `\u003cbranch\u003e`).\n\n#### Customize the conventional commit messages \u0026 titles of changelog sections\n\n- **custom_release_rules** _(optional)_ - Comma separated list of release rules.\n\n __Format__: `\u003ckeyword\u003e:\u003crelease_type\u003e:\u003cchangelog_section\u003e` where `\u003cchangelog_section\u003e` is optional and will default to [Angular's conventions](https://github.com/conventional-changelog/conventional-changelog/tree/master/packages/conventional-changelog-angular).\n\n __Examples__:\n 1. `hotfix:patch,pre-feat:preminor`,\n 2. `bug:patch:Bug Fixes,chore:patch:Chores`\n\n#### Debugging\n\n- **dry_run** _(optional)_ - Do not perform tagging, just calculate next version and changelog, then exit\n\n### 📤 Outputs\n\n- **new_tag** - The value of the newly calculated tag. Note that if there hasn't been any new commit, this will be `undefined`.\n- **new_version** - The value of the newly created tag without the prefix. Note that if there hasn't been any new commit, this will be `undefined`.\n- **previous_tag** - The value of the previous tag (or `v0.0.0` if none). Note that if `custom_tag` is set, this will be `undefined`.\n- **previous_version** - The value of the previous tag (or `0.0.0` if none) without the prefix. Note that if `custom_tag` is set, this will be `undefined`.\n- **release_type** - The computed release type (`major`, `minor`, `patch` or `custom` - can be prefixed with `pre`).\n- **changelog** - The [conventional changelog](https://github.com/conventional-changelog/conventional-changelog) since the previous tag.\n\n\u003e **_Note:_** This action creates a [lightweight tag](https://developer.github.com/v3/git/refs/#create-a-reference) by default.\n\n### Bumping\n\nThe action will parse the new commits since the last tag using the [semantic-release](https://github.com/semantic-release/semantic-release) conventions.\n\nsemantic-release uses the commit messages to determine the type of changes in the codebase. Following formalized conventions for commit messages, semantic-release automatically determines the next [semantic version](https://semver.org) number.\n\nBy default semantic-release uses [Angular Commit Message Conventions](https://github.com/angular/angular.js/blob/master/DEVELOPERS.md#-git-commit-guidelines).\n\nHere is an example of the release type that will be done based on a commit messages:\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd\u003e Commit message \u003c/td\u003e \u003ctd\u003e Release type \u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\n\n```\nfix(pencil): stop graphite breaking when too much pressure applied\n```\n\n\u003c/td\u003e\n\u003ctd\u003ePatch Release\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\n\n```\nfeat(pencil): add 'graphiteWidth' option\n```\n\n\u003c/td\u003e\n\u003ctd\u003eMinor Release\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\n\n```\nperf(pencil): remove graphiteWidth option\n\nBREAKING CHANGE: The graphiteWidth option has been removed.\nThe default graphite width of 10mm is always used for performance reasons.\n```\n\n\u003c/td\u003e\n\u003ctd\u003eMajor Release\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\nIf no commit message contains any information, then **default_bump** will be used.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstep-security%2Fgithub-tag-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstep-security%2Fgithub-tag-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstep-security%2Fgithub-tag-action/lists"}