Running job with dependabot/fetch-metadata@v1.1.1 gets warning message #23383
Labels
code security
Content related to code security
content
This issue or pull request belongs to the Docs Content team
dependabot
Content related to Dependabot
waiting for review
Issue/PR is waiting for a writer's review
Code of Conduct
What article on docs.github.com is affected?
https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions
What part(s) of the article would you like to see updated?
Parts are
dependabot/fetch-metadata@v1.1.1
.It's better to modify sample code not to return any warning messages as possible as it can.
GitHub released to duplicate using
set-output
without env vars.https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
dependabot/fetch-metadata@v1.1.1 is old version, witch does not yet fix to apply this security fix.
So, I get warning message:
The 'set-output' command is deprecated and will be disabled soon.
when I run a job with this dependabot/fetch-metadata@v1.1.1.dependabot/fetch-metadata already fixed this warning at v1.3.5 and released it.
issue: dependabot/fetch-metadata#277
release: https://github.com/dependabot/fetch-metadata/releases/tag/v1.3.5
I expect to sample code not to get any warning messages as possible as it can.
I suggest to update doc like this
Additional information
No response
The text was updated successfully, but these errors were encountered: