Merge 3d180a7778 into 6c1fd22b67

* Create veracode.yml

Signed-off-by: Sascha Ronnie Daoudia <85792632+Dadudidas@users.noreply.github.com>

* Create codeql.yml

Signed-off-by: Sascha Ronnie Daoudia <85792632+Dadudidas@users.noreply.github.com>

---------

Signed-off-by: Sascha Ronnie Daoudia <85792632+Dadudidas@users.noreply.github.com>

.github/ISSUE_TEMPLATE/bug_report.md

@@ -2,7 +2,7 @@
 name: Bug report
 about: Create a bug report
 title: ''
-labels: bug, needs triage
+labels: bug
 assignees: ''
 
 ---
@@ -35,4 +35,4 @@ A description with steps to reproduce the issue. If your have a public example o
 A description of what you expected to happen.
 
 **Actual behavior:**
-A description of what is actually happening.
+A description of what is actually happening.

.github/ISSUE_TEMPLATE/custom.md

@@ -0,0 +1,10 @@
+---
+name: Custom issue template
+about: Describe this issue template's purpose here.
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+

.github/ISSUE_TEMPLATE/feature_request.md

@@ -2,9 +2,11 @@
 name: Feature request
 about: Suggest an idea for this project
 title: ''
-labels: feature request, needs triage
+labels: ''
 assignees: ''
+
 ---
+
 <!--- Please direct any generic questions related to actions to our support community forum at https://github.community/c/code-to-cloud/github-actions/41 --->
 <!--- Before opening up a new feature request, please make sure to check for similar existing issues and pull requests -->
 
@@ -15,4 +17,4 @@ Describe your proposal.
 Justification or a use case for your proposal.
 
 **Are you willing to submit a PR?**
-<!--- We accept contributions! -->
+<!--- We accept contributions! -->

.github/workflows/basic-validation.yml

@@ -14,3 +14,5 @@ jobs:
   call-basic-validation:
     name: Basic validation
     uses: actions/reusable-workflows/.github/workflows/basic-validation.yml@main
+    with:
+      node-version: '20'

.github/workflows/check-dist.yml

@@ -15,3 +15,5 @@ jobs:
   call-check-dist:
     name: Check dist/
     uses: actions/reusable-workflows/.github/workflows/check-dist.yml@main
+    with:
+      node-version: '20'

.github/workflows/codeql.yml

@@ -0,0 +1,84 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+  schedule:
+    - cron: '20 14 * * 5'
+
+jobs:
+  analyze:
+    name: Analyze
+    # Runner size impacts CodeQL analysis time. To learn more, please see:
+    #   - https://gh.io/recommended-hardware-resources-for-running-codeql
+    #   - https://gh.io/supported-runners-and-hardware-resources
+    #   - https://gh.io/using-larger-runners
+    # Consider using larger runners for possible analysis time improvements.
+    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
+    permissions:
+      # required for all workflows
+      security-events: write
+
+      # only required for workflows in private repositories
+      actions: read
+      contents: read
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript-typescript' ]
+        # CodeQL supports [ 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' ]
+        # Use only 'java-kotlin' to analyze code written in Java, Kotlin or both
+        # Use only 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+
+    # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+
+    #   If the Autobuild fails above, remove it and uncomment the following three lines.
+    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+    # - run: |
+    #     echo "Run, Build Application using script"
+    #     ./location_of_script_within_repo/buildscript.sh
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:${{matrix.language}}"

.github/workflows/veracode.yml

@@ -0,0 +1,59 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# This workflow will initiate a Veracode Static Analysis Pipeline scan, return a results.json and convert to SARIF for upload as a code scanning alert
+
+name: Veracode Static Analysis Pipeline Scan
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "main" ]
+  schedule:
+    - cron: '36 18 * * 4'
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+permissions:
+  contents: read
+
+jobs:
+  # This workflow contains a job to build and submit pipeline scan, you will need to customize the build process accordingly and make sure the artifact you build is used as the file input to the pipeline scan file parameter
+  build-and-pipeline-scan:
+    # The type of runner that the job will run on
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    runs-on: ubuntu-latest
+    steps:
+
+    # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it and copies all sources into ZIP file for submitting for analysis. Replace this section with your applications build steps
+    - uses: actions/checkout@v3
+      with:
+        repository: ''
+
+    - run: zip -r veracode-scan-target.zip ./
+
+    # download the Veracode Static Analysis Pipeline scan jar
+    - run: curl --silent --show-error --fail -O https://downloads.veracode.com/securityscan/pipeline-scan-LATEST.zip
+    - run: unzip -o pipeline-scan-LATEST.zip
+
+    - uses: actions/setup-java@v3
+      with:
+        java-version: 8
+        distribution: 'temurin'
+    - run: java -jar pipeline-scan.jar --veracode_api_id "${{secrets.VERACODE_API_ID}}" --veracode_api_key "${{secrets.VERACODE_API_KEY}}" --fail_on_severity="Very High, High" --file veracode-scan-target.zip
+      continue-on-error: true
+    - name: Convert pipeline scan output to SARIF format
+      id: convert
+      uses: veracode/veracode-pipeline-scan-results-to-sarif@ff08ae5b45d5384cb4679932f184c013d34da9be
+      with:
+        pipeline-results-json: results.json
+    - uses: github/codeql-action/upload-sarif@v2
+      with:
+        # Path to SARIF file relative to the root of the repository
+        sarif_file: veracode-results.sarif

.github/workflows/versions.yml

@@ -20,7 +20,7 @@ jobs:
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup Go Stable
         uses: ./
         with:
@@ -35,7 +35,7 @@ jobs:
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup Go oldStable
         uses: ./
         with:
@@ -55,7 +55,7 @@ jobs:
           - os: macos-latest
             architecture: x32
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup Go ${{ matrix.version }} ${{ matrix.architecture }}
         uses: ./
         with:
@@ -74,7 +74,7 @@ jobs:
         go: [1.17, 1.18, 1.19]
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: setup-go ${{ matrix.go }}
         uses: ./
@@ -93,7 +93,7 @@ jobs:
         os: [ubuntu-latest, windows-latest, macos-latest]
         go-version: [1.16, 1.17]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup Go and check latest
         uses: ./
         with:
@@ -109,7 +109,7 @@ jobs:
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup Go and check latest
         uses: ./
         with:
@@ -125,7 +125,7 @@ jobs:
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup Go and check latest
         uses: ./
         with:
@@ -144,7 +144,7 @@ jobs:
         go: [1.12.16, 1.13.11, 1.14.3]
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: setup-go ${{ matrix.go }}
         uses: ./
@@ -165,7 +165,7 @@ jobs:
         go: [1.9, 1.8.6]
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: setup-go ${{ matrix.go }}
         uses: ./
@@ -184,7 +184,7 @@ jobs:
         os: [ubuntu-latest, windows-latest, macos-latest]
         go-version: [1.16, 1.17]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup Go and check latest
         uses: ./
         with:

.github/workflows/windows-validation.yml

@@ -19,7 +19,7 @@ jobs:
         cache: [false, true]
         go: [1.20.1]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: 'Setup ${{ matrix.cache }}, cache: ${{ matrix.go }}'
         uses: ./
@@ -61,7 +61,7 @@ jobs:
             echo 'which go should return "/c/hostedtoolcache/windows/go/${{ matrix.go }}/x64/bin/go"'
             exit 1
           fi
-          if [ $(go env GOROOT) != 'C:\hostedtoolcache\windows\go\${{ matrix.go }}\x64' ];then 
+          if [ $(go env GOROOT) != 'C:\hostedtoolcache\windows\go\${{ matrix.go }}\x64' ];then
             echo 'go env GOROOT should return "C:\hostedtoolcache\windows\go\${{ matrix.go }}\x64"'
             exit 1
           fi
@@ -88,7 +88,7 @@ jobs:
       matrix:
         cache: [false, true]
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: 'Setup default go, cache: ${{ matrix.cache }}'
         uses: ./
@@ -105,10 +105,32 @@ jobs:
           fi
         shell: bash
 
-      - name: 'Drive D: should not have Go installation, cache: ${{ matrix.cache}}'
+      - name: 'Drive D: should not have Go installation, cache: ${{ matrix.cache }}'
         run: |
           if [ -e 'D:\hostedtoolcache\windows\go\${{ needs.find-default-go.outputs.version }}\x64' ];then
             echo 'D:\hostedtoolcache\windows\go\${{ needs.find-default-go.outputs.version }}\x64 should not exist for hosted version of go';
             exit 1
           fi
         shell: bash
+
+  hostedtoolcache:
+    name: 'Validate if hostedtoolcache works as expected'
+    runs-on: windows-latest
+    strategy:
+      matrix:
+        cache: [false]
+        go: [1.20.1]
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: 'Setup ${{ matrix.go }}, cache: ${{ matrix.cache }}'
+        uses: ./
+        with:
+          go-version: ${{ matrix.go }}
+          cache: ${{ matrix.cache }}
+
+      - name: 'Setup ${{ matrix.go }}, cache: ${{ matrix.cache }} (from hostedtoolcache)'
+        uses: ./
+        with:
+          go-version: ${{ matrix.go }}
+          cache: ${{ matrix.cache }}

README.md

@@ -42,8 +42,8 @@ Matching by [semver spec](https://github.com/npm/node-semver):
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
-  - uses: actions/setup-go@v4
+  - uses: actions/checkout@v4
+  - uses: actions/setup-go@v5
     with:
       go-version: '^1.13.1' # The Go version to download (if necessary) and use.
   - run: go version
@@ -51,26 +51,26 @@ steps:
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
-  - uses: actions/setup-go@v4
+  - uses: actions/checkout@v4
+  - uses: actions/setup-go@v5
     with:
       go-version: '>=1.17.0'
   - run: go version
 ```
 
 > **Note**: Due to the peculiarities of YAML parsing, it is recommended to wrap the version in single quotation marks:
-> 
+>
 > ```yaml
 >   go-version: '1.20'
 >  ```
->  
+>
 > The recommendation is based on the YAML parser's behavior, which interprets non-wrapped values as numbers and, in the case of version 1.20, trims it down to 1.2, which may not be very obvious.
 Matching an unstable pre-release:
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
-  - uses: actions/setup-go@v4
+  - uses: actions/checkout@v4
+  - uses: actions/setup-go@v5
     with:
       go-version: '1.18.0-rc.1' # The Go version to download (if necessary) and use.
   - run: go version
@@ -78,8 +78,8 @@ steps:
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
-  - uses: actions/setup-go@v4
+  - uses: actions/checkout@v4
+  - uses: actions/setup-go@v5
     with:
       go-version: '1.16.0-beta.1' # The Go version to download (if necessary) and use.
   - run: go version
@@ -93,8 +93,8 @@ See [action.yml](action.yml)
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
-  - uses: actions/setup-go@v4
+  - uses: actions/checkout@v4
+  - uses: actions/setup-go@v5
     with:
       go-version: '1.16.1' # The Go version to download (if necessary) and use.
   - run: go run hello.go
@@ -114,8 +114,8 @@ want the most up-to-date Go version to always be used.
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
-  - uses: actions/setup-go@v4
+  - uses: actions/checkout@v4
+  - uses: actions/setup-go@v5
     with:
       go-version: '1.14'
       check-latest: true
@@ -135,8 +135,8 @@ set to `true`
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
-  - uses: actions/setup-go@v4
+  - uses: actions/checkout@v4
+  - uses: actions/setup-go@v5
     with:
       go-version: 'stable'
   - run: go run hello.go
@@ -144,8 +144,8 @@ steps:
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
-  - uses: actions/setup-go@v4
+  - uses: actions/checkout@v4
+  - uses: actions/setup-go@v5
     with:
       go-version: 'oldstable'
   - run: go run hello.go
@@ -159,20 +159,24 @@ The `cache` input is optional, and caching is turned on by default.
 
 The action defaults to search for the dependency file - go.sum in the repository root, and uses its hash as a part of
 the cache key. Use `cache-dependency-path` input for cases when multiple dependency files are used, or they are located
-in different subdirectories.
+in different subdirectories. The input supports glob patterns.
 
-If some problem that prevents success caching happens then the action issues the warning in the log and continues the execution of the pipeline. 
+If some problem that prevents success caching happens then the action issues the warning in the log and continues the execution of the pipeline.
 
 **Caching in monorepos**
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
-  - uses: actions/setup-go@v4
+  - uses: actions/checkout@v4
+  - uses: actions/setup-go@v5
     with:
       go-version: '1.17'
       check-latest: true
-      cache-dependency-path: subdir/go.sum
+      cache-dependency-path: |
+             subdir/go.sum
+             tools/go.sum
+    # cache-dependency-path: "**/*.sum"
+
   - run: go run hello.go
   ```
 
@@ -189,8 +193,8 @@ If both the `go-version` and the `go-version-file` inputs are provided then the
 
 ```yaml
 steps:
-  - uses: actions/checkout@v3
-  - uses: actions/setup-go@v4
+  - uses: actions/checkout@v4
+  - uses: actions/setup-go@v5
     with:
       go-version-file: 'path/to/go.mod'
   - run: go version
@@ -207,9 +211,9 @@ jobs:
         go: [ '1.14', '1.13' ]
     name: Go ${{ matrix.go }} sample
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Setup go
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@v5
         with:
           go-version: ${{ matrix.go }}
       - run: go run hello.go
@@ -241,7 +245,7 @@ can [generate a personal access token on github.com](https://github.com/settings
 input for the action:
 
 ```yaml
-uses: actions/setup-go@v4
+uses: actions/setup-go@v5
 with:
   token: ${{ secrets.GH_DOTCOM_TOKEN }}
   go-version: '1.18'

action.yml

@@ -25,7 +25,7 @@ outputs:
   cache-hit:
     description: 'A boolean value to indicate if a cache was hit'
 runs:
-  using: 'node16'
+  using: 'node20'
   main: 'dist/setup/index.js'
   post: 'dist/cache-save/index.js'
   post-if: success()

docs/adrs/0000-caching-dependencies.md

@@ -4,7 +4,7 @@ Date: 2022-04-13
 Status: Accepted
 
 # Context
-`actions/setup-go` is the one of the most popular action related to Golang in GitHub Actions. Many customers use it in conjunction with [actions/cache](https://github.com/actions/cache) to speed up dependency installation process.  
+`actions/setup-go` is the one of the most popular action related to Golang in GitHub Actions. Many customers use it in conjunction with [actions/cache](https://github.com/actions/cache) to speed up dependency installation process.
 See more examples on proper usage in [actions/cache documentation](https://github.com/actions/cache/blob/main/examples.md#go---modules).
 
 # Goals & Anti-Goals
@@ -16,7 +16,7 @@ Integration of caching functionality into `actions/setup-go` action will bring t
 We don't pursue the goal to provide wide customization of caching in scope of `actions/setup-go` action. The purpose of this integration is covering ~90% of basic use-cases. If user needs flexible customization, we should advice them to use `actions/cache` directly.
 
 # Decision
-- Add `cache` input parameter to `actions/setup-go`. For now, input will accept the following values: 
+- Add `cache` input parameter to `actions/setup-go`. For now, input will accept the following values:
   - `true` - enable caching for go dependencies
   - `false`- disable caching for go dependencies. This value will be set as default value
 - Cache feature will be disabled by default to make sure that we don't break existing customers. We will consider enabling cache by default in next major releases
@@ -32,7 +32,7 @@ We don't pursue the goal to provide wide customization of caching in scope of `a
 
 ```yml
 steps:
-- uses: actions/checkout@v3
+- uses: actions/checkout@v4
 - uses: actions/setup-go@v3
   with:
     go-version: '18'
@@ -43,7 +43,7 @@ steps:
 
  ```yml
 steps:
-- uses: actions/checkout@v3
+- uses: actions/checkout@v4
 - uses: actions/setup-go@v3
   with:
     go-version: '18'
@@ -53,7 +53,7 @@ steps:
 
  ```yml
 steps:
-- uses: actions/checkout@v3
+- uses: actions/checkout@v4
 - uses: actions/setup-go@v3
   with:
     go-version: '18'
@@ -66,4 +66,4 @@ steps:
 # Release process
 
 As soon as functionality is implemented, we will release minor update of action. No need to bump major version since there are no breaking changes for existing users.
-After that, we will update [starter-workflows](https://github.com/actions/starter-workflows/blob/main/ci/go.yml)
+After that, we will update [starter-workflows](https://github.com/actions/starter-workflows/blob/main/ci/go.yml)

package.json

@@ -1,6 +1,6 @@
 {
   "name": "setup-go",
-  "version": "4.0.0",
+  "version": "5.0.0",
   "private": true,
   "description": "setup go action",
   "main": "lib/setup-go.js",
@@ -28,28 +28,28 @@
     "@actions/cache": "^3.2.1",
     "@actions/core": "^1.10.0",
     "@actions/exec": "^1.1.0",
-    "@actions/glob": "^0.2.0",
+    "@actions/glob": "^0.4.0",
     "@actions/http-client": "^2.0.1",
     "@actions/io": "^1.0.2",
-    "@actions/tool-cache": "^1.5.5",
-    "semver": "^6.3.1"
+    "@actions/tool-cache": "^2.0.1",
+    "semver": "^7.5.4"
   },
   "devDependencies": {
-    "@types/jest": "^27.0.2",
-    "@types/node": "^16.11.25",
-    "@types/semver": "^6.0.0",
+    "@types/jest": "^29.5.10",
+    "@types/node": "^20.10.3",
+    "@types/semver": "^7.5.6",
     "@typescript-eslint/eslint-plugin": "^5.54.0",
     "@typescript-eslint/parser": "^5.54.0",
-    "@vercel/ncc": "^0.33.4",
+    "@vercel/ncc": "^0.38.1",
     "eslint": "^8.35.0",
     "eslint-config-prettier": "^8.6.0",
     "eslint-plugin-jest": "^27.2.1",
     "eslint-plugin-node": "^11.1.0",
-    "jest": "^27.2.5",
-    "jest-circus": "^27.2.5",
+    "jest": "^29.7.0",
+    "jest-circus": "^29.7.0",
     "nock": "^10.0.6",
     "prettier": "^2.8.4",
-    "ts-jest": "^27.0.5",
-    "typescript": "^4.3.3"
+    "ts-jest": "^29.1.1",
+    "typescript": "^5.3.2"
   }
 }

src/cache-save.ts

@@ -12,9 +12,19 @@ process.on('uncaughtException', e => {
   core.info(`${warningPrefix}${e.message}`);
 });
 
-export async function run() {
+// Added early exit to resolve issue with slow post action step:
+// - https://github.com/actions/setup-node/issues/878
+// https://github.com/actions/cache/pull/1217
+export async function run(earlyExit?: boolean) {
   try {
-    await cachePackages();
+    const cacheInput = core.getBooleanInput('cache');
+    if (cacheInput) {
+      await cachePackages();
+
+      if (earlyExit) {
+        process.exit(0);
+      }
+    }
   } catch (error) {
     let message = 'Unknown error!';
     if (error instanceof Error) {
@@ -28,11 +38,6 @@ export async function run() {
 }
 
 const cachePackages = async () => {
-  const cacheInput = core.getBooleanInput('cache');
-  if (!cacheInput) {
-    return;
-  }
-
   const packageManager = 'default';
 
   const state = core.getState(State.CacheMatchedKey);
@@ -85,4 +90,4 @@ function logWarning(message: string): void {
   core.info(`${warningPrefix}${message}`);
 }
 
-run();
+run(true);

src/installer.ts

@@ -114,9 +114,9 @@ export async function getGo(
         `Received HTTP status code ${err.httpStatusCode}.  This usually indicates the rate limit has been exceeded`
       );
     } else {
-      core.info(err.message);
+      core.info((err as Error).message);
     }
-    core.debug(err.stack);
+    core.debug((err as Error).stack ?? '');
     core.info('Falling back to download directly from Go');
   }
 
@@ -160,7 +160,7 @@ async function resolveVersionFromManifest(
     return info?.resolvedVersion;
   } catch (err) {
     core.info('Unable to resolve a version from the manifest...');
-    core.debug(err.message);
+    core.debug((err as Error).message);
   }
 }
 
@@ -203,6 +203,17 @@ async function cacheWindowsDir(
   fs.symlinkSync(actualToolCacheDir, defaultToolCacheDir, 'junction');
   core.info(`Created link ${defaultToolCacheDir} => ${actualToolCacheDir}`);
 
+  const actualToolCacheCompleteFile = `${actualToolCacheDir}.complete`;
+  const defaultToolCacheCompleteFile = `${defaultToolCacheDir}.complete`;
+  fs.symlinkSync(
+    actualToolCacheCompleteFile,
+    defaultToolCacheCompleteFile,
+    'file'
+  );
+  core.info(
+    `Created link ${defaultToolCacheCompleteFile} => ${actualToolCacheCompleteFile}`
+  );
+
   // make outer code to continue using toolcache as if it were installed on c:
   // restore toolcache root to default drive c:
   process.env['RUNNER_TOOL_CACHE'] = defaultToolCacheRoot;

src/main.ts

@@ -74,7 +74,7 @@ export async function run() {
           cacheDependencyPath
         );
       } catch (error) {
-        core.warning(`Restore cache failed: ${error.message}`);
+        core.warning(`Restore cache failed: ${(error as Error).message}`);
       }
     }
 
@@ -92,7 +92,7 @@ export async function run() {
     core.info(goEnv);
     core.endGroup();
   } catch (error) {
-    core.setFailed(error.message);
+    core.setFailed((error as Error).message);
   }
 }