Skip to content

Batch and deduplicate action resolution across composite depths#4296

Merged
TingluoHuang merged 8 commits intoactions:mainfrom
stefanpenner:batch-action-resolution-optimization
Mar 31, 2026
Merged

Batch and deduplicate action resolution across composite depths#4296
TingluoHuang merged 8 commits intoactions:mainfrom
stefanpenner:batch-action-resolution-optimization

Conversation

@stefanpenner
Copy link
Copy Markdown
Contributor

@stefanpenner stefanpenner commented Mar 12, 2026
edited
Loading

Summary

  • Cache resolved actions across recursion depths — same action resolved once
  • Batch-resolve sibling composites' sub-actions in one API call instead of N
  • Defer pre/post step registration until after recursion (fixes HasPre/HasPost correctness)

Internal workflow with ~30 composites: ~20 resolve API calls → 3-4. Also reduces 429s (#4232).

Fixes #3731

Other possibilities

Smoke test results

Tested with a self-hosted runner built from this branch vs stock (main), using a 50-action composite tree across 6 repos with 5 depth levels.

Action graph:

workflow → 10× L1 composites + 5 leaves (15 top-level steps)
  L1 (×10) → 1 leaf + 3 L2 composites (heavy cross-referencing)
  L2 (×10) → 1 leaf + 3 L3 composites
  L3 (×10) → 2 leaves + 2 L4 composites (cross-repo refs to 5 shard repos)
  L4 (×10) → 3 leaves (cross-repo refs)

Results (run)

Stock runner (main) This PR
Resolve API calls 311 4
Resolution time 70.6s 8.2s
  • 78× fewer API calls, 8.6× faster action resolution
  • Output parity confirmed (3845 leaf-action log lines in both runners)
  • All composites resolved and executed at all 5 depth levels
  • Cross-repo references resolved correctly
  • Dedup verified: same owner/repo@ref never re-resolved across depths
  • Batching verified: distinct repos at the same depth batched into 1 call

Earlier run (single-repo, same-ref tree)

Run: 311 → 1 resolve calls (all 50 actions shared the same owner/repo@ref lookup key, so the cache eliminated every call after the first).

Test plan

  • 4 new L0 tests covering batching, cross-depth dedup, multi-top-level, and nested containers
  • Smoke test with self-hosted runners: 50-action/5-depth/6-repo composite tree (see above)

🤖 Generated with Claude Code

@stefanpenner stefanpenner force-pushed the batch-action-resolution-optimization branch from 9408232 to 397fea0 Compare March 12, 2026 23:41
@stefanpenner stefanpenner changed the title Batch and deduplicate action resolution across composite depth levels Batch and deduplicate action resolution across composite depths Mar 12, 2026
stefanpenner added a commit to stefanpenner/resolution-test that referenced this pull request Mar 13, 2026
@stefanpenner @claude
Deep composite action tree for testing runner action resolution batching
dae742a 
Action graph (8 unique actions, depth 3):
  workflow → leaf-echo, composite-a, composite-b, composite-c
  composite-a → leaf-echo, leaf-sleep, composite-d
  composite-b → leaf-echo, leaf-sleep, composite-e
  composite-c → leaf-echo, composite-d, composite-e
  composite-d → leaf-echo, leaf-sleep, composite-f
  composite-e → leaf-echo, leaf-sleep, composite-f
  composite-f → leaf-echo, leaf-sleep

Without batching: ~15-20 resolve API calls (one per composite per depth)
With actions/runner#4296: ~3-4 calls (one batch per depth level)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
stefanpenner added a commit to stefanpenner/resolution-test that referenced this pull request Mar 13, 2026
@stefanpenner @claude
Scale to 50-action/5-depth tree for stress testing resolution
29d1171 
Action graph (50 unique actions, 5 depth levels):
  workflow → 10x L1 composites + 5 leaves (15 top-level)
  L1-NN → 1 leaf + 3 L2 composites (heavy cross-referencing)
  L2-NN → 1 leaf + 3 L3 composites
  L3-NN → 2 leaves + 2 L4 composites
  L4-NN → 3 leaves

Without batching/dedup: ~301 resolve API calls
With actions/runner#4296: ~4 calls (75x reduction)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@stefanpenner stefanpenner marked this pull request as ready for review March 13, 2026 00:42
@stefanpenner stefanpenner requested a review from a team as a code owner March 13, 2026 00:42
Copilot AI review requested due to automatic review settings March 13, 2026 00:42
Copilot AI reviewed Mar 13, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR optimizes action resolution in composite action trees by batching and deduplicating API calls across recursion depths. Instead of resolving sub-actions one composite at a time (N API calls), it collects all sub-actions at each depth level and resolves them in a single batch call, with a cross-depth cache to avoid re-resolving the same action. It also defers pre/post step registration until after recursion completes.

Changes:

  • Introduce a stack-local resolvedDownloadInfos cache to deduplicate action resolution across composite depths, and a new ResolveNewActionsAsync helper that skips already-cached actions
  • Collect composite sub-actions into a nextLevel list and batch-resolve them before recursing per parent group
  • Defer pre/post step registration to after recursion so that HasPre/HasPost reflect the full subtree

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File Description
src/Runner.Worker/ActionManager.cs Core optimization: adds resolution cache, batch pre-resolution of next-level actions, deferred pre/post registration, and new ResolveNewActionsAsync helper
src/Test/L0/Worker/ActionManagerL0.cs 5 new L0 tests covering batching, cross-depth dedup, multi-top-level, nested containers, and parallel downloads

You can also share your feedback on Copilot code review. Take the survey.

Comment thread src/Runner.Worker/ActionManager.cs Outdated
Comment thread src/Runner.Worker/ActionManager.cs Outdated
Comment thread src/Runner.Worker/ActionManager.cs Outdated
@stefanpenner stefanpenner requested a review from Copilot March 13, 2026 00:48
Copilot AI reviewed Mar 13, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR optimizes action resolution in the GitHub Actions runner by introducing batching and cross-depth deduplication for composite action resolution. Instead of making individual API calls per composite action at each recursion depth, sub-actions from all composites at the same depth are collected and resolved in a single batch API call. A stack-local cache ensures the same owner/repo@ref is only resolved once even if it appears at multiple depths in the composite tree. Pre/post step registration is deferred until after recursion to ensure HasPre/HasPost reflect the full subtree.

Changes:

  • Added a case-insensitive resolvedDownloadInfos dictionary that caches resolved action download info across recursion depths, with a ResolveNewActionsAsync helper that skips already-cached actions
  • Refactored PrepareActionsRecursiveAsync to collect composite sub-actions into a nextLevel list, batch-resolve them in one API call, then recurse per-parent group — moving pre/post step registration after recursion
  • Added 5 new L0 tests covering batching, cross-depth dedup, multiple top-level actions, nested containers, and parallel downloads

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
src/Runner.Worker/ActionManager.cs Core optimization: batch resolution cache, ResolveNewActionsAsync helper, deferred pre/post registration
src/Test/L0/Worker/ActionManagerL0.cs 5 new tests validating batching, deduplication, multi-action, nested container, and parallel download scenarios

You can also share your feedback on Copilot code review. Take the survey.

Comment thread src/Test/L0/Worker/ActionManagerL0.cs Outdated
@stefanpenner stefanpenner force-pushed the batch-action-resolution-optimization branch from 6e27f5a to 0aa89ce Compare March 13, 2026 00:52
@claude @stefanpenner
Batch and deduplicate action resolution across composite depths
5bcd72f 
Thread a cache through PrepareActionsRecursiveAsync so the same action
is resolved at most once regardless of depth. Collect sub-actions from
all sibling composites and resolve them in one API call instead of one
per composite.

~30-composite internal workflow went from ~20 resolve calls to 3-4.

Fixes actions#3731

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@stefanpenner stefanpenner force-pushed the batch-action-resolution-optimization branch from 0aa89ce to 5bcd72f Compare March 13, 2026 02:46
@stefanpenner stefanpenner marked this pull request as draft March 13, 2026 03:12
@stefanpenner stefanpenner mentioned this pull request Mar 13, 2026
Draft
3 tasks
@stefanpenner stefanpenner marked this pull request as ready for review March 13, 2026 16:22
ericsciple
ericsciple reviewed Mar 25, 2026
View reviewed changes
Comment thread src/Runner.Worker/ActionManager.cs Outdated
@stefanpenner stefanpenner marked this pull request as draft March 25, 2026 23:21
@stefanpenner
Copy link
Copy Markdown
Contributor Author

stefanpenner commented Mar 25, 2026

@ericsciple any interest in #4297 or is that too invasive?

@stefanpenner @claude
Add feature flag for batch action resolution
f800050 
Gate the batched/deduplicated action resolution behind a feature flag
(actions_batch_action_resolution) with env var fallback
(ACTIONS_BATCH_ACTION_RESOLUTION) for local testing. When disabled,
falls back to the original per-composite resolution behavior via
PrepareActionsRecursiveLegacyAsync.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@stefanpenner stefanpenner marked this pull request as ready for review March 26, 2026 02:04
Copilot AI reviewed Mar 26, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR optimizes GitHub Actions runner action resolution for composite actions by batching resolve requests and caching resolved download info across composite recursion depths to reduce API calls and avoid 429s.

Changes:

  • Add a feature flag (actions_batch_action_resolution) and an opt-in env var (ACTIONS_BATCH_ACTION_RESOLUTION) to enable batched, cached action resolution.
  • Implement a new recursive preparation path that batch-resolves next-level sub-actions and defers pre/post registration until after recursion.
  • Add new L0 tests covering batching and cross-depth dedup behaviors.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
src/Runner.Worker/ActionManager.cs Introduces the batched/cached resolution path behind a feature flag + env var and adds a cache-aware resolve helper.
src/Runner.Common/Constants.cs Adds the BatchActionResolution feature flag constant.
src/Test/L0/Worker/ActionManagerL0.cs Adds multiple L0 tests for the new batching/dedup behavior when the env var is enabled.

Comment thread src/Test/L0/Worker/ActionManagerL0.cs Outdated
Comment thread src/Runner.Worker/ActionManager.cs
Comment thread src/Runner.Worker/ActionManager.cs
@stefanpenner @claude
Use case-sensitive cache keys to match main behavior
b9f0f4c 
Revert cache and dedup keys from OrdinalIgnoreCase to Ordinal. Git
refs are case-sensitive so the lookup key (owner/repo@ref) must
preserve case to avoid collisions. Owner/repo normalization is
already handled server-side. Also clarify pre-download test name.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@stefanpenner stefanpenner requested a review from Copilot March 26, 2026 14:18
Copilot AI reviewed Mar 26, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

Comment thread src/Test/L0/Worker/ActionManagerL0.cs
Comment on lines +1838 to +1842
// Verifies that multiple unique actions at the same depth are
// downloaded concurrently (Task.WhenAll) rather than sequentially.
// We detect this by checking that all watermarks exist after a
// single PrepareActionsAsync call with multiple top-level actions.
Environment.SetEnvironmentVariable("ACTIONS_BATCH_ACTION_RESOLUTION", "true");
Copy link

Copilot AI Mar 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The comment claims this test verifies concurrent downloads via Task.WhenAll, but the assertions only check that watermarks exist after PrepareActionsAsync completes; that would also pass with fully sequential downloads. Either strengthen the test to actually detect overlap/concurrency (e.g., using synchronization in the download mock to prove parallel execution), or reword the test/comment to match what it really validates.

Copilot generated this review using guidance from repository custom instructions.
Comment thread src/Test/L0/Worker/ActionManagerL0.cs
Comment on lines +1623 to +1625
// Verifies that multiple unique top-level actions are downloaded via
// DownloadActionsInParallelAsync (the parallel code path), and that
// all actions are correctly resolved and downloaded.
Copy link

Copilot AI Mar 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test comment refers to DownloadActionsInParallelAsync as the “parallel code path”, but that method doesn’t exist in the codebase (and ActionManager doesn’t appear to use Task.WhenAll for downloads). This is misleading for future maintainers—please update the comment (and/or test name) to describe the actual behavior being validated.

Suggested change
// Verifies that multiple unique top-level actions are downloaded via
// DownloadActionsInParallelAsync (the parallel code path), and that
// all actions are correctly resolved and downloaded.
// Verifies that when batched action resolution is enabled via
// ACTIONS_BATCH_ACTION_RESOLUTION, multiple unique top-level actions
// are resolved together and downloaded, and that all actions are
// correctly resolved and downloaded.

Copilot uses AI. Check for mistakes.
@ericsciple
Copy link
Copy Markdown
Collaborator

ericsciple commented Mar 30, 2026

@stefanpenner I am comfortable with the changes. I am checking with @TingluoHuang if he has any concerns before merging.

@stefanpenner
Copy link
Copy Markdown
Contributor Author

stefanpenner commented Mar 30, 2026

@ericsciple keep keep me posted, happy to jump in and make changes as needed.

Any interest in #4297 or is that (as I assumed) too invasive?

@ericsciple
Copy link
Copy Markdown
Collaborator

ericsciple commented Mar 31, 2026

Any interest in #4297 or is that (as I assumed) too invasive?

Regarding #4297, unbounded Task.WhenAll on tarball downloads could slam our infrastructure if a workflow has a large number of unique actions at one depth. I'd be more comfortable with a conservative concurrency limit. Maybe SemaphoreSlim(2)?

@stefanpenner let's through this PR first, then revisit #4297.

@TingluoHuang TingluoHuang merged commit 7ff994b into actions:main Mar 31, 2026
11 checks passed
@ChristopherHX ChristopherHX mentioned this pull request Mar 31, 2026
Closed
stefanpenner added a commit to stefanpenner/gh-actions-runner that referenced this pull request Apr 8, 2026
@stefanpenner @claude
Fix case-sensitive action dedup allowing duplicate downloads
a78b66a 
The deduplication logic introduced in actions#4296 used StringComparer.Ordinal,
so action references differing only by owner/repo casing (e.g.
actions/checkout vs actIONS/checkout) were treated as distinct and
downloaded multiple times. Switch to OrdinalIgnoreCase for all dedup
collections and the GroupBy in GetDownloadInfoAsync.

Fixes actions#3731

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@github-actions github-actions Bot mentioned this pull request Apr 22, 2026
Open
elysia-best added a commit to loong64/runner that referenced this pull request Apr 26, 2026
@elysia-best
merge: tag 2.334.0
db1a4f3 
commit f1995ed
Author: Salman Chishti <salmanmkc@GitHub.com>
Date:   Tue Apr 21 19:49:15 2026 +0100

    Update release version to 2.334.0

commit c87d955
Author: Salman Chishti <salmanmkc@GitHub.com>
Date:   Tue Apr 21 19:40:21 2026 +0100

    Prepping runner release 2.334.0 (actions#4365)

commit 7407189
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Apr 21 17:49:08 2026 +0100

    Bump Microsoft.DevTunnels.Connections from 1.3.16 to 1.3.39 (actions#4339)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit a84fb36
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Apr 21 17:39:38 2026 +0100

    Bump typescript from 6.0.2 to 6.0.3 in /src/Misc/expressionFunc/hashFiles (actions#4353)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 84598e0
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Apr 21 17:38:26 2026 +0100

    Bump System.ServiceProcess.ServiceController from 10.0.3 to 10.0.6 (actions#4358)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 8fa7457
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Apr 21 16:36:21 2026 +0000

    Bump @typescript-eslint/eslint-plugin from 8.58.1 to 8.59.0 in /src/Misc/expressionFunc/hashFiles (actions#4359)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 00af837
Author: Salman Chishti <salmanmkc@GitHub.com>
Date:   Tue Apr 21 17:31:10 2026 +0100

    Add vulnerability-alerts permission (actions#4350)

commit 6692e6a
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Apr 21 16:06:40 2026 +0000

    Bump System.Formats.Asn1 and System.Security.Cryptography.Pkcs (actions#4362)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit cacb25d
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Apr 21 15:15:02 2026 +0100

    Bump @typescript-eslint/parser from 8.58.1 to 8.59.0 in /src/Misc/expressionFunc/hashFiles (actions#4360)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit c6ca9f6
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Apr 20 17:06:35 2026 +0000

    Update dotnet sdk to latest version @8.0.420 (actions#4356)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

commit fad1253
Author: Copilot <198982749+Copilot@users.noreply.github.com>
Date:   Mon Apr 20 10:45:12 2026 -0400

    Bump Docker version to 29.4.0 (actions#4352)

    Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
    Co-authored-by: luketomlinson <19689611+luketomlinson@users.noreply.github.com>

commit 45debbd
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Apr 20 12:44:20 2026 +0000

    chore: update Node versions (actions#4355)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

commit 43e5211
Author: Francesco Renzi <rentziass@github.com>
Date:   Fri Apr 17 14:18:01 2026 +0100

    Add WS bridge over DAP TCP server (actions#4328)

    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

commit 4a587ad
Author: Salman Chishti <salmanmkc@GitHub.com>
Date:   Fri Apr 10 19:39:33 2026 +0100

    feat: add `job.workflow_*` typed accessors to JobContext (actions#4335)

commit 182a433
Author: Copilot <198982749+Copilot@users.noreply.github.com>
Date:   Fri Apr 10 12:40:28 2026 +0100

    Bump System.Formats.Asn1, Cryptography.Pkcs, ProtectedData, ServiceController, CodePages, Threading.Channels, @actions/glob, @typescript-eslint/parser, lint-staged, picomatch (actions#4333)

    Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 8d35e71
Author: Salman Chishti <salmanmkc@GitHub.com>
Date:   Fri Apr 10 11:34:08 2026 +0100

    fix: only show changed versions in node upgrade PR description (actions#4332)

commit 2bcc65e
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Apr 10 09:01:34 2026 +0100

    Bump typescript from 5.9.3 to 6.0.2 in /src/Misc/expressionFunc/hashFiles (actions#4329)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 1ba5fdf
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Apr 10 08:54:56 2026 +0100

    Bump actions/github-script from 8 to 9 (actions#4331)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 580116c
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Apr 8 07:44:38 2026 +0000

    Bump @typescript-eslint/eslint-plugin from 8.57.2 to 8.58.1 in /src/Misc/expressionFunc/hashFiles (actions#4327)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit c9a1751
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Wed Apr 8 08:40:32 2026 +0100

    Update Docker to v29.3.1 and Buildx to v0.33.0 (actions#4324)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 7711dc5
Author: Francesco Renzi <rentziass@github.com>
Date:   Tue Apr 7 13:51:33 2026 +0100

    Add devtunnel connection for debugger jobs (actions#4317)

commit df50788
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Apr 1 13:19:42 2026 +0100

    Bump brace-expansion in /src/Misc/expressionFunc/hashFiles (actions#4318)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 5c6dd47
Author: Tingluo Huang <tingluohuang@github.com>
Date:   Tue Mar 31 17:51:01 2026 -0400

    Add support for Bearer token in action archive downloads (actions#4321)

commit 7ff994b
Author: Stefan Penner <stef@iamstef.net>
Date:   Tue Mar 31 11:28:43 2026 -0600

    Batch and deduplicate action resolution across composite depths (actions#4296)

    Co-authored-by: Stefan Penner <spenner@linkedin.com>
    Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>

commit b9275b5
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Mar 30 12:58:17 2026 +0000

    chore: update Node versions (actions#4319)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

commit f0c2286
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Fri Mar 27 11:45:42 2026 -0500

    Remove AllowCaseFunction feature flag (actions#4316)

commit 9728019
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Tue Mar 24 10:40:31 2026 +0000

    Bump @typescript-eslint/eslint-plugin from 8.57.1 to 8.57.2 in /src/Misc/expressionFunc/hashFiles (actions#4310)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit e17e7aa
Author: Francesco Renzi <rentziass@github.com>
Date:   Mon Mar 23 14:02:15 2026 +0000

    Add DAP server (actions#4298)

    Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

commit 4259ffb
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Mar 20 01:02:30 2026 +0000

    Bump flatted from 3.2.7 to 3.4.2 in /src/Misc/expressionFunc/hashFiles (actions#4307)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 4e8e1ff
Author: Salman Chishti <salmanmkc@GitHub.com>
Date:   Wed Mar 18 16:51:00 2026 +0000

    prep new runner release 2.333.0 (actions#4306)

commit b6cca8f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Mar 18 16:26:33 2026 +0000

    Bump @typescript-eslint/eslint-plugin from 8.54.0 to 8.57.1 in /src/Misc/expressionFunc/hashFiles (actions#4304)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 18d0789
Author: Salman Chishti <salmanmkc@GitHub.com>
Date:   Tue Mar 17 18:58:34 2026 +0000

    Node 24 enforcement + Linux ARM32 deprecation support (actions#4303)

commit c985a9f
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Mar 16 13:48:09 2026 +0000

    Update dotnet sdk to latest version @8.0.419 (actions#4301)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
    Co-authored-by: Tingluo Huang <tingluohuang@github.com>

commit 45ed15d
Author: Tingluo Huang <tingluohuang@github.com>
Date:   Mon Mar 16 09:31:57 2026 -0400

    Report infra_error for action download failures. (actions#4294)

commit c5dcf59
Author: Nikola Jokic <jokicnikola07@gmail.com>
Date:   Fri Mar 13 19:16:31 2026 +0100

    Exit with specified exit code when runner is outdated (actions#4285)

    Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

commit c7f6c49
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Mar 11 10:21:47 2026 +0000

    Bump @typescript-eslint/eslint-plugin from 8.47.0 to 8.54.0 in /src/Misc/expressionFunc/hashFiles (actions#4230)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 40dd583
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Mon Mar 9 11:10:08 2026 -0500

    Fix cancellation token race during parser comparison (actions#4280)

commit 68f2e9a
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Mar 9 13:02:32 2026 +0000

    chore: update Node versions (actions#4287)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

commit 2b98d42
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Mar 9 00:37:54 2026 +0000

    Update Docker to v29.3.0 and Buildx to v0.32.1 (actions#4286)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

commit ce8ce41
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Sat Mar 7 22:13:23 2026 +0000

    Bump @stylistic/eslint-plugin from 5.9.0 to 5.10.0 in /src/Misc/expressionFunc/hashFiles (actions#4281)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 5310e90
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Sat Mar 7 01:59:22 2026 +0000

    Bump actions/attest-build-provenance from 3 to 4 (actions#4266)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 9832328
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Sat Mar 7 01:49:28 2026 +0000

    Bump docker/setup-buildx-action from 3 to 4 (actions#4282)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 5ef3270
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Sat Mar 7 01:44:58 2026 +0000

    Bump docker/build-push-action from 6 to 7 (actions#4283)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 1138dd8
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Thu Mar 5 14:56:28 2026 -0600

    Fix positional arg bug in ExpressionParser.CreateTree (actions#4279)

commit 99910ca
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Mar 5 15:45:49 2026 +0000

    Bump docker/login-action from 3 to 4 (actions#4278)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit bcd04cf
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Mar 5 14:55:48 2026 +0000

    Bump actions/upload-artifact from 6 to 7 (actions#4270)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 20111cb
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Wed Mar 4 17:36:45 2026 -0600

    Support `entrypoint` and `command` for service containers (actions#4276)

commit 8f01257
Author: Max Horstmann <MaxHorstmann@users.noreply.github.com>
Date:   Wed Mar 4 15:17:25 2026 -0500

    Devcontainer: bump base image Ubuntu version (actions#4277)

commit 8a73bcc
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Mon Mar 2 23:38:16 2026 -0600

    Fix parser comparison mismatches (actions#4273)

commit a9a07a6
Author: Tingluo Huang <tingluohuang@github.com>
Date:   Mon Mar 2 22:44:14 2026 -0500

    Avoid throw in SelfUpdaters. (actions#4274)

commit 60a9422
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Mar 2 13:51:11 2026 +0000

    chore: update Node versions (actions#4272)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

commit 985a06f
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Fri Feb 27 09:18:13 2026 +0000

    Bump actions/download-artifact from 7 to 8 (actions#4269)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit ae09a9d
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Thu Feb 26 08:36:55 2026 -0600

    Fix composite post-step marker display names (actions#4267)

commit 7650fc4
Author: Tingluo Huang <tingluohuang@github.com>
Date:   Wed Feb 25 15:44:27 2026 -0500

    Log inner exception message. (actions#4265)

commit bc00800
Author: Salman Chishti <salmanmkc@GitHub.com>
Date:   Wed Feb 25 13:36:47 2026 +0000

    Bump runner version to 2.332.0 and update release notes (actions#4264)

commit 86e2360
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Feb 25 12:02:23 2026 +0000

    Bump @stylistic/eslint-plugin from 3.1.0 to 5.9.0 in /src/Misc/expressionFunc/hashFiles (actions#4257)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 0fb7482
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Wed Feb 25 11:56:32 2026 +0000

    Bump minimatch in /src/Misc/expressionFunc/hashFiles (actions#4261)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 052dfbd
Author: Pavel Iakovenko <paveliak@users.noreply.github.com>
Date:   Tue Feb 24 12:19:46 2026 -0500

    Symlink actions cache (actions#4260)

commit ecb5f29
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Mon Feb 23 09:00:12 2026 -0600

    Composite Action Step Markers (actions#4243)

commit a2b2209
Author: Salman Chishti <salmanmkc@GitHub.com>
Date:   Sat Feb 21 19:19:46 2026 +0000

    Update Node.js 20 deprecation date to June 2nd, 2026 (actions#4258)

    Co-authored-by: Salman <salmanmkc@gmail.com>

commit 9426c35
Author: Salman Chishti <salmanmkc@GitHub.com>
Date:   Thu Feb 19 17:05:32 2026 +0000

    Add Node.js 20 deprecation warning annotation (Phase 1) (actions#4242)

commit 72189aa
Author: Tingluo Huang <tingluohuang@github.com>
Date:   Wed Feb 18 12:00:37 2026 -0500

    Try to infer runner is on hosted/ghes when githuburl is empty. (actions#4254)

commit e012ab6
Author: Tingluo Huang <tingluohuang@github.com>
Date:   Tue Feb 17 14:09:05 2026 -0500

    Fix link to SECURITY.md in README (actions#4253)

commit a798a45
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Feb 16 11:34:26 2026 +0000

    Update dotnet sdk to latest version @8.0.418 (actions#4250)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
    Co-authored-by: Salman Chishti <salmanmkc@GitHub.com>

commit 9efea31
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Feb 16 11:29:25 2026 +0000

    chore: update Node versions (actions#4249)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

commit 6680090
Author: Zach Renner <13670625+zarenner@users.noreply.github.com>
Date:   Thu Feb 12 05:46:48 2026 -0800

    Remove unnecessary connection test during some registration flows (actions#4244)

commit 15cb558
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Wed Feb 11 09:44:01 2026 -0600

    Fix parser comparison mismatches (actions#4220)

commit d5a8a93
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Tue Feb 10 12:28:42 2026 -0600

    Add telemetry tracking for deprecated set-output and save-state commands (actions#4221)

commit cdb77c6
Author: Tingluo Huang <tingluohuang@github.com>
Date:   Tue Feb 10 09:31:10 2026 -0500

    Support return job result as exitcode in hosted runner. (actions#4233)

commit a4a19b1
Author: Nikola Jokic <jokicnikola07@gmail.com>
Date:   Tue Feb 10 02:07:20 2026 +0100

    Bump hook to 0.8.1 (actions#4222)

commit 1b5486a
Author: Tingluo Huang <tingluohuang@github.com>
Date:   Mon Feb 9 08:42:07 2026 -0500

    Validate work dir during runner start up. (actions#4227)

commit 4214709
Author: Takuma Ishikawa <nekketsuuu@users.noreply.github.com>
Date:   Mon Feb 9 06:03:41 2026 +0900

    Add support for libssl3 and libssl3t64 for newer Debian/Ubuntu versions (actions#4213)

commit 3ffedab
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Feb 2 02:15:37 2026 +0000

    Update Docker to v29.2.0 and Buildx to v0.31.1 (actions#4219)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

commit 3a80a78
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Fri Jan 30 09:24:06 2026 -0600

    Fix local action display name showing `Run /./` instead of `Run ./` (actions#4218)

commit 6822f4a
Author: Tingluo Huang <tingluohuang@github.com>
Date:   Tue Jan 27 16:52:25 2026 -0500

    Report job level annotations (actions#4216)

commit ad43c63
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Sun Jan 25 21:10:56 2026 -0500

    Update Docker to v29.1.5 and Buildx to v0.31.0 (actions#4212)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

commit 5d4fb30
Author: eric sciple <ericsciple@users.noreply.github.com>
Date:   Thu Jan 22 15:17:18 2026 -0600

    Allow empty container options (actions#4208)

commit 1df72a5
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date:   Thu Jan 22 14:41:15 2026 +0000

    Bump System.Formats.Asn1 and System.Security.Cryptography.Pkcs (actions#4202)

    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

commit 02013cf
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Mon Jan 19 23:08:47 2026 -0500

    Update dotnet sdk to latest version @8.0.417 (actions#4201)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

commit 7d5c17a
Author: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Date:   Tue Jan 20 02:18:53 2026 +0000

    chore: update Node versions (actions#4200)

    Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>

# Conflicts:
#	.devcontainer/devcontainer.json
#	images/Dockerfile
#	releaseNote.md
#	releaseVersion
#	src/Misc/expressionFunc/hashFiles/package-lock.json   resolved by v2.334.0 version
#	src/Misc/expressionFunc/hashFiles/package.json   resolved by v2.334.0 version
#	src/Misc/externals.sh
#	src/Runner.Common/Constants.cs
#	src/Runner.Common/Runner.Common.csproj
#	src/Runner.Listener/Runner.Listener.csproj
#	src/Runner.Sdk/Runner.Sdk.csproj
#	src/Runner.Worker/ActionManager.cs
#	src/Runner.Worker/InternalsVisibleTo.cs
#	src/Runner.Worker/Runner.Worker.csproj
#	src/Sdk/Sdk.csproj
#	src/Sdk/WorkflowParser/WorkflowFeatures.cs
#	src/dev.sh
#	src/global.json
#	src/runnerversion
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@TingluoHuang TingluoHuang TingluoHuang approved these changes

@ericsciple ericsciple ericsciple approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Download action repository called repeatedly for actions that have to be the same

4 participants

@stefanpenner @ericsciple @TingluoHuang