{"id":22083796,"url":"https://github.com/unlyed/github-action-await-vercel","last_synced_at":"2025-10-04T12:52:49.745Z","repository":{"id":38324047,"uuid":"316535487","full_name":"UnlyEd/github-action-await-vercel","owner":"UnlyEd","description":"GitHub Action - Awaits a Vercel deployment to be ready","archived":false,"fork":false,"pushed_at":"2024-04-11T12:26:39.000Z","size":31164,"stargazers_count":35,"open_issues_count":7,"forks_count":9,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-09-15T00:39:59.938Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://github.com/marketplace/actions/await-for-vercel-deployment","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/UnlyEd.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"liberapay":"unlyEd"}},"created_at":"2020-11-27T15:20:56.000Z","updated_at":"2025-04-25T16:46:53.000Z","dependencies_parsed_at":"2024-04-11T13:46:32.966Z","dependency_job_id":"d0a30b74-025e-40d9-bee0-0e287cdacc09","html_url":"https://github.com/UnlyEd/github-action-await-vercel","commit_stats":{"total_commits":118,"total_committers":3,"mean_commits":"39.333333333333336","dds":"0.22033898305084743","last_synced_commit":"b3516eac88ef939ccc2c6b25987ba153d2c7ef48"},"previous_names":[],"tags_count":90,"template":false,"template_full_name":null,"purl":"pkg:github/UnlyEd/github-action-await-vercel","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UnlyEd%2Fgithub-action-await-vercel","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UnlyEd%2Fgithub-action-await-vercel/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UnlyEd%2Fgithub-action-await-vercel/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UnlyEd%2Fgithub-action-await-vercel/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/UnlyEd","download_url":"https://codeload.github.com/UnlyEd/github-action-await-vercel/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UnlyEd%2Fgithub-action-await-vercel/sbom","scorecard":{"id":146152,"data":{"date":"2025-08-11","repo":{"name":"github.com/UnlyEd/github-action-await-vercel","commit":"dc8556d58bdb7f211f7b7af6052c29288c7419a4"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.9,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/29 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-git-release-production.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/auto-git-release-production.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-git-release-production.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/auto-git-release-production.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-git-release-production.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/auto-git-release-production.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-git-release-production.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/auto-git-release-production.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-git-release-staging.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/auto-git-release-staging.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-git-release-staging.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/auto-git-release-staging.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-git-release-staging.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/auto-git-release-staging.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-git-release-staging.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/auto-git-release-staging.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/check-build.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/check-build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-integration-test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/run-integration-test.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-codeclimate-coverage.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/update-codeclimate-coverage.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-codeclimate-coverage.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/update-codeclimate-coverage.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-codeclimate-coverage.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/UnlyEd/github-action-await-vercel/update-codeclimate-coverage.yml/main?enable=pin","Info:   0 out of   6 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   7 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/auto-git-release-production.yml:1","Warn: no topLevel permission defined: .github/workflows/auto-git-release-staging.yml:1","Warn: no topLevel permission defined: .github/workflows/check-build.yml:1","Warn: no topLevel permission defined: .github/workflows/run-integration-test.yml:1","Warn: no topLevel permission defined: .github/workflows/update-codeclimate-coverage.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 16 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":1,"reason":"9 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T09:26:43.620Z","repository_id":38324047,"created_at":"2025-08-16T09:26:43.620Z","updated_at":"2025-08-16T09:26:43.620Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278315198,"owners_count":25966775,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-04T02:00:05.491Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-01T00:17:42.876Z","updated_at":"2025-10-04T12:52:49.727Z","avatar_url":"https://github.com/UnlyEd.png","language":"TypeScript","funding_links":["https://liberapay.com/unlyEd"],"categories":[],"sub_categories":[],"readme":"\u003ca href=\"https://unly.org\"\u003e\u003cimg src=\"https://storage.googleapis.com/unly/images/ICON_UNLY.png\" align=\"right\" height=\"20\" alt=\"Unly logo\" title=\"Unly logo\" /\u003e\u003c/a\u003e\n[![Maintainability](https://api.codeclimate.com/v1/badges/c0cb5c0cecadfb391a1a/maintainability)](https://codeclimate.com/github/UnlyEd/github-action-await-vercel/maintainability)\n[![Test Coverage](https://api.codeclimate.com/v1/badges/c0cb5c0cecadfb391a1a/test_coverage)](https://codeclimate.com/github/UnlyEd/github-action-await-vercel/test_coverage)\n\n![GitHub Action integration test](https://github.com/UnlyEd/github-action-await-vercel/workflows/GitHub%20Action%20integration%20test/badge.svg)\n![GitHub Action build test](https://github.com/UnlyEd/github-action-await-vercel/workflows/GitHub%20Action%20build%20test/badge.svg)\n![Update Code Climate test coverage](https://github.com/UnlyEd/github-action-await-vercel/workflows/Update%20Code%20Climate%20test%20coverage/badge.svg)\n\n# GitHub Action - Await for a Vercel deployment (to be ready)\n\n## Code snippet example (minimal example)\n\n```yaml\njobs:\n  wait-for-vercel-deployment:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: UnlyEd/github-action-await-vercel@v1 # TODO best practices recommend to use a fixed version instead of @v1 for production usage (i.e: @v1.2.32)\n        id: await-vercel\n        env:\n          VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }}\n        with:\n          deployment-url: nextjs-bzyss249z.vercel.app # TODO Replace by the domain you want to test\n          timeout: 10 # Wait for 10 seconds before failing\n          poll-interval: 1 # Wait for 1 second before each retry\n\n      - name: Display deployment status\n        run: \"echo The deployment at ${{ fromJson(steps.await-vercel.outputs.deploymentDetails).url }} is ${{ fromJson(steps.await-vercel.outputs.deploymentDetails).readyState }}\"\n```\n\n_See the [Examples section](#examples) for more advanced examples._\n\n## What does this GitHub Action do?\nIt waits until a Vercel deployment domain is marked as \"READY\". _(See [`readyState === 'READY'`](https://vercel.com/docs/api#endpoints/deployments/create-a-new-deployment/response-parameters))_\n\nYou must know the domain url you want to await for and provide it as `deployment-url` input.\n\n## Why/when should you use it?\nIf you're using Vercel to deploy your apps, and you use some custom deployment pipeline using GitHub Actions,\nyou might need to wait for a deployment to be ready before running other processes _(e.g: Your end-to-end tests using [Cypress](https://www.cypress.io/))_.\n\n\u003e For instance, if you don't wait for the deployment to be ready,\nthen you might sometimes run your E2E tests suite against the Vercel's login page, instead of your actual deployment.\n\nIf your GitHub Actions sometimes succeeds but sometimes fails, then you probably need to await for the domain to be ready.\nThis action might help doing so, as it will wait until the Vercel deployment is really ready, before starting your next GitHub Action step.\n\n## What else does this action do?\nThis action automatically forwards the Vercel API response, which contains [additional information about the deployment](https://vercel.com/docs/api#endpoints/deployments/get-a-single-deployment/response-parameters).\nThis can be quite helpful if you need them, and will avoid for you to have yet to make another call to the Vercel API.\n\n## Considered alternatives\n\n### 1. [`wait-for-vercel`](https://github.com/mskelton/wait-for-vercel-action)\n\nBefore building our own GitHub Action, we tried using [`wait-for-vercel`](https://github.com/mskelton/wait-for-vercel-action), but it didn't handle our use case properly.\n\nPart of the issue is that it fetches **all deployments for a team/project**, which leads to **extra issues when you have multiple deployments running in parallel**. _(as it won't necessarily fetch the domain you expect, it's a bit random when multiple deployments are running in parallel)_\n\n\u003e **If you are/were using `wait-for-vercel`**, please note `github-action-await-vercel` works slightly differently, as it requires the `deployment-url` input, while `wait-for-vercel` didn't.\n\u003e But this ensures you await for the proper domain to be deployed, and is safe, even when multiple deployments are running in parallel.\n\n## Getting started\nTo get started with this GitHub Action, you'll need:\n- To configure a Vercel secret, for the GitHub Action to be authorized to fetch your deployments\n- To provide a few required options (like, the domain you want to await for)\n\n### GitHub project configuration\nYou should declare those variables as **[GitHub Secrets](https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets)**.\n\nName | Description\n--- | ---\n`VERCEL_TOKEN` | Your [vercel token](https://vercel.com/account/tokens) is required to fetch the Vercel API on your behalf and get the status of your deployment. [See usage in code](https://github.com/UnlyEd/github-action-await-vercel/search?q=VERCEL_TOKEN)\n\n\u003e _**N.B**: You don't have to use a GitHub Secret to provide the `VERCEL_TOKEN`. But you should do so, as it's a good security practice, because this way the token will be [hidden in the logs (encrypted)](https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets)._\n\n### Action's API\n\n#### Inputs\nName | Required | Default | Description\n---  | --- |--- |---\n`deployment-url`|✅| |Deployment domain (e.g: `my-app-hfq88g3jt.vercel.app`, `my-app.vercel.app`, etc.).\n`timeout`|✖️|`10`|Duration (in seconds) the action waits for the deployment status to reach either `READY` or `ERROR` state.\n`poll-interval`|✖️|`1`|Duration (in seconds) the action waits in between polled Vercel API requests.\n\n\u003e **Tip**: You might want to adapt the `timeout` to your use case.\n\u003e - For instance, if you're calling this action **right after having triggered the Vercel deployment**, then it'll go through `INITIALIZING \u003e ANALYZING \u003e BUILDING \u003e DEPLOYING` phases before reaching `READY` or `ERROR` state.\n\u003e This might take quite some time (depending on your project), and increasing the timeout to `600` (10mn) (or similar) is probably what you'll want to do in such case, because you need to take into account the time it'll take for Vercel to deploy.\n\u003e - The default of `10` seconds is because we _assume_ you'll call this action after the deployment has reached `BUILDING` state, and the time it takes for Vercel to reach `READY` or `ERROR` from `BUILDING` is rather short.\n\n\u003e **Tip**: `poll-interval` prevents spamming Vercel's API such that the number of requests stays within their rate limits. [Vercel allows](https://vercel.com/docs/concepts/limits/overview#rate-limits) 500 deployment retrievals every minute, and the 1-second default value will allow for about 8 concurrent executions of this GitHub Action.\n\n#### Outputs\nThis action forwards the [Vercel API response](https://vercel.com/docs/api#endpoints/deployments/get-a-single-deployment/response-parameters) as return value.\n\nName | Description\n--- | ---\n`deploymentDetails` | [JSON object](https://vercel.com/docs/api#endpoints/deployments/get-a-single-deployment/response-parameters). You can also use our [TS type](./blob/main/src/types/VercelDeployment.ts).\n\n## Examples\n\n### 1. Manually set a hardcoded Vercel deployment url as `deployment-url` (as GitHub env variable)\nIn the below example, we show you how to:\n\n1. **Step 1**: Forward `VERCEL_DEPLOYMENT_URL` as an ENV variable, using ` \u003e\u003e $GITHUB_ENV\"` which stores the value into the GitHub Actions env vars.\n    Of course, you might do it differently. It doesn't really matter as long as `VERCEL_DEPLOYMENT_URL` is set.\n1. **Step 2**: Then, we use the `UnlyEd/github-action-await-vercel@v1` GitHub Action, which waits for the deployment url to be ready.\n1. **Step 3**: Finally, we show an example on how to read the deployment's information returned by the Vercel API (which have been forwarded).\n\n```yaml\non:\n  pull_request:\n  push:\n    branches:\n      - main\n\njobs:\n  wait-for-vercel-deployment:\n    runs-on: ubuntu-latest\n    steps:\n      - name: Retrieve deployment URL (example on how to set an ENV var)\n        run: \"echo VERCEL_DEPLOYMENT_URL=nextjs-bzyss249z.vercel.app \u003e\u003e $GITHUB_ENV\"\n\n      - uses: UnlyEd/github-action-await-vercel@v1 # TODO best practices recommend to use a fixed version instead of @v1 for production usage (i.e: @v1.2.32)\n        id: await-vercel\n        env:\n          VERCEL_TOKEN: ${{ secrets.VERCEL_TOKEN }}\n        with:\n          deployment-url: ${{ env.VERCEL_DEPLOYMENT_URL }}\n          timeout: 10 # Wait for 10 seconds before failing\n\n      - name: Displays the deployment name (example on how to read information about the deployment)\n        run: \"echo The deployment at ${{ fromJson(steps.await-vercel.outputs.deploymentDetails).url }} is ${{ fromJson(steps.await-vercel.outputs.deploymentDetails).readyState }}\"\n```\n\nCheck the documentation to see what information [`deploymentDetails`](https://vercel.com/docs/api#endpoints/deployments/get-a-single-deployment/response-parameters) contains.\n\n### 2. Dynamically resolve the Vercel deployment url\n\nThis is a real-world use case example, from [Next Right Now](https://github.com/UnlyEd/next-right-now).\n\nThe workflow is a bit more complicated:\n1. All Vercel deployments for the team are fetched dynamically.\n1. Then the latest deployment url is extracted and used as `deployment-url` input by `github-action-await-vercel`.\n1. Once the deployment is ready, the `run-2e2-tests` job is started (using Cypress).\n\n[See code](https://github.com/UnlyEd/next-right-now/blob/v4.0.12-v2-mst-aptd-at-lcz-sty/.github/workflows/deploy-vercel-staging.yml#L174-L236)\n\n---\n\n# Advanced debugging\n\n\u003e Learn how to enable logging, from within the `github-action-await-vercel` action.\n\n## How to enable debug logs\n\nOur GitHub Action is written using the GitHub Actions native [`core.debug` API](https://github.com/actions/toolkit/blob/main/docs/action-debugging.md#step-debug-logs).\n\nTherefore, it allows you to enable logging whenever you need to debug **what's happening within our action**.\n\n**To enable debug mode**, you have to set a [**GitHub Secret**](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets#creating-encrypted-secrets), such as:\n\n- `ACTIONS_STEP_DEBUG` of value `true`\n\nPlease see [the official documentation](https://github.com/actions/toolkit/blob/main/docs/action-debugging.md#how-to-access-step-debug-logs) for more information.\n\n\u003e Enabling debugging using `ACTIONS_STEP_DEBUG` will also enable debugging for all other GitHub Actions you use that are using the `core.debug` API.\n\n---\n\n# Contributing\n\nWe gladly accept PRs, but please open an issue first, so we can discuss it beforehand.\n\n## Working locally\n\n### Configuring local tests\nYou'll need to create a `.env.test` file based on `.env.test.example`.\nThen, you'll need to create and add your own Vercel token there (`VERCEL_TOKEN`), and change the `VERCEL_DOMAIN` being tested to a domain you own (any Vercel domain will do).\n\n\u003e Local tests rely on the **environment variable** `VERCEL_TOKEN`, and must use your own Vercel account and credentials.\n\u003e\n\u003e Integration tests (on GitHub) rely on the **GitHub secret** `VERCEL_TOKEN` instead, and use a dedicated Vercel account.\n\n---\n\n# Changelog\n\n[Changelog](./CHANGELOG.md)\n\n---\n\n# Releases versioning\n\nWe follow Semantic Versioning. (`major.minor.patch`)\n\nOur versioning process is completely automated, any changes landing on the `main` branch will trigger a\nnew [release](../../releases).\n\n- `(MAJOR)`: Behavioral change of the existing API that would result in a breaking change.\n    - E.g: Removing an input, or changing the output would result in a breaking change and thus would be released as a\n      new MAJOR version.\n- `(MINOR)`: Behavioral change of the existing API that would **not** result in a breaking change.\n    - E.g: Adding an optional input would result in a non-breaking change and thus would be released as a new MINOR\n      version.\n- `Patch`: Any other change.\n    - E.g: Documentation, tests, refactoring, bug fix, etc.\n\n## Releases versions:\n\nThe examples above use an auto-updated major version tag (`@v1`).\nIt is also possible to use the `@latest` tag.  (RC stands for \"Release candidate\", which is similar to a Beta version)\n\nWhile those options can be useful, we intend to give some \"production-grade\" best practices.\n\n- **Do NOT use `@latest` for production**, ever. While only \"supposed-to-be-stable\" versions will be tagged\n  as `@latest`, it could harbor bugs nonetheless.\n- You can use auto-upgrading major version, such as `@v1` or `@v1.2`, but this is not always the best practice, see our\n  explanations below.\n\n### Special tags and best practices for production-grade apps\n\nHere are a few useful options you can use to pin a more-or-less specific version of our GitHub Action, alongside some \"\nproduction-grade\" best practices.\n\n- `@{COMMIT-SHA}`, e.g: `@1271dc3fc4c4c8bc62ba5a4e248dac95cb82d0e3`, recommended for all production-grade apps, it's the\n  only truly safe way to pinpoint a version that cannot change against your will (**SAFEST**)\n- `@{MAJOR}-{MINOR}-{PATCH}`, e.g: `@v1.2.31`, while not as safe as the `COMMIT-SHA` way, it's what most people use (\n  SAFER)\n- `@{MAJOR}`, e.g: `@v1`, can be used on production, but we do not advise to do so (SAFE-ISH)\n- `@{MAJOR}-rc`, e.g: `@v1-rc`, **reserved for development mode**, useful when debugging on a specific prerelease\n  version (UNSAFE)\n- `@{MAJOR}.{MINOR}`, e.g: `@v1.2`, can be used on production, but we do not advise to do so (SAFE-ISH)\n- `@{MAJOR}.{MINOR}-rc`, e.g: `@v1.2-rc`, **reserved for development mode**, useful when debugging on a specific\n  prerelease\n  version (UNSAFE)\n- `@latest`, **reserved for development mode**, useful when debugging (UNSAFE)\n\n**\"But, what is the issue with the `@{MAJOR}-{MINOR}-{PATCH}` way to pin a specific version\"?**\n\n\u003e Well, if this repository gets hacked by a 3rd party, **they can easily change all Git tags to a different commit**,\nwhich could contain malicious code.\n\nThat's why **pinning a specific commit SHA is the only truly safe option**. This way, the code you're using **cannot be\nchanged against your will**.\n\nMost people won't care about this and will use a MAJOR version tag instead anyway, such as `@v1`. It's common, but not\noften the best practice.\n\nIt all comes down to the risks you're ready to take, and it's up to you to decide what's best in your situation.\n\n---\n\n# License\n\n[MIT](./LICENSE)\n\n---\n\n# Vulnerability disclosure\n\n[See our policy](https://github.com/UnlyEd/Unly).\n\n---\n\n# Contributors and maintainers\n\nThis project is being authored by:\n\n- [Unly] Ambroise Dhenain ([Vadorequest](https://github.com/vadorequest)) **(active)**\n- Hugo Martin ([Demmonius](https://github.com/demmonius)) **(active)**\n\n---\n\n# **[ABOUT UNLY]** \u003ca href=\"https://unly.org\"\u003e\u003cimg src=\"https://storage.googleapis.com/unly/images/ICON_UNLY.png\" height=\"40\" align=\"right\" alt=\"Unly logo\" title=\"Unly logo\" /\u003e\u003c/a\u003e\n\n\u003e [Unly](https://unly.org) is a socially responsible company, fighting inequality and facilitating access to higher education.\n\u003e Unly is committed to making education more inclusive, through responsible funding for students.\n\nWe provide technological solutions to help students find the necessary funding for their studies.\n\nWe proudly participate in many TechForGood initiatives. To support and learn more about our actions to make education accessible, visit :\n\n- https://twitter.com/UnlyEd\n- https://www.facebook.com/UnlyEd/\n- https://www.linkedin.com/company/unly\n- [Interested to work with us?](https://jobs.zenploy.io/unly/about)\n\nTech tips and tricks from our CTO on our [Medium page](https://medium.com/unly-org/tech/home)!\n\n# TECHFORGOOD #EDUCATIONFORALL\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funlyed%2Fgithub-action-await-vercel","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Funlyed%2Fgithub-action-await-vercel","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funlyed%2Fgithub-action-await-vercel/lists"}