GitHub Actions: Inputs unified across manual and reusable workflows

Workflows triggered by workflow_dispatch and workflow_call can now access their inputs using the inputs context.

Previously workflow_dispatch inputs were in the event payload. This made it difficult for workflow authors who wanted to have one workflow that was both reusable and manually triggered. Now a workflow author can write a single workflow triggered by workflow_dispatch and workflow_call and use the inputs context to access the input values.

For workflows triggered by workflow_dispatch inputs are still available in the github.event.inputs context to maintain compatibility.

Using the inputs context in GitHub Actions

For questions, visit the GitHub Actions community

To see what's next for Actions, visit our public roadmap

GitHub secret scanning protects users by searching repositories for known types of secrets. By identifying and flagging these secrets, we help protect users from data leaks and fraud associated with exposed data.

We have partnered with redirect.pizza, a domain redirection service, to scan for their API tokens and help secure our mutual users. Their API keys allow users to create, update, and delete redirects. We'll forward API tokens found in public repositories to redirect.pizza, who will notify the user by email and automatically revoke the token. More information about redirect.pizza’s API tokens can be found here.

GitHub Advanced Security customers can also scan for redirect.pizza API keys and block them from entering their private and public repositories via secret scanning’s push protection feature.

See more