chore: fast forward upstream changes to v2.18.0

.github/actions/test/action.yml

@@ -1,5 +1,5 @@
 name: 'Test'
-
+author: 'step-security'
 description: 'A GitHub Action that tests this action'
 
 inputs:
@@ -19,16 +19,16 @@ runs:
         sudo apt-get update
         sudo apt-get install language-pack-en language-pack-de
       shell: bash
-  
+
     - name: Setup Python
       if: inputs.python-version != 'installed'
       uses: actions/setup-python@v5
       with:
         python-version: ${{ inputs.python-version }}
-  
+
     - name: Checkout
       uses: actions/checkout@v4
-  
+
     - name: Detect OS
       id: os
       env:
@@ -47,7 +47,7 @@ runs:
         esac
         echo "date=$(date +%Y%m%d 2> /dev/null || true)" >> $GITHUB_OUTPUT
       shell: bash
-  
+
     - name: Cache PIP Packages
       uses: actions/cache@v4
       id: cache
@@ -59,7 +59,7 @@ runs:
           ${{ inputs.os }}-pip-test-${{ inputs.python-version }}-${{ hashFiles('**/requirements.txt', '**/constraints.txt') }}-
           ${{ inputs.os }}-pip-test-${{ inputs.python-version }}-
           ${{ inputs.os }}-pip-test-
-  
+
     - name: Install Python dependencies
       run: |
         python -m venv "$RUNNER_TEMP/venv"

.github/workflows/ci-cd.yml

@@ -9,7 +9,7 @@ on:
       - '*'
   pull_request:
   schedule:
-    - cron: '0 16 * * *'
+    - cron: '10 9 * * *'
   workflow_dispatch:
 permissions: {}
 
@@ -22,8 +22,9 @@ jobs:
         uses: actions/checkout@v4
       - name: Check requirements.txt
         run: |
-          (diff -w <(grep -v "python_version >  '3.7'" python/requirements.txt | sed -e "s/;.*//") python/requirements-3.7.txt || true) | (! grep -e "^<")
-          (diff -w <(grep -v "python_version <= '3.7'" python/requirements.txt | sed -e "s/;.*//") python/requirements-post-3.7.txt || true) | (! grep -e "^<")
+          (diff -w <(grep -v -e "python_version >  '3.7'" -e "python_version == '3.8'" -e "python_version >  '3.8'" python/requirements.txt | sed -e "s/;.*//") python/requirements-3.7.txt || true) | (! grep -e "^<")
+          (diff -w <(grep -v -e "python_version <= '3.7'" -e "python_version >  '3.8'" python/requirements.txt | sed -e "s/;.*//") python/requirements-3.8.txt || true) | (! grep -e "^<")
+          (diff -w <(grep -v -e "python_version <= '3.7'" -e "python_version == '3.8'" python/requirements.txt | sed -e "s/;.*//") python/requirements-post-3.8.txt || true) | (! grep -e "^<")
         shell: bash
       - name: Check for dependency updates
         continue-on-error: true
@@ -37,12 +38,10 @@ jobs:
     name: "Test macOS"
     uses: "./.github/workflows/test-os.yml"
     with:
-      os: '["macos-12", "macos-13", "macos-14"]'
-      python-version: '["3.10", "3.11", "3.12", "installed"]'
+      os: '["macos-13", "macos-14", "macos-15"]'
+      python-version: '["3.10", "3.11", "3.12", "3.13", "installed"]'
       include: >
         [
-          {"os": "macos-12", "python-version": "3.8"},
-          {"os": "macos-12", "python-version": "3.9"},
           {"os": "macos-13", "python-version": "3.8"},
           {"os": "macos-13", "python-version": "3.9"},
         ]
@@ -52,7 +51,7 @@ jobs:
     uses: "./.github/workflows/test-os.yml"
     with:
       os: '["ubuntu-20.04", "ubuntu-22.04", "ubuntu-24.04"]'
-      python-version: '["3.9", "3.10", "3.11", "3.12", "installed"]'
+      python-version: '["3.9", "3.10", "3.11", "3.12", "3.13", "installed"]'
       include: >
         [
           {"os": "ubuntu-20.04", "python-version": "3.7"},
@@ -65,7 +64,7 @@ jobs:
     uses: "./.github/workflows/test-os.yml"
     with:
       os: '["windows-2019", "windows-2022"]'
-      python-version: '["3.8", "3.9", "3.10", "3.11", "3.12"]'
+      python-version: '["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"]'
       include: '[{"os": "windows-2022", "python-version": "installed"}]'
 
   publish:

.github/workflows/publish.yml

@@ -75,7 +75,7 @@ jobs:
           load: true
           push: false
           platforms: linux/${{ matrix.arch }}
-          tags: enricomi/publish-unit-test-result-action:latest
+          tags: step-security/publish-unit-test-result-action:latest
           outputs: type=docker
         env:
           DOCKER_BUILD_RECORD_UPLOAD: false
@@ -190,7 +190,7 @@ jobs:
             -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" \
             -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" \
             -v "/home/runner/work/publish-unit-test-result-action/publish-unit-test-result-action":"$GITHUB_WORKSPACE" \
-            enricomi/publish-unit-test-result-action:latest
+            step-security/publish-unit-test-result-action:latest
         shell: bash
 
       - name: JSON output
@@ -202,11 +202,13 @@ jobs:
       - name: Scan for vulnerabilities
         id: scan
         uses: crazy-max/ghaction-container-scan@v3
+        continue-on-error: true
         with:
-          image: enricomi/publish-unit-test-result-action:latest
+          image: step-security/publish-unit-test-result-action:latest
           dockerfile: ./Dockerfile
           annotations: true
       - name: Upload SARIF artifact
+        if: steps.scan.outcome == 'success'
         uses: actions/upload-artifact@v4
         with:
           name: SARIF ${{ matrix.arch }}
@@ -305,9 +307,6 @@ jobs:
           - os: macos-latest
             os-label: macOS
             python: "installed"
-          - os: macos-12
-            os-label: macOS 12
-            python: "installed"
           - os: macos-13
             os-label: macOS 13
             python: "installed"
@@ -566,4 +565,3 @@ jobs:
         with:
           json: '${{ steps.test-results.outputs.json }}'
           json_file: 'tests.json'
-

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.8-alpine
+FROM python:3.13-alpine
 
 LABEL repository="https://github.com/step-security/publish-unit-test-result-action"
 LABEL homepage="https://github.com/step-security/publish-unit-test-result-action"
@@ -10,7 +10,7 @@ LABEL com.github.actions.color="green"
 
 RUN apk add --no-cache --upgrade expat libuuid
 
-COPY python/requirements-post-3.7.txt /action/requirements.txt
+COPY python/requirements-post-3.8.txt /action/requirements.txt
 RUN apk add --no-cache build-base libffi-dev; \
     pip install --upgrade --force --no-cache-dir pip && \
     pip install --upgrade --force --no-cache-dir -r /action/requirements.txt; \

action.yml

@@ -1,5 +1,5 @@
 name: 'Publish Test Results'
-
+author: 'step-security'
 description: 'Publishes JUnit, NUnit, XUnit, TRX, JSON test results on GitHub for .NET, Dart, Java, JS, Jest, Mocha, Python, Scala, …'
 
 inputs:
@@ -149,7 +149,7 @@ outputs:
 
 runs:
   using: 'docker'
-  image: 'docker://ghcr.io/step-security/publish-unit-test-result-action:v2.17.0'
+  image: 'docker://ghcr.io/step-security/publish-unit-test-result-action:v2.18.0'
 
 branding:
   icon: 'check-circle'

composite/action.yml

@@ -1,5 +1,5 @@
 name: 'Publish Test Results'
-
+author: 'step-security'
 description: 'Publishes JUnit, NUnit, XUnit, TRX, JSON test results on GitHub for .NET, Dart, Java, JS, Jest, Mocha, Python, Scala, …'
 
 inputs:
@@ -183,11 +183,12 @@ runs:
         echo "PYTHON_BIN=$PYTHON_BIN" >> "$GITHUB_ENV"
 
         PYTHON_VERSION="$($PYTHON_BIN -c 'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}")')"
-        if [[ "$PYTHON_VERSION" == "3.7" ]]
-        then
+        if [[ "$PYTHON_VERSION" == "3.7" ]]; then
           echo "DEPENDENCIES_VERSION=3.7" >> "$GITHUB_ENV"
+        elif [[ "$PYTHON_VERSION" == "3.8" ]]; then
+          echo "DEPENDENCIES_VERSION=3.8" >> "$GITHUB_ENV"
         else
-          echo "DEPENDENCIES_VERSION=post-3.7" >> "$GITHUB_ENV"
+          echo "DEPENDENCIES_VERSION=post-3.8" >> "$GITHUB_ENV"
         fi
         echo "version=$PYTHON_VERSION" >> "$GITHUB_OUTPUT"
 
@@ -203,8 +204,7 @@ runs:
             echo "pip-cache=~/.cache/pip" >> "$GITHUB_OUTPUT"
             ;;
           macOS*)
-            echo "pip-cache=~/Library/Caches/pip" >> $GITHUB_OUTPUT
-            echo "pip-options=--break-system-packages" >> $GITHUB_OUTPUT
+            echo "pip-cache=~/Library/Caches/pip" >> "$GITHUB_OUTPUT"
             ;;
           Windows*)
             echo "pip-cache=~\\AppData\\Local\\pip\\Cache" >> "$GITHUB_OUTPUT"
@@ -219,7 +219,7 @@ runs:
       continue-on-error: true
       with:
         path: ${{ steps.os.outputs.pip-cache }}
-        key: step-security-publish-action-${{ runner.os }}-${{ runner.arch }}-pip-${{ steps.python.outputs.version }}-e594996205319a7990b3a4ec677d10a3
+        key: step-security-publish-action-${{ runner.os }}-${{ runner.arch }}-pip-${{ steps.python.outputs.version }}-b0048519e3287ae9cfc634aeda40cbfe
 
     - name: Create virtualenv
       id: venv

linux/action.yml

@@ -1,5 +1,5 @@
 name: 'Publish Test Results'
-
+author: 'step-security'
 description: 'Publishes JUnit, NUnit, XUnit, TRX, JSON test results on GitHub for .NET, Dart, Java, JS, Jest, Mocha, Python, Scala, …'
 
 inputs:
@@ -177,11 +177,12 @@ runs:
         echo "PYTHON_BIN=$PYTHON_BIN" >> "$GITHUB_ENV"
 
         PYTHON_VERSION="$($PYTHON_BIN -c 'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}")')"
-        if [[ "$PYTHON_VERSION" == "3.7" ]]
-        then
+        if [[ "$PYTHON_VERSION" == "3.7" ]]; then
           echo "DEPENDENCIES_VERSION=3.7" >> "$GITHUB_ENV"
+        elif [[ "$PYTHON_VERSION" == "3.8" ]]; then
+          echo "DEPENDENCIES_VERSION=3.8" >> "$GITHUB_ENV"
         else
-          echo "DEPENDENCIES_VERSION=post-3.7" >> "$GITHUB_ENV"
+          echo "DEPENDENCIES_VERSION=post-3.8" >> "$GITHUB_ENV"
         fi
         echo "version=$PYTHON_VERSION" >> "$GITHUB_OUTPUT"
 
@@ -194,7 +195,7 @@ runs:
       continue-on-error: true
       with:
         path: '~/.cache/pip'
-        key: step-security-publish-action-${{ runner.os }}-${{ runner.arch }}-pip-${{ steps.python.outputs.version }}-e594996205319a7990b3a4ec677d10a3
+        key: step-security-publish-action-${{ runner.os }}-${{ runner.arch }}-pip-${{ steps.python.outputs.version }}-b0048519e3287ae9cfc634aeda40cbfe
 
     - name: Create virtualenv
       id: venv

macos/action.yml

@@ -1,5 +1,5 @@
 name: 'Publish Test Results'
-
+author: 'step-security'
 description: 'Publishes JUnit, NUnit, XUnit, TRX, JSON test results on GitHub for .NET, Dart, Java, JS, Jest, Mocha, Python, Scala, …'
 
 inputs:
@@ -177,11 +177,12 @@ runs:
         echo "PYTHON_BIN=$PYTHON_BIN" >> "$GITHUB_ENV"
 
         PYTHON_VERSION="$($PYTHON_BIN -c 'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}")')"
-        if [[ "$PYTHON_VERSION" == "3.7" ]]
-        then
+        if [[ "$PYTHON_VERSION" == "3.7" ]]; then
           echo "DEPENDENCIES_VERSION=3.7" >> "$GITHUB_ENV"
+        elif [[ "$PYTHON_VERSION" == "3.8" ]]; then
+          echo "DEPENDENCIES_VERSION=3.8" >> "$GITHUB_ENV"
         else
-          echo "DEPENDENCIES_VERSION=post-3.7" >> "$GITHUB_ENV"
+          echo "DEPENDENCIES_VERSION=post-3.8" >> "$GITHUB_ENV"
         fi
         echo "version=$PYTHON_VERSION" >> "$GITHUB_OUTPUT"
 
@@ -194,7 +195,7 @@ runs:
       continue-on-error: true
       with:
         path: '~/Library/Caches/pip'
-        key: step-security-publish-action-${{ runner.os }}-${{ runner.arch }}-pip-${{ steps.python.outputs.version }}-e594996205319a7990b3a4ec677d10a3
+        key: step-security-publish-action-${{ runner.os }}-${{ runner.arch }}-pip-${{ steps.python.outputs.version }}-b0048519e3287ae9cfc634aeda40cbfe
 
     - name: Create virtualenv
       id: venv

misc/action/fetch-workflows/action.yml

@@ -1,4 +1,5 @@
 name: 'Fetch workflows'
+author: 'step-security'
 description: 'A GitHub Action to find workflows matching a query'
 
 outputs:

misc/action/find-workflows/action.yml

@@ -1,4 +1,5 @@
 name: 'Find workflows'
+author: 'step-security'
 description: 'A GitHub Action to find workflows matching a query'
 
 inputs:

misc/action/json-output/action.yml

@@ -1,5 +1,5 @@
 name: 'Assert JSON output'
-
+author: 'step-security'
 description: 'A GitHub Action that asserts the publish action''s JSON output'
 
 inputs:

misc/action/package-downloads/action.yml

@@ -1,4 +1,5 @@
 name: 'GHCR package downloads'
+author: 'step-security'
 description: 'A GitHub Action that fetches the number of downloads of a GHCR package'
 
 inputs:

python/publish/__init__.py

@@ -11,7 +11,7 @@
     UnitTestRunDeltaResults, UnitTestRunResultsOrDeltaResults, ParseError
 
 # keep the version in sync with action.yml
-__version__ = 'v2.17.0'
+__version__ = 'v2.18.0'
 
 logger = logging.getLogger('publish')
 digest_prefix = '[test-results]:data:'
@@ -446,11 +446,11 @@ def get_link_and_tooltip_label_md(label: str, tooltip: str) -> str:
 
 
 all_tests_label_md = 'tests'
-passed_tests_label_md = ':white_check_mark:'
-skipped_tests_label_md = ':zzz:'
-failed_tests_label_md = ':x:'
-test_errors_label_md = ':fire:'
-duration_label_md = ':stopwatch:'
+passed_tests_label_md = '✅'
+skipped_tests_label_md = '💤'
+failed_tests_label_md = '❌'
+test_errors_label_md = '🔥'
+duration_label_md = '⏱️'
 
 
 def get_short_summary_md(stats: UnitTestRunResultsOrDeltaResults) -> str:
@@ -863,13 +863,13 @@ def get_case_annotations(case_results: UnitTestCaseResults,
 
 def get_error_annotation(error: ParseError) -> Annotation:
     return Annotation(
-        path=error.file,
+        path=error.file or '/',
         start_line=error.line or 0,
         end_line=error.line or 0,
         start_column=error.column,
         end_column=error.column,
         annotation_level='failure',
-        message=error.message,
+        message=error.message or '',
         title=f'Error processing result file',
         raw_details=error.file
     )
@@ -882,14 +882,14 @@ def get_error_annotations(parse_errors: List[ParseError]) -> List[Annotation]:
 def get_suite_annotations_for_suite(suite: UnitTestSuite, with_suite_out_logs: bool, with_suite_err_logs: bool) -> List[Annotation]:
     return [
         Annotation(
-            path=suite.name,
+            path=suite.name or '/',
             start_line=0,
             end_line=0,
             start_column=None,
             end_column=None,
             annotation_level='warning' if source == 'stderr' else 'notice',
-            message=f'Test suite {suite.name} has the following {source} output (see Raw output).',
-            title=f'Logging on {source} of test suite {suite.name}',
+            message=f'Test suite {suite.name or "<unknown>"} has the following {source} output (see Raw output).',
+            title=f'Logging on {source} of test suite {suite.name or "<unknown>"}',
             raw_details=details
         )
         for details, source in ([(suite.stdout, 'stdout')] if with_suite_out_logs else []) +