chore(main): release 6.2.0 (#1806)

* chore(main): release 6.1.4

* chore: fix broken stuff from release-please improperly handling revert commits

---------

Co-authored-by: Michael Lehmann <lehmanmj@amazon.com>

.release-please-manifest.json

@@ -1,5 +1,5 @@
 {
   ".release-please-manifest.json": "4.0.2",
   "package.json": "6.0.0",
-  ".": "6.1.1"
+  ".": "6.2.0"
 }

CHANGELOG.md

@@ -2,6 +2,34 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [6.2.0](https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.3...v6.2.0) (2026-06-01)
+
+### Features
+
+* add additional session tags by default ([#1775](https://github.com/aws-actions/configure-aws-credentials/issues/1775)) ([e0ba768](https://github.com/aws-actions/configure-aws-credentials/commit/e0ba7685077379a14a82d01fefd511490344ebfc))
+* add more retry logic and better logging ([#1764](https://github.com/aws-actions/configure-aws-credentials/issues/1764)) ([540d0c1](https://github.com/aws-actions/configure-aws-credentials/commit/540d0c13aedb8d55501d220bd2f0b3cdedfe84e8))
+* add regex validation to role-session-name ([#1765](https://github.com/aws-actions/configure-aws-credentials/issues/1765)) ([e354499](https://github.com/aws-actions/configure-aws-credentials/commit/e35449909c6ede5083a48ba4b8bbfaaa1cf09ba1))
+* Allow custom session tags to be passed when assuming a role ([#1759](https://github.com/aws-actions/configure-aws-credentials/issues/1759)) ([61f50f6](https://github.com/aws-actions/configure-aws-credentials/commit/61f50f630f383628add73c1eab3f1935ba07da2b))
+* expose run id in STS client user-agent ([#1774](https://github.com/aws-actions/configure-aws-credentials/issues/1774)) ([29d1be3](https://github.com/aws-actions/configure-aws-credentials/commit/29d1be30273e7ef371d59fccf6ec54572c64ec89))
+* support custom STS endpoints ([#1762](https://github.com/aws-actions/configure-aws-credentials/issues/1762)) ([8d52d05](https://github.com/aws-actions/configure-aws-credentials/commit/8d52d05d7a4521fa52b39de50cb6114b12e5c332))
+
+### Bug Fixes
+
+* skip credential check on output-env-credentials: false ([#1778](https://github.com/aws-actions/configure-aws-credentials/issues/1778)) ([58e7c47](https://github.com/aws-actions/configure-aws-credentials/commit/58e7c47adf77846879008deadfeeef8a6969fe6c))
+* assumeRole failing from session tag size too large ([#1808](https://github.com/aws-actions/configure-aws-credentials/issues/1808)) ([d6f5dc3](https://github.com/aws-actions/configure-aws-credentials/commit/d6f5dc331b44474b19a52caaf85fa4d637b13c8e))
+
+## [6.1.3](https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.2...v6.1.3) (2026-05-28)
+
+### Bug Fixes
+
+* fix: allow kubelet token symlink in [#1805](https://github.com/aws-actions/configure-aws-credentials/issues/1805)
+
+## [6.1.2](https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.1...v6.1.2) (2026-05-26)
+
+### Bug Fixes
+
+* additional filesystem checks ([#1799](https://github.com/aws-actions/configure-aws-credentials/issues/1799)) ([c39f282](https://github.com/aws-actions/configure-aws-credentials/commit/c39f282697aca8a78c522ecf1f7da9899a31432c))
+
 ## [6.1.1](https://github.com/aws-actions/configure-aws-credentials/compare/v6.1.0...v6.1.1) (2026-05-05)
 
 

README.md

@@ -168,6 +168,7 @@ detail.
 | role-session-name             | Defaults to "GitHubActions", but may be changed if required.                                                                                                                                                                                                                                                                                                                                                                            | No       |
 | role-skip-session-tagging     | Skips session tagging if set.                                                                                                                                                                                                                                                                                                                                                                                                           | No       |
 | transitive-tag-keys           | Define a list of transitive tag keys to pass when assuming a role.                                                                                                                                                                                                                                                                                                                                                                      | No       |
+| custom-tags                   | Additional tags to apply to the assumed role session. Must be a JSON object provided as a string. Custom tags are not usable with OIDC or web identity token authentication.                                                                                                                                                                                                                                                            | No       |
 | inline-session-policy         | You may further restrict the assumed role policy by defining an inline policy here.                                                                                                                                                                                                                                                                                                                                                     | No       |
 | managed-session-policies      | You may further restrict the assumed role policy by specifying a managed policy here.                                                                                                                                                                                                                                                                                                                                                   | No       |
 | output-credentials            | When set, outputs fetched credentials as action step output. (Outputs aws-access-key-id, aws-secret-access-key, aws-session-token, aws-account-id, authenticated-arn, and aws-expiration). Defaults to false.                                                                                                                                                                                                                           | No       |
@@ -180,6 +181,8 @@ detail.
 | allowed-account-ids           | A comma-delimited list of expected AWS account IDs. The action will fail if we receive credentials for the wrong account.                                                                                                                                                                                                                                                                                                               | No       |
 | force-skip-oidc               | When set, the action will skip using GitHub OIDC provider even if the id-token permission is set.                                                                                                                                                                                                                                                                                                                                       | No       |
 | action-timeout-s              | Global timeout for the action in seconds. If set to a value greater than 0, the action will fail if it takes longer than this time to complete.                                                                                                                                                                                                                                                                                         | No       |
+| no-proxy                      |  Hosts to skip for the proxy configuration.                                                                                                                                                                                                                                                                                                                                                                                             | No       |
+| sts-endpoint                  | Custom STS endpoint URL. Use this to point to an STS-compatible API (e.g. MinIO, LocalStack) instead of the default AWS STS endpoint for the region.                                                                                                                                                                                                                                                                                    | No       |
 
 </details>
 
@@ -350,8 +353,7 @@ documentation for `GITHUB_` environment variable definitions][gh-env-vars])
 [gh-env-vars]:
   https://docs.github.com/en/actions/reference/workflows-and-actions/variables#default-environment-variables
 
-**Protected tags** are always emitted when session tags are used, and cannot be
-overridden via `custom-tags`:
+**Default tags** are always emitted when session tags are used.
 
 | Key        | Value             |
 | ---------- | ----------------- |
@@ -363,21 +365,24 @@ overridden via `custom-tags`:
 | Commit     | GITHUB_SHA        |
 | Branch     | GITHUB_REF        |
 
-**Overrideable tags** are automatically added to the set of default session tags
-but may be overridden via `custom-tags`. AWS has a maximum limit of 50 session
-tags; tags from this list are dropped in reverse priority order if your
-`custom-tags` set plus the protected set exceeds this limit.
+**Droppable tags** are automatically added to the set of default session tags.
+If the session tags exceed the [packed size limit][packed-size-limit], these
+tags will be dropped, and the AssumeRole call will be retried. If it still
+fails, the action will error out. (It is difficult to predict the packed size
+before making the call, as session tags and session policies are compressed into
+a binary format as part of the call.)
 
-| Key             | Value                   | Priority |
-| --------------- | ----------------------- | -------- |
-| EventName       | GITHUB_EVENT_NAME       | 1        |
-| BaseRef         | GITHUB_BASE_REF         | 2        |
-| HeadRef         | GITHUB_HEAD_REF         | 3        |
-| RefName         | GITHUB_REF_NAME         | 4        |
-| RunId           | GITHUB_RUN_ID           | 5        |
-| RefType         | GITHUB_REF_TYPE         | 6        |
-| Job             | GITHUB_JOB              | 7        |
-| TriggeringActor | GITHUB_TRIGGERING_ACTOR | 8        |
+[packed-size-limit]:
+  https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_know
+
+| Key             | Value                   |
+| --------------- | ----------------------- |
+| EventName       | GITHUB_EVENT_NAME       |
+| BaseRef         | GITHUB_BASE_REF         |
+| HeadRef         | GITHUB_HEAD_REF         |
+| RunId           | GITHUB_RUN_ID           |
+| Job             | GITHUB_JOB              |
+| TriggeringActor | GITHUB_TRIGGERING_ACTOR |
 
 Tags whose source environment variable is unset are omitted (e.g., `BaseRef` and
 `HeadRef` are only set on `pull_request` events).
@@ -385,21 +390,21 @@ Tags whose source environment variable is unset are omitted (e.g., `BaseRef` and
 _Note: all tag values must conform to
 [the tag requirements][sts-tag-requirements].
 Values longer than 256 characters will be truncated, and characters outside the
-allowed set will be replaced with an underscore (`_`).\_
+allowed set will be replaced with an underscore (`_`)._
 
 [sts-tag-requirements]:
   https://docs.aws.amazon.com/STS/latest/APIReference/API_Tag.html
 
-The action will use session tagging by default unless you are using OIDC.
+The action will use session tagging by default unless you are using OIDC or a
+Web Identify Token File.
 
 To [forward session tags to subsequent sessions in a role
-chain][session-tag-chaining], you can use
+chain][session-tag-chaining], you can use the `transitive-tag-keys` input to
+specify the keys of the tags to be passed.
 
 [session-tag-chaining]:
   https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining
 
-the `transitive-tag-keys` input to specify the keys of the tags to be passed.
-
 _Note that all subsequent roles in the chain must have
 `role-skip-session-tagging` set to `true`_
 
@@ -416,9 +421,10 @@ with:
 ### Custom session tags
 
 You can add custom session tags using the `custom-tags` input, which accepts a
-JSON object. Custom tags cannot override protected tags, but they can override
-overrideable tags (in which case the overrideable tag's slot is freed for the
-next overrideable tag in the priority list, if any).
+JSON object. Custom tags cannot override existing tags. Note that AWS allows a
+maximum of 50 tags (so you can supply a maximum of 43 custom tags), although it
+is likely that you will exceed the [packed size limit][packed-size-limit]
+before you exceed the maximum number of tags.
 
 ```yaml
 uses: aws-actions/configure-aws-credentials@v6
@@ -584,7 +590,7 @@ claims ([1][gh-blog-oidc], [2][sub-claim-custom]).
 
 > **Warning:** Avoid `ForAllValues:` in `Allow` statements. These operators
 > return true when the claim is absent or misspelled, which can lead to
-> uninended access. Instead, use `StringEquals` or `StringLike` operators to
+> unintended access. Instead, use `StringEquals` or `StringLike` operators to
 > check for specific claim values.
 
 [least-privilege]:
@@ -617,6 +623,35 @@ For further information on OIDC and GitHub Actions, please see:
 - [GitHub docs: Configuring OpenID Connect in Amazon Web Services](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services)
 - [GitHub changelog: GitHub Actions: Secure cloud deployments with OpenID Connect](https://github.blog/changelog/2021-10-27-github-actions-secure-cloud-deployments-with-openid-connect/)
 
+## Getting Credentials in AWS Self-Hosted Runners
+
+If you are running GitHub Actions in a self-hosted runner using an AWS Service
+(such as Codebuild or EKS) and you have properly configured the service,
+credentials should be available by default; the AWS CLI will fetch credentials
+using the AWS_CONTAINER_CREDENTIALS_FULL_URI or
+AWS_CONTAINER_CREDENTIALS_RELATIVE_URI environment variables. However, you may
+still want to use this action if you need to export those credentials for use
+with other tools in your workflow. You may also want to use this action in
+scenarios where you need to use that 'default' role to assume another role.
+
+To export credentials, simply run the action with `role-to-assume` set to the
+default role of the container.
+
+To assume another role from the container's default role, use the
+`role-chaining: true` flag, so that the action fetches the default credentials
+from the environment before assuming the other role.
+
+If you are using EKS Pod Identities and encountering an error related to the
+packed size of session tags, you must either run the action with
+`role-skip-session-tagging: true` to disable the tags set by the action, or
+[disable EKS session tagging][eks-disable-session-tagging] in the EKS settings
+to disable the tags that are automatically set by the EKS Pod Identity Service.
+Check the values of the action's session tags and the session tags that are
+added by EKS so you can keep the set of tags which is more useful to you.
+
+[eks-disable-session-tagging]:
+  https://docs.aws.amazon.com/eks/latest/userguide/pod-id-abac.html#pod-id-abac-tags
+
 ## Compatibility with non-GitHub Actions environments
 
 This action has been sucessfully tested with

THIRD-PARTY

@@ -855,7 +855,7 @@ Apache License
 The following npm packages may be included in this product:
 
  - @aws-sdk/signature-v4-multi-region@3.996.27
- - @smithy/core@3.24.3
+ - @smithy/core@3.24.5
  - @smithy/types@4.14.2
 
 These packages each contain the following license:
@@ -1254,7 +1254,7 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 The following npm package may be included in this product:
 
- - @aws-sdk/core@3.974.12
+ - @aws-sdk/core@3.974.15
 
 This package contains the following license:
 
@@ -1674,18 +1674,18 @@ Apache License
 
 The following npm packages may be included in this product:
 
- - @aws-sdk/credential-provider-env@3.972.38
+ - @aws-sdk/credential-provider-env@3.972.41
  - @aws-sdk/credential-provider-ini@3.972.42
  - @aws-sdk/credential-provider-node@3.972.43
  - @aws-sdk/token-providers@3.1049.0
- - @aws-sdk/types@3.973.8
+ - @aws-sdk/types@3.973.9
  - @aws-sdk/util-locate-window@3.965.5
- - @aws-sdk/xml-builder@3.972.24
+ - @aws-sdk/xml-builder@3.972.26
  - @smithy/credential-provider-imds@4.3.3
  - @smithy/fetch-http-handler@5.4.3
  - @smithy/is-array-buffer@2.2.0
  - @smithy/node-http-handler@4.7.3
- - @smithy/signature-v4@5.4.3
+ - @smithy/signature-v4@5.4.5
  - @smithy/util-buffer-from@2.2.0
  - @smithy/util-utf8@2.3.0
 
@@ -2335,7 +2335,7 @@ THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 The following npm packages may be included in this product:
 
- - @nodable/entities@2.1.0
+ - @nodable/entities@2.1.1
  - quickjs-wasi@2.2.0
  - xml-naming@0.1.0
 

dist/cleanup/index.js

@@ -5707,7 +5707,7 @@ var require_client_h1 = __commonJS({
       kResume,
       kHTTPContext
     } = require_symbols();
-    var constants3 = require_constants2();
+    var constants4 = require_constants2();
     var EMPTY_BUF = Buffer.alloc(0);
     var FastBuffer = Buffer[Symbol.species];
     var addListener = util.addListener;
@@ -5779,7 +5779,7 @@ var require_client_h1 = __commonJS({
       constructor(client, socket, { exports: exports3 }) {
         assert(Number.isFinite(client[kMaxHeadersSize]) && client[kMaxHeadersSize] > 0);
         this.llhttp = exports3;
-        this.ptr = this.llhttp.llhttp_alloc(constants3.TYPE.RESPONSE);
+        this.ptr = this.llhttp.llhttp_alloc(constants4.TYPE.RESPONSE);
         this.client = client;
         this.socket = socket;
         this.timeout = null;
@@ -5874,19 +5874,19 @@ var require_client_h1 = __commonJS({
             currentBufferRef = null;
           }
           const offset = llhttp.llhttp_get_error_pos(this.ptr) - currentBufferPtr;
-          if (ret === constants3.ERROR.PAUSED_UPGRADE) {
+          if (ret === constants4.ERROR.PAUSED_UPGRADE) {
             this.onUpgrade(data.slice(offset));
-          } else if (ret === constants3.ERROR.PAUSED) {
+          } else if (ret === constants4.ERROR.PAUSED) {
             this.paused = true;
             socket.unshift(data.slice(offset));
-          } else if (ret !== constants3.ERROR.OK) {
+          } else if (ret !== constants4.ERROR.OK) {
             const ptr = llhttp.llhttp_get_error_reason(this.ptr);
             let message = "";
             if (ptr) {
               const len = new Uint8Array(llhttp.memory.buffer, ptr).indexOf(0);
               message = "Response does not match the HTTP/1.1 protocol (" + Buffer.from(llhttp.memory.buffer, ptr, len).toString() + ")";
             }
-            throw new HTTPParserError(message, constants3.ERROR[ret], data.slice(offset));
+            throw new HTTPParserError(message, constants4.ERROR[ret], data.slice(offset));
           }
         } catch (err) {
           util.destroy(socket, err);
@@ -6061,7 +6061,7 @@ var require_client_h1 = __commonJS({
           socket[kBlocking] = false;
           client[kResume]();
         }
-        return pause ? constants3.ERROR.PAUSED : 0;
+        return pause ? constants4.ERROR.PAUSED : 0;
       }
       onBody(buf) {
         const { client, socket, statusCode, maxResponseSize } = this;
@@ -6083,7 +6083,7 @@ var require_client_h1 = __commonJS({
         }
         this.bytesRead += buf.length;
         if (request.onData(buf) === false) {
-          return constants3.ERROR.PAUSED;
+          return constants4.ERROR.PAUSED;
         }
       }
       onMessageComplete() {
@@ -6118,13 +6118,13 @@ var require_client_h1 = __commonJS({
         if (socket[kWriting]) {
           assert(client[kRunning] === 0);
           util.destroy(socket, new InformationalError("reset"));
-          return constants3.ERROR.PAUSED;
+          return constants4.ERROR.PAUSED;
         } else if (!shouldKeepAlive) {
           util.destroy(socket, new InformationalError("reset"));
-          return constants3.ERROR.PAUSED;
+          return constants4.ERROR.PAUSED;
         } else if (socket[kReset] && client[kRunning] === 0) {
           util.destroy(socket, new InformationalError("reset"));
-          return constants3.ERROR.PAUSED;
+          return constants4.ERROR.PAUSED;
         } else if (client[kPipelining] == null || client[kPipelining] === 1) {
           setImmediate(() => client[kResume]());
         } else {
@@ -19128,6 +19128,7 @@ function error(message, properties = {}) {
 }
 
 // src/helpers.ts
+var fs3 = __toESM(require("node:fs"));
 function errorMessage(error2) {
   return error2 instanceof Error ? error2.message : String(error2);
 }
@@ -19145,6 +19146,7 @@ function getBooleanInput(name, options) {
 Support boolean input list: \`true | True | TRUE | false | False | FALSE\``
   );
 }
+var O_NOFOLLOW = fs3.constants.O_NOFOLLOW ?? 0;
 
 // src/cleanup/index.ts
 function cleanup() {

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "configure-aws-credentials",
-  "version": "6.1.1",
+  "version": "6.2.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "configure-aws-credentials",
-      "version": "6.1.1",
+      "version": "6.2.0",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^3.0.1",
@@ -15,11 +15,11 @@
         "proxy-agent": "^8.0.1"
       },
       "devDependencies": {
-        "@aws-sdk/credential-provider-env": "^3.972.38",
+        "@aws-sdk/credential-provider-env": "^3.972.39",
         "@biomejs/biome": "2.4.15",
-        "@smithy/property-provider": "^4.3.3",
-        "@types/node": "^25.9.0",
-        "@vitest/coverage-v8": "^4.1.6",
+        "@smithy/property-provider": "^4.3.4",
+        "@types/node": "^25.9.1",
+        "@vitest/coverage-v8": "4.1.5",
         "aws-sdk-client-mock": "^4.1.0",
         "esbuild": "^0.28.0",
         "generate-license-file": "^4.1.1",
@@ -28,7 +28,7 @@
         "memfs": "^4.57.2",
         "standard-version": "^9.5.0",
         "typescript": "^6.0.3",
-        "vitest": "^4.1.5"
+        "vitest": "4.1.5"
       },
       "engines": {
         "node": ">= 16.3.0"
@@ -155,17 +155,17 @@
       }
     },
     "node_modules/@aws-sdk/core": {
-      "version": "3.974.12",
-      "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.974.12.tgz",
-      "integrity": "sha512-qrqgioqYFjwR6LatVNS1L2Vk++EwRIxqSQXPKNv5Ofux2D8UNgqMQ1znnMyEImXquVPTtbf71fc128pvmU6y9A==",
+      "version": "3.974.15",
+      "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.974.15.tgz",
+      "integrity": "sha512-UpA0rTGW/tHGITcCqHisbuuEPraYg9GG+mWmXjY5+RxZBMLGe6aL9oe0ix50LztwAcPIkGZLH0yWdMIkCM10hw==",
       "license": "Apache-2.0",
       "dependencies": {
-        "@aws-sdk/types": "^3.973.8",
-        "@aws-sdk/xml-builder": "^3.972.24",
+        "@aws-sdk/types": "^3.973.9",
+        "@aws-sdk/xml-builder": "^3.972.26",
         "@aws/lambda-invoke-store": "^0.2.2",
-        "@smithy/core": "^3.24.2",
-        "@smithy/signature-v4": "^5.4.2",
-        "@smithy/types": "^4.14.1",
+        "@smithy/core": "^3.24.5",
+        "@smithy/signature-v4": "^5.4.5",
+        "@smithy/types": "^4.14.2",
         "bowser": "^2.11.0",
         "tslib": "^2.6.2"
       },
@@ -174,15 +174,15 @@
       }
     },
     "node_modules/@aws-sdk/credential-provider-env": {
-      "version": "3.972.38",
-      "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.972.38.tgz",
-      "integrity": "sha512-m3WjZEgPtioMhPmwqUt+DhlTJ2i9ufR6DhfkyXojb9puEvfR+ur2U5shavu5/Cc9WHHsDCvALi6UFHgcqjhQ5w==",
+      "version": "3.972.41",
+      "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-env/-/credential-provider-env-3.972.41.tgz",
+      "integrity": "sha512-n1EbJ98yvPWWdHZZv8bRBMqqDQJrtgtxyJ4xLy2Uqrh25BCOZQ7nnS1CsFXvuH8r0b0KVHDZEGEH5FxmEMP8jg==",
       "license": "Apache-2.0",
       "dependencies": {
-        "@aws-sdk/core": "^3.974.12",
-        "@aws-sdk/types": "^3.973.8",
-        "@smithy/core": "^3.24.2",
-        "@smithy/types": "^4.14.1",
+        "@aws-sdk/core": "^3.974.15",
+        "@aws-sdk/types": "^3.973.9",
+        "@smithy/core": "^3.24.5",
+        "@smithy/types": "^4.14.2",
         "tslib": "^2.6.2"
       },
       "engines": {
@@ -376,12 +376,12 @@
       }
     },
     "node_modules/@aws-sdk/types": {
-      "version": "3.973.8",
-      "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.973.8.tgz",
-      "integrity": "sha512-gjlAdtHMbtR9X5iIhVUvbVcy55KnznpC6bkDUWW9z915bi0ckdUr5cjf16Kp6xq0bP5HBD2xzgbL9F9Quv5vUw==",
+      "version": "3.973.9",
+      "resolved": "https://registry.npmjs.org/@aws-sdk/types/-/types-3.973.9.tgz",
+      "integrity": "sha512-kuBfgQVdcz5Bmapc4A13YbpVw/pXkesfhetcFYwbntqas8sF41OHyd4o28+/TG2ZQdHBsv90Lsu5y6oitvYCdg==",
       "license": "Apache-2.0",
       "dependencies": {
-        "@smithy/types": "^4.14.1",
+        "@smithy/types": "^4.14.2",
         "tslib": "^2.6.2"
       },
       "engines": {
@@ -401,13 +401,12 @@
       }
     },
     "node_modules/@aws-sdk/xml-builder": {
-      "version": "3.972.24",
-      "resolved": "https://registry.npmjs.org/@aws-sdk/xml-builder/-/xml-builder-3.972.24.tgz",
-      "integrity": "sha512-V8z5YcDPfsvzrBlj0xR1vhRtocblhYbqdreCJB/voGd4Sr5zjNAeWxexbnqVtskTJe0vFb5KMqbSL++ePl+zRw==",
+      "version": "3.972.26",
+      "resolved": "https://registry.npmjs.org/@aws-sdk/xml-builder/-/xml-builder-3.972.26.tgz",
+      "integrity": "sha512-cDbrqvDS73whl6YAPSPq0U6whzG6UWI9PuWh0wrUuGoZexhWEqhdunbukV7iBoaWnFV1AODutM5hOD6rtn439g==",
       "license": "Apache-2.0",
       "dependencies": {
-        "@nodable/entities": "2.1.0",
-        "@smithy/types": "^4.14.1",
+        "@smithy/types": "^4.14.2",
         "fast-xml-parser": "5.7.3",
         "tslib": "^2.6.2"
       },
@@ -1683,9 +1682,9 @@
       }
     },
     "node_modules/@nodable/entities": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/@nodable/entities/-/entities-2.1.0.tgz",
-      "integrity": "sha512-nyT7T3nbMyBI/lvr6L5TyWbFJAI9FTgVRakNoBqCD+PmID8DzFrrNdLLtHMwMszOtqZa8PAOV24ZqDnQrhQINA==",
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/@nodable/entities/-/entities-2.1.1.tgz",
+      "integrity": "sha512-Pig3HxDIoMgjdEH8OCf/dkcTmLFjJRjWuq8jSnklu284/TKOPibSRERmOykiwmyXTtv61mP+44f3GMx0tLAyjg==",
       "funding": [
         {
           "type": "github",
@@ -1972,9 +1971,9 @@
       }
     },
     "node_modules/@oxc-project/types": {
-      "version": "0.129.0",
-      "resolved": "https://registry.npmjs.org/@oxc-project/types/-/types-0.129.0.tgz",
-      "integrity": "sha512-3oz8m3FGdr2nDXVqmFUw7jolKliC4MoyXYIG2c7gpjBnzUWQpUGIYcXYKxTdTi+N2jusvt610ckTMkxdwHkYEg==",
+      "version": "0.132.0",
+      "resolved": "https://registry.npmjs.org/@oxc-project/types/-/types-0.132.0.tgz",
+      "integrity": "sha512-FESMOxil5Se014ui/Eq8fT5uHJo6nIRwH0PfJrZJXs6Gek3ZVFOrpUv3YIZT20m+extU98Hg1Ym72U58rlsxUQ==",
       "dev": true,
       "license": "MIT",
       "funding": {
@@ -1982,9 +1981,9 @@
       }
     },
     "node_modules/@rolldown/binding-android-arm64": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-android-arm64/-/binding-android-arm64-1.0.0.tgz",
-      "integrity": "sha512-TWMZnRLMe63C2Lhyicviu7ZHaU4kxa6PS3rofvc9GmcvptzNN11BcfQ4Sl7MwTOsisQoa2keB/EBdNCAnUo8vA==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-android-arm64/-/binding-android-arm64-1.0.2.tgz",
+      "integrity": "sha512-ZS4D1JPGn/MYQN/SYDWftIE/nVsM8j/AFOYEzAoOE2O3NktQOZru+/vYXGbR/qtdLdIfGCP0lcoJiYVzsEz+iQ==",
       "cpu": [
         "arm64"
       ],
@@ -1999,9 +1998,9 @@
       }
     },
     "node_modules/@rolldown/binding-darwin-arm64": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-darwin-arm64/-/binding-darwin-arm64-1.0.0.tgz",
-      "integrity": "sha512-6XcD+8k0gPVItNagEw78/qqcBDwKcwDYS8V2hRmVsfUSIrd8cWe/CBvRDI5toqFyPfj+FJr6t8U6Xj2P2prEew==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-darwin-arm64/-/binding-darwin-arm64-1.0.2.tgz",
+      "integrity": "sha512-vdFA9+C/rekyGce7WqHs/xoT0ioZEWaOFyZLIV1mEeNFaFDUQrPIo8Vs2GvJ6eetb3rzDUtUBgzto3ExpXJB3w==",
       "cpu": [
         "arm64"
       ],
@@ -2016,9 +2015,9 @@
       }
     },
     "node_modules/@rolldown/binding-darwin-x64": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-darwin-x64/-/binding-darwin-x64-1.0.0.tgz",
-      "integrity": "sha512-iN/tWVXRQDWvmZlKdceP1Dwug9GDpEymhb9p4xnEe6zvCg5lFmzVljl+1qR1NVx3yfGpr2Na+CuLmv5IU8uzfQ==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-darwin-x64/-/binding-darwin-x64-1.0.2.tgz",
+      "integrity": "sha512-BewSOwTHazv77DTYiAZXSqqKZ4KP/KonFisDMVU7PImxoWfB2aepnPhd2E4SWz3zDzYgDNbs6jBmTdgNnF02GA==",
       "cpu": [
         "x64"
       ],
@@ -2033,9 +2032,9 @@
       }
     },
     "node_modules/@rolldown/binding-freebsd-x64": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-freebsd-x64/-/binding-freebsd-x64-1.0.0.tgz",
-      "integrity": "sha512-jjQMDvvwSOuhOwMszD/klSOjyWMM3zI64hWTj9KT5x4MxRbZAf+7vLQ6qouRhtsLVFHr3f0ILaJAfgENPiQdAQ==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-freebsd-x64/-/binding-freebsd-x64-1.0.2.tgz",
+      "integrity": "sha512-m41o7M0YWtUdqk61Tb+jnKb2rN++iRdIASlExkUoKfIAH30DOHCB8fVLzSUpbWHHU8esmEioY62PxzexE8MBuA==",
       "cpu": [
         "x64"
       ],
@@ -2050,9 +2049,9 @@
       }
     },
     "node_modules/@rolldown/binding-linux-arm-gnueabihf": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-arm-gnueabihf/-/binding-linux-arm-gnueabihf-1.0.0.tgz",
-      "integrity": "sha512-d//Dtg2x6/m3mbV64yUGNnDGNZaDGRpDLLNGerHQUVObuNaIQaaDp25yUiqGXtHEXX+NP2d0wAlmKgpYgIAJ2A==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-arm-gnueabihf/-/binding-linux-arm-gnueabihf-1.0.2.tgz",
+      "integrity": "sha512-jcojB9H7W/jS29pMKWAK1N+fU99vXodHDTatS3b3y/XSOCiHo0kkA74pL3jJmkoQtYpOCxDvaKs1fo2Ij/1X5w==",
       "cpu": [
         "arm"
       ],
@@ -2067,13 +2066,16 @@
       }
     },
     "node_modules/@rolldown/binding-linux-arm64-gnu": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-arm64-gnu/-/binding-linux-arm64-gnu-1.0.0.tgz",
-      "integrity": "sha512-n7Ofp0mx+aB2cC+Sdy5YtMnXtY9lchnHbY+3Yt0uq9JsWQExf4f5Whu0tK0R8Jdc9S6RchTHjIFY7uc92puOVQ==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-arm64-gnu/-/binding-linux-arm64-gnu-1.0.2.tgz",
+      "integrity": "sha512-1jn6qDU5iiOgFgygDzKUuKP0maTi0/f1+sBLgvij/76C77Nm3ts6ufz9Bjg5q5dduxiUIxtq86JIoBvo1xQ4Ig==",
       "cpu": [
         "arm64"
       ],
       "dev": true,
+      "libc": [
+        "glibc"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2084,13 +2086,16 @@
       }
     },
     "node_modules/@rolldown/binding-linux-arm64-musl": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-arm64-musl/-/binding-linux-arm64-musl-1.0.0.tgz",
-      "integrity": "sha512-EIVjy2cgd7uuMMo94FVkBp7F6DhcZAUwNURkSG3RwUmvAXR6s0ISxM81U+IydcZByPG0pZIHsf1b6kTxoFDgJA==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-arm64-musl/-/binding-linux-arm64-musl-1.0.2.tgz",
+      "integrity": "sha512-QVLO/czFMdoMFSqlX3bcswcJNm/23r+qoa/jgtmFc/qEp6/jXmIkDjF/XIo8dPfGaiwy1xfQn8o77L79GeXFgw==",
       "cpu": [
         "arm64"
       ],
       "dev": true,
+      "libc": [
+        "musl"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2101,13 +2106,16 @@
       }
     },
     "node_modules/@rolldown/binding-linux-ppc64-gnu": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-ppc64-gnu/-/binding-linux-ppc64-gnu-1.0.0.tgz",
-      "integrity": "sha512-JEwwOPcwTLAcpDQlqSmjEmfs63xJnSiUNIGvLcDLUHCWK4XowpS/7c7tUsUH6uT/ct6bMUTdXKfI8967FYj6mg==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-ppc64-gnu/-/binding-linux-ppc64-gnu-1.0.2.tgz",
+      "integrity": "sha512-hgO5Abm0w5UL6FEa2iFnZqo2KlK7TQ5QhV5x09hujBf7t5KzHQ1VmfPuTpqRy/rNlSxua3eWH374xxiVrP+lcA==",
       "cpu": [
         "ppc64"
       ],
       "dev": true,
+      "libc": [
+        "glibc"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2118,13 +2126,16 @@
       }
     },
     "node_modules/@rolldown/binding-linux-s390x-gnu": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-s390x-gnu/-/binding-linux-s390x-gnu-1.0.0.tgz",
-      "integrity": "sha512-0wjCFhLrihtAubnT9iA0N++0pSV0z5Hg7tNGdNJ4RFaINceHadoF+kiFGyY1qSSNVIAZtLotG8Ju1bgDPkjnFA==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-s390x-gnu/-/binding-linux-s390x-gnu-1.0.2.tgz",
+      "integrity": "sha512-fy8rXxuYEu602abC8MUNaPjYLIFzReOaEIEMKMUa0rFEUxNpVXhs15KSSQ4qlqSaM7B6rcj9rDZgADh/IGDzLQ==",
       "cpu": [
         "s390x"
       ],
       "dev": true,
+      "libc": [
+        "glibc"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2135,13 +2146,16 @@
       }
     },
     "node_modules/@rolldown/binding-linux-x64-gnu": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-x64-gnu/-/binding-linux-x64-gnu-1.0.0.tgz",
-      "integrity": "sha512-Dfn7iak9BcMMePxcoJfpSbWqnEyrp/dRF63/8qW/eHBdOZov6x5aShLLEYGYdIeSJ6vMLK/XCVB+lGIxm41bQA==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-x64-gnu/-/binding-linux-x64-gnu-1.0.2.tgz",
+      "integrity": "sha512-0+bOkiQ779+r1WpoHOWHqncvyySci0vKph+myNDYb+im6meJAzHQXay6oEgnkHuUGouM1LKTZwqKpBow6Kj7CQ==",
       "cpu": [
         "x64"
       ],
       "dev": true,
+      "libc": [
+        "glibc"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2152,13 +2166,16 @@
       }
     },
     "node_modules/@rolldown/binding-linux-x64-musl": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-x64-musl/-/binding-linux-x64-musl-1.0.0.tgz",
-      "integrity": "sha512-5/utzzDmD/pD/bmuaUcbTf/sZYy0aztwIVlfpoW1fTjCZ0BaPOMVWGZL1zvgxyi7ZIVYWlxKONHmSbHuiOh8Jw==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-linux-x64-musl/-/binding-linux-x64-musl-1.0.2.tgz",
+      "integrity": "sha512-mjSkrzZK5Qsl0a9d1JgILOiuZOSDTVdKENcSXBoqbzSrspLR/4/IRVDo5wd2GgZjNss/viBFJdeq+j7qH2nypw==",
       "cpu": [
         "x64"
       ],
       "dev": true,
+      "libc": [
+        "musl"
+      ],
       "license": "MIT",
       "optional": true,
       "os": [
@@ -2169,9 +2186,9 @@
       }
     },
     "node_modules/@rolldown/binding-openharmony-arm64": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-openharmony-arm64/-/binding-openharmony-arm64-1.0.0.tgz",
-      "integrity": "sha512-ouJs8VcUomfLfpbUECqFMRqdV4x6aeAK3MA4m6vTrJJjKyWTV5KnxZx7Jd9G+GlDaQQxubcba00x16OyJ1meig==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-openharmony-arm64/-/binding-openharmony-arm64-1.0.2.tgz",
+      "integrity": "sha512-1v5vHasdfQAZoEHakBV72LIFAC9JjnymsiKxp+GEr/ma3+NJCPSaYK+qavInOovJkgwFrs7GccX2d6IgDA3Z5w==",
       "cpu": [
         "arm64"
       ],
@@ -2186,9 +2203,9 @@
       }
     },
     "node_modules/@rolldown/binding-wasm32-wasi": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-wasm32-wasi/-/binding-wasm32-wasi-1.0.0.tgz",
-      "integrity": "sha512-E+oHKGiDA+lsKMmFtffDDw91EryDT7uJocrIuCHqhm6bCTM6xFK+3gaCkYOHfPwQr0cCNarSM2xaELoQDz9jJg==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-wasm32-wasi/-/binding-wasm32-wasi-1.0.2.tgz",
+      "integrity": "sha512-mb1VobWn6NheziTk5/WEaR6AKVbrwT5sOi6C7zk3gy/pD1qtJfU1j4PgTo2NJnOtbL9Dl3Aeei8w9jJ7qC2jZQ==",
       "cpu": [
         "wasm32"
       ],
@@ -2205,9 +2222,9 @@
       }
     },
     "node_modules/@rolldown/binding-win32-arm64-msvc": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-win32-arm64-msvc/-/binding-win32-arm64-msvc-1.0.0.tgz",
-      "integrity": "sha512-yYK02n8Rngo+gbm1y6G0+7jk1sJ/2Wt7K0me0Y7k/ErBpyf+LJ2gFpqWVTcRV1rUepBlQRmpgWkTQCiiwrK0Ow==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-win32-arm64-msvc/-/binding-win32-arm64-msvc-1.0.2.tgz",
+      "integrity": "sha512-SqKonF56vA/L2yHwHYcEp2P34URpOZ7d1fS635cTkpDnUtEGdUbhI6NzsPdqeSWvAAeGDrxjWjNmibDIdFf9/A==",
       "cpu": [
         "arm64"
       ],
@@ -2222,9 +2239,9 @@
       }
     },
     "node_modules/@rolldown/binding-win32-x64-msvc": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/binding-win32-x64-msvc/-/binding-win32-x64-msvc-1.0.0.tgz",
-      "integrity": "sha512-14bpChMahXRRXiTwahSl+zzHPW6qQTXtkMuJBFlbo+pqSAews2d4BdCSHfrJ/MBsCZtpmTafsY+1QhBzitcmdg==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@rolldown/binding-win32-x64-msvc/-/binding-win32-x64-msvc-1.0.2.tgz",
+      "integrity": "sha512-v7qRI7gXLRINcOGXt+7YmAZ6iFuyZVMIoXAxhd8oP+DR9dLfL9GfNIx7PLMxmhZdvq8waUJBQiWN9EKNy+TRBQ==",
       "cpu": [
         "x64"
       ],
@@ -2239,9 +2256,9 @@
       }
     },
     "node_modules/@rolldown/pluginutils": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@rolldown/pluginutils/-/pluginutils-1.0.0.tgz",
-      "integrity": "sha512-aKs/3GSWyV0mrhNmt/96/Z3yczC3yvrzYATCiCXQebBsGyYzjNdUphRVLeJQ67ySKVXRfMxt2lm12pmXvbPFQQ==",
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/@rolldown/pluginutils/-/pluginutils-1.0.1.tgz",
+      "integrity": "sha512-2j9bGt5Jh8hj+vPtgzPtl72j0yRxHAyumoo6TNfAjsLB04UtpSvPbPcDcBMxz7n+9CYB0c1GxQFxYRg2jimqGw==",
       "dev": true,
       "license": "MIT"
     },
@@ -2367,9 +2384,9 @@
       }
     },
     "node_modules/@smithy/core": {
-      "version": "3.24.3",
-      "resolved": "https://registry.npmjs.org/@smithy/core/-/core-3.24.3.tgz",
-      "integrity": "sha512-Ep/7tPamGY8mgESE3LyLKtxJyy6U52WWAqr/3wial47Sj4u3PiIF73AOGI27UyLy9duTkhZbgzodOfLV4TduZg==",
+      "version": "3.24.5",
+      "resolved": "https://registry.npmjs.org/@smithy/core/-/core-3.24.5.tgz",
+      "integrity": "sha512-Kt8phUg45M15EjhYAbZ+fFikYneijLu9Liugz8ZsYz2i8j0hzGv27LWKpEHYRfvj+LyCOSijpcR/2i8RouV+cA==",
       "license": "Apache-2.0",
       "dependencies": {
         "@aws-crypto/crc32": "5.2.0",
@@ -2435,13 +2452,13 @@
       }
     },
     "node_modules/@smithy/property-provider": {
-      "version": "4.3.3",
-      "resolved": "https://registry.npmjs.org/@smithy/property-provider/-/property-provider-4.3.3.tgz",
-      "integrity": "sha512-nmeVi9Ww/RMyttqj1Dh0PA+iVieKm4dxDlnT6tNP118O/5U/Qqb9b3DV5A3RX+slR/m4/MABSZ2zNfSkpVV8dw==",
+      "version": "4.3.5",
+      "resolved": "https://registry.npmjs.org/@smithy/property-provider/-/property-provider-4.3.5.tgz",
+      "integrity": "sha512-QNc22/FgfEm/9/rkefShfQUVckH3HWiQ2RPs+40hwAdY65hbg88gombeHwkfMzmVDZjolcyQeyOjnxZRmpavIA==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
-        "@smithy/core": "^3.24.3",
+        "@smithy/core": "^3.24.5",
         "tslib": "^2.6.2"
       },
       "engines": {
@@ -2449,12 +2466,12 @@
       }
     },
     "node_modules/@smithy/signature-v4": {
-      "version": "5.4.3",
-      "resolved": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-5.4.3.tgz",
-      "integrity": "sha512-53+75QuPl6DL+ct6vVEB51FDO5oulXr20TPV46VvJZg76lIlXNWfxi8j+G2V/t0I2qxCBOa3vX/8bmjrpFVo9g==",
+      "version": "5.4.5",
+      "resolved": "https://registry.npmjs.org/@smithy/signature-v4/-/signature-v4-5.4.5.tgz",
+      "integrity": "sha512-QBJKWGqIknH0dc9LWpfH1mkdokAx6iXYN3UcQ3eY6uIEyScuoQAhfl94ge7ozUy9WgFUdE8xsvwBjaYBbWmPNA==",
       "license": "Apache-2.0",
       "dependencies": {
-        "@smithy/core": "^3.24.3",
+        "@smithy/core": "^3.24.5",
         "@smithy/types": "^4.14.2",
         "tslib": "^2.6.2"
       },
@@ -2599,9 +2616,9 @@
       "license": "MIT"
     },
     "node_modules/@types/node": {
-      "version": "25.9.0",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.9.0.tgz",
-      "integrity": "sha512-AOQwYUNolgy3VosiRqXrACUXTN8nJUtPl7FJXMqZVyxiiCLhQuG3jXKvCS1ALr+Y2OmZhzzLVlYPEqJaiqkaJQ==",
+      "version": "25.9.1",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-25.9.1.tgz",
+      "integrity": "sha512-xfrlY7UD5rMJk3ZVJP8BNzS28J36YJg+xp+LPXV1TdWxr8uMH5A860QNxYDGQe/ylDSgjxE52Q9VnO7p75tJxg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -2640,14 +2657,14 @@
       "license": "MIT"
     },
     "node_modules/@vitest/coverage-v8": {
-      "version": "4.1.6",
-      "resolved": "https://registry.npmjs.org/@vitest/coverage-v8/-/coverage-v8-4.1.6.tgz",
-      "integrity": "sha512-36l628fQ/9a/8ihy97eOtEnvWQEdqULQOJtcaxtoNq0G1w3Mxd4szSahOaMM9/NGyZ+hyKcMtIW/WIxq0XQViQ==",
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/@vitest/coverage-v8/-/coverage-v8-4.1.5.tgz",
+      "integrity": "sha512-38C0/Ddb7HcRG0Z4/DUem8x57d2p9jYgp18mkaYswEOQBGsI1CG4f/hjm0ZCeaJfWhSZ4k7jgs29V1Zom7Ki9A==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "@bcoe/v8-coverage": "^1.0.2",
-        "@vitest/utils": "4.1.6",
+        "@vitest/utils": "4.1.5",
         "ast-v8-to-istanbul": "^1.0.0",
         "istanbul-lib-coverage": "^3.2.2",
         "istanbul-lib-report": "^3.0.1",
@@ -2661,8 +2678,8 @@
         "url": "https://opencollective.com/vitest"
       },
       "peerDependencies": {
-        "@vitest/browser": "4.1.6",
-        "vitest": "4.1.6"
+        "@vitest/browser": "4.1.5",
+        "vitest": "4.1.5"
       },
       "peerDependenciesMeta": {
         "@vitest/browser": {
@@ -2671,16 +2688,16 @@
       }
     },
     "node_modules/@vitest/expect": {
-      "version": "4.1.6",
-      "resolved": "https://registry.npmjs.org/@vitest/expect/-/expect-4.1.6.tgz",
-      "integrity": "sha512-7EHDquPthALSV0jhhjgEW8FXaviMx7rSqu8W6oqCoAuOhKov814P99QDV1pxMA3QPv21YudvJngIhjrNI4opLg==",
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/@vitest/expect/-/expect-4.1.5.tgz",
+      "integrity": "sha512-PWBaRY5JoKuRnHlUHfpV/KohFylaDZTupcXN1H9vYryNLOnitSw60Mw9IAE2r67NbwwzBw/Cc/8q9BK3kIX8Kw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "@standard-schema/spec": "^1.1.0",
         "@types/chai": "^5.2.2",
-        "@vitest/spy": "4.1.6",
-        "@vitest/utils": "4.1.6",
+        "@vitest/spy": "4.1.5",
+        "@vitest/utils": "4.1.5",
         "chai": "^6.2.2",
         "tinyrainbow": "^3.1.0"
       },
@@ -2689,13 +2706,13 @@
       }
     },
     "node_modules/@vitest/mocker": {
-      "version": "4.1.6",
-      "resolved": "https://registry.npmjs.org/@vitest/mocker/-/mocker-4.1.6.tgz",
-      "integrity": "sha512-MCFc63czMjEInOlcY2cpQCvCN+KgbAn+60xu9cMgP4sKaLC5JNAKw7JH8QdAnoAC88hW1IiSNZ+GgVXlN1UcMQ==",
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/@vitest/mocker/-/mocker-4.1.5.tgz",
+      "integrity": "sha512-/x2EmFC4mT4NNzqvC3fmesuV97w5FC903KPmey4gsnJiMQ3Be1IlDKVaDaG8iqaLFHqJ2FVEkxZk5VmeLjIItw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/spy": "4.1.6",
+        "@vitest/spy": "4.1.5",
         "estree-walker": "^3.0.3",
         "magic-string": "^0.30.21"
       },
@@ -2716,9 +2733,9 @@
       }
     },
     "node_modules/@vitest/pretty-format": {
-      "version": "4.1.6",
-      "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.6.tgz",
-      "integrity": "sha512-h5SxD/IzNhZYnrSZRsUZQIC+vD0GY8cUvq0iwsmkFKixRCKLLWqCXa/FIQ4S1R+sI+PGoojkHsdNrbZiM9Qpgw==",
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/@vitest/pretty-format/-/pretty-format-4.1.5.tgz",
+      "integrity": "sha512-7I3q6l5qr03dVfMX2wCo9FxwSJbPdwKjy2uu/YPpU3wfHvIL4QHwVRp57OfGrDFeUJ8/8QdfBKIV12FTtLn00g==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -2729,13 +2746,13 @@
       }
     },
     "node_modules/@vitest/runner": {
-      "version": "4.1.6",
-      "resolved": "https://registry.npmjs.org/@vitest/runner/-/runner-4.1.6.tgz",
-      "integrity": "sha512-nOPCmn2+yD0ZNmKdsXGv/UxMMWbMuKeD6GyYncNwdkYDxpQvrPSKYj2rWuDjC2Y4b6w6hjip5dBKFzEUuZe3vA==",
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/@vitest/runner/-/runner-4.1.5.tgz",
+      "integrity": "sha512-2D+o7Pr82IEO46YPpoA/YU0neeyr6FTerQb5Ro7BUnBuv6NQtT/kmVnczngiMEBhzgqz2UZYl5gArejsyERDSQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/utils": "4.1.6",
+        "@vitest/utils": "4.1.5",
         "pathe": "^2.0.3"
       },
       "funding": {
@@ -2743,14 +2760,14 @@
       }
     },
     "node_modules/@vitest/snapshot": {
-      "version": "4.1.6",
-      "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-4.1.6.tgz",
-      "integrity": "sha512-YhsdE6xAVfTDmzjxL2ZDUvjj+ZsgyOKe+TdQzqkD72wIOmHka8NuGQ6NpTNZv9D2Z63fbwWKJPeVpEw4EQgYxw==",
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/@vitest/snapshot/-/snapshot-4.1.5.tgz",
+      "integrity": "sha512-zypXEt4KH/XgKGPUz4eC2AvErYx0My5hfL8oDb1HzGFpEk1P62bxSohdyOmvz+d9UJwanI68MKwr2EquOaOgMQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/pretty-format": "4.1.6",
-        "@vitest/utils": "4.1.6",
+        "@vitest/pretty-format": "4.1.5",
+        "@vitest/utils": "4.1.5",
         "magic-string": "^0.30.21",
         "pathe": "^2.0.3"
       },
@@ -2759,9 +2776,9 @@
       }
     },
     "node_modules/@vitest/spy": {
-      "version": "4.1.6",
-      "resolved": "https://registry.npmjs.org/@vitest/spy/-/spy-4.1.6.tgz",
-      "integrity": "sha512-JFKxMx6udhwKh/Ldo270e17QX710vgunMkuPAvXjHSvC6oqLWAHhVhjg/I71q0u0CBSErIODV1Kjv0FQNSWjdg==",
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/@vitest/spy/-/spy-4.1.5.tgz",
+      "integrity": "sha512-2lNOsh6+R2Idnf1TCZqSwYlKN2E/iDlD8sgU59kYVl+OMDmvldO1VDk39smRfpUNwYpNRVn3w4YfuC7KfbBnkQ==",
       "dev": true,
       "license": "MIT",
       "funding": {
@@ -2769,13 +2786,13 @@
       }
     },
     "node_modules/@vitest/utils": {
-      "version": "4.1.6",
-      "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-4.1.6.tgz",
-      "integrity": "sha512-FxIY+U81R3LGKCxaHHFRQ5+g6/iRgGLmeHWdp2Amj4ljQRrEIWHmZyDfDYBRZlpyqA7qKxtS9DD1dhk8RnRIVQ==",
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/@vitest/utils/-/utils-4.1.5.tgz",
+      "integrity": "sha512-76wdkrmfXfqGjueGgnb45ITPyUi1ycZ4IHgC2bhPDUfWHklY/q3MdLOAB+TF1e6xfl8NxNY0ZYaPCFNWSsw3Ug==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/pretty-format": "4.1.6",
+        "@vitest/pretty-format": "4.1.5",
         "convert-source-map": "^2.0.0",
         "tinyrainbow": "^3.1.0"
       },
@@ -5430,6 +5447,9 @@
         "arm64"
       ],
       "dev": true,
+      "libc": [
+        "glibc"
+      ],
       "license": "MPL-2.0",
       "optional": true,
       "os": [
@@ -5451,6 +5471,9 @@
         "arm64"
       ],
       "dev": true,
+      "libc": [
+        "musl"
+      ],
       "license": "MPL-2.0",
       "optional": true,
       "os": [
@@ -5472,6 +5495,9 @@
         "x64"
       ],
       "dev": true,
+      "libc": [
+        "glibc"
+      ],
       "license": "MPL-2.0",
       "optional": true,
       "os": [
@@ -5493,6 +5519,9 @@
         "x64"
       ],
       "dev": true,
+      "libc": [
+        "musl"
+      ],
       "license": "MPL-2.0",
       "optional": true,
       "os": [
@@ -7449,9 +7478,9 @@
       }
     },
     "node_modules/postcss": {
-      "version": "8.5.14",
-      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.14.tgz",
-      "integrity": "sha512-SoSL4+OSEtR99LHFZQiJLkT59C5B1amGO1NzTwj7TT1qCUgUO6hxOvzkOYxD+vMrXBM3XJIKzokoERdqQq/Zmg==",
+      "version": "8.5.15",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.15.tgz",
+      "integrity": "sha512-FfR8sjd4em2T6fb3I2MwAJU7HWVMr9zba+enmQeeWFfCbm+UOC/0X4DS8XtpUTMwWMGbjKYP7xjfNekzyGmB3A==",
       "dev": true,
       "funding": [
         {
@@ -7469,7 +7498,7 @@
       ],
       "license": "MIT",
       "dependencies": {
-        "nanoid": "^3.3.11",
+        "nanoid": "^3.3.12",
         "picocolors": "^1.1.1",
         "source-map-js": "^1.2.1"
       },
@@ -7897,14 +7926,14 @@
       "license": "ISC"
     },
     "node_modules/rolldown": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/rolldown/-/rolldown-1.0.0.tgz",
-      "integrity": "sha512-yD986aXDESFGS95spT1LAv0jssywP4npMEjmMHyN2/5+eE8qQJUype2AaKkRiLgBgyD0LFlubwAht7VmY8rGoA==",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/rolldown/-/rolldown-1.0.2.tgz",
+      "integrity": "sha512-oZx5zVDtVB44AW3eaifgDml1gWRDZGvjcfdxonE4swNPG98PrrXjaO/KrnUjzlMnztCCRVlUueA1kCXhARGk6g==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@oxc-project/types": "=0.129.0",
-        "@rolldown/pluginutils": "1.0.0"
+        "@oxc-project/types": "=0.132.0",
+        "@rolldown/pluginutils": "^1.0.0"
       },
       "bin": {
         "rolldown": "bin/cli.mjs"
@@ -7913,21 +7942,21 @@
         "node": "^20.19.0 || >=22.12.0"
       },
       "optionalDependencies": {
-        "@rolldown/binding-android-arm64": "1.0.0",
-        "@rolldown/binding-darwin-arm64": "1.0.0",
-        "@rolldown/binding-darwin-x64": "1.0.0",
-        "@rolldown/binding-freebsd-x64": "1.0.0",
-        "@rolldown/binding-linux-arm-gnueabihf": "1.0.0",
-        "@rolldown/binding-linux-arm64-gnu": "1.0.0",
-        "@rolldown/binding-linux-arm64-musl": "1.0.0",
-        "@rolldown/binding-linux-ppc64-gnu": "1.0.0",
-        "@rolldown/binding-linux-s390x-gnu": "1.0.0",
-        "@rolldown/binding-linux-x64-gnu": "1.0.0",
-        "@rolldown/binding-linux-x64-musl": "1.0.0",
-        "@rolldown/binding-openharmony-arm64": "1.0.0",
-        "@rolldown/binding-wasm32-wasi": "1.0.0",
-        "@rolldown/binding-win32-arm64-msvc": "1.0.0",
-        "@rolldown/binding-win32-x64-msvc": "1.0.0"
+        "@rolldown/binding-android-arm64": "1.0.2",
+        "@rolldown/binding-darwin-arm64": "1.0.2",
+        "@rolldown/binding-darwin-x64": "1.0.2",
+        "@rolldown/binding-freebsd-x64": "1.0.2",
+        "@rolldown/binding-linux-arm-gnueabihf": "1.0.2",
+        "@rolldown/binding-linux-arm64-gnu": "1.0.2",
+        "@rolldown/binding-linux-arm64-musl": "1.0.2",
+        "@rolldown/binding-linux-ppc64-gnu": "1.0.2",
+        "@rolldown/binding-linux-s390x-gnu": "1.0.2",
+        "@rolldown/binding-linux-x64-gnu": "1.0.2",
+        "@rolldown/binding-linux-x64-musl": "1.0.2",
+        "@rolldown/binding-openharmony-arm64": "1.0.2",
+        "@rolldown/binding-wasm32-wasi": "1.0.2",
+        "@rolldown/binding-win32-arm64-msvc": "1.0.2",
+        "@rolldown/binding-win32-x64-msvc": "1.0.2"
       }
     },
     "node_modules/run-con": {
@@ -8564,9 +8593,9 @@
       "license": "MIT"
     },
     "node_modules/tinyexec": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-1.1.2.tgz",
-      "integrity": "sha512-dAqSqE/RabpBKI8+h26GfLq6Vb3JVXs30XYQjdMjaj/c2tS8IYYMbIzP599KtRj7c57/wYApb3QjgRgXmrCukA==",
+      "version": "1.2.2",
+      "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-1.2.2.tgz",
+      "integrity": "sha512-M/Q0B2cp4K7kynaT/vnED1j8TlLY+Pp7C6Wl2bl/7u/F0mUVwdyOpwomQb8JpYLitHUssAJRmLZdMCGsrx7i+g==",
       "dev": true,
       "license": "MIT",
       "engines": {
@@ -8788,16 +8817,16 @@
       }
     },
     "node_modules/vite": {
-      "version": "8.0.12",
-      "resolved": "https://registry.npmjs.org/vite/-/vite-8.0.12.tgz",
-      "integrity": "sha512-w2dDofOWv2QB09ZITZBsvKTVAlYvPR4IAmrY/v0ir9KvLs0xybR7i48wxhM1/oyBWO34wPns+bPGw5ZrZqDpZg==",
+      "version": "8.0.14",
+      "resolved": "https://registry.npmjs.org/vite/-/vite-8.0.14.tgz",
+      "integrity": "sha512-s4BJJ+5y1pYL6Otw51FHhVJQhPnuRinKig64g/1+EUNaJsd3gCKdD31IPFvswUgW9/60QT9oFHbZHbQK5imcxw==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
         "lightningcss": "^1.32.0",
         "picomatch": "^4.0.4",
-        "postcss": "^8.5.14",
-        "rolldown": "1.0.0",
+        "postcss": "^8.5.15",
+        "rolldown": "1.0.2",
         "tinyglobby": "^0.2.16"
       },
       "bin": {
@@ -8866,19 +8895,19 @@
       }
     },
     "node_modules/vitest": {
-      "version": "4.1.6",
-      "resolved": "https://registry.npmjs.org/vitest/-/vitest-4.1.6.tgz",
-      "integrity": "sha512-6lvjbS3p9b4CrdCmguzbh2/4uoXhGE2q71R4OX5sqF9R1bo9Xd6fGrMAfvp5wnCzlBnFVdCOp6onuTQVbo8iUQ==",
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/vitest/-/vitest-4.1.5.tgz",
+      "integrity": "sha512-9Xx1v3/ih3m9hN+SbfkUyy0JAs72ap3r7joc87XL6jwF0jGg6mFBvQ1SrwaX+h8BlkX6Hz9shdd1uo6AF+ZGpg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
-        "@vitest/expect": "4.1.6",
-        "@vitest/mocker": "4.1.6",
-        "@vitest/pretty-format": "4.1.6",
-        "@vitest/runner": "4.1.6",
-        "@vitest/snapshot": "4.1.6",
-        "@vitest/spy": "4.1.6",
-        "@vitest/utils": "4.1.6",
+        "@vitest/expect": "4.1.5",
+        "@vitest/mocker": "4.1.5",
+        "@vitest/pretty-format": "4.1.5",
+        "@vitest/runner": "4.1.5",
+        "@vitest/snapshot": "4.1.5",
+        "@vitest/spy": "4.1.5",
+        "@vitest/utils": "4.1.5",
         "es-module-lexer": "^2.0.0",
         "expect-type": "^1.3.0",
         "magic-string": "^0.30.21",
@@ -8906,12 +8935,12 @@
         "@edge-runtime/vm": "*",
         "@opentelemetry/api": "^1.9.0",
         "@types/node": "^20.0.0 || ^22.0.0 || >=24.0.0",
-        "@vitest/browser-playwright": "4.1.6",
-        "@vitest/browser-preview": "4.1.6",
-        "@vitest/browser-webdriverio": "4.1.6",
-        "@vitest/coverage-istanbul": "4.1.6",
-        "@vitest/coverage-v8": "4.1.6",
-        "@vitest/ui": "4.1.6",
+        "@vitest/browser-playwright": "4.1.5",
+        "@vitest/browser-preview": "4.1.5",
+        "@vitest/browser-webdriverio": "4.1.5",
+        "@vitest/coverage-istanbul": "4.1.5",
+        "@vitest/coverage-v8": "4.1.5",
+        "@vitest/ui": "4.1.5",
         "happy-dom": "*",
         "jsdom": "*",
         "vite": "^6.0.0 || ^7.0.0 || ^8.0.0"

package.json

@@ -1,7 +1,7 @@
 {
   "name": "configure-aws-credentials",
   "description": "A GitHub Action to configure AWS credentials",
-  "version": "6.1.1",
+  "version": "6.2.0",
   "scripts": {
     "build": "tsc",
     "lint": "biome check --error-on-warnings ./src ./test && markdownlint -i node_modules -i CHANGELOG.md '**/*.md'",
@@ -17,11 +17,11 @@
     "organization": true
   },
   "devDependencies": {
-    "@aws-sdk/credential-provider-env": "^3.972.38",
+    "@aws-sdk/credential-provider-env": "^3.972.39",
     "@biomejs/biome": "2.4.15",
-    "@smithy/property-provider": "^4.3.3",
-    "@types/node": "^25.9.0",
-    "@vitest/coverage-v8": "^4.1.6",
+    "@smithy/property-provider": "^4.3.4",
+    "@types/node": "^25.9.1",
+    "@vitest/coverage-v8": "4.1.5",
     "aws-sdk-client-mock": "^4.1.0",
     "esbuild": "^0.28.0",
     "generate-license-file": "^4.1.1",
@@ -30,7 +30,7 @@
     "memfs": "^4.57.2",
     "standard-version": "^9.5.0",
     "typescript": "^6.0.3",
-    "vitest": "^4.1.5"
+    "vitest": "4.1.5"
   },
   "dependencies": {
     "@actions/core": "^3.0.1",

src/assumeRole.ts

@@ -1,11 +1,14 @@
 import assert from 'node:assert';
-import fs from 'node:fs';
 import path from 'node:path';
 import * as core from '@actions/core';
 import type { AssumeRoleCommandInput, STSClient, Tag } from '@aws-sdk/client-sts';
-import { AssumeRoleCommand, AssumeRoleWithWebIdentityCommand } from '@aws-sdk/client-sts';
+import {
+  AssumeRoleCommand,
+  AssumeRoleWithWebIdentityCommand,
+  PackedPolicyTooLargeException,
+} from '@aws-sdk/client-sts';
 import type { CredentialsClient } from './CredentialsClient';
-import { errorMessage, isDefined, sanitizeGitHubVariables } from './helpers';
+import { errorMessage, isDefined, readFileUtf8, sanitizeGitHubVariables } from './helpers';
 
 async function assumeRoleWithOIDC(params: AssumeRoleCommandInput, client: STSClient, webIdentityToken: string) {
   delete params.Tags;
@@ -36,13 +39,14 @@ async function assumeRoleWithWebIdentityTokenFile(
   const webIdentityTokenFilePath = path.isAbsolute(webIdentityTokenFile)
     ? webIdentityTokenFile
     : path.join(workspace, webIdentityTokenFile);
-  if (!fs.existsSync(webIdentityTokenFilePath)) {
+  const webIdentityToken = readFileUtf8(webIdentityTokenFilePath);
+  if (webIdentityToken === null) {
     throw new Error(`Web identity token file does not exist: ${webIdentityTokenFilePath}`);
   }
   core.info('Assuming role with web identity token file');
   try {
-    const webIdentityToken = fs.readFileSync(webIdentityTokenFilePath, 'utf8');
     delete params.Tags;
+    delete params.TransitiveTagKeys;
     const creds = await client.send(
       new AssumeRoleWithWebIdentityCommand({
         ...params,
@@ -61,6 +65,13 @@ async function assumeRoleWithCredentials(params: AssumeRoleCommandInput, client:
     const creds = await client.send(new AssumeRoleCommand({ ...params }));
     return creds;
   } catch (error) {
+    if (error instanceof PackedPolicyTooLargeException) {
+      core.info('Session tag size is too large; dropping droppable tags and retrying.');
+      const droppableKeys = new Set(DROPPABLE_TAG_SOURCES.map((s) => s.key));
+      params.Tags = params.Tags?.filter((tag) => !droppableKeys.has(tag.Key ?? ''));
+      const creds = await client.send(new AssumeRoleCommand({ ...params }));
+      return creds;
+    }
     throw new Error(`Could not assume role with user credentials: ${errorMessage(error)}`);
   }
 }
@@ -87,8 +98,8 @@ const MAX_TAG_KEY_LENGTH = 128;
 const MAX_TAG_VALUE_LENGTH = 256;
 const MAX_SESSION_TAGS = 50;
 
-// Identity/audit primitives. Always emitted and cannot be overridden by custom-tags.
-const PROTECTED_TAG_SOURCES: ReadonlyArray<{ key: string; envVar: string }> = [
+// Identity/audit primitives. Always emitted and cannot be dropped.
+const NON_DROPPABLE_TAG_SOURCES: ReadonlyArray<{ key: string; envVar: string }> = [
   { key: 'Repository', envVar: 'GITHUB_REPOSITORY' },
   { key: 'Workflow', envVar: 'GITHUB_WORKFLOW' },
   { key: 'Action', envVar: 'GITHUB_ACTION' },
@@ -97,21 +108,22 @@ const PROTECTED_TAG_SOURCES: ReadonlyArray<{ key: string; envVar: string }> = [
   { key: 'Branch', envVar: 'GITHUB_REF' },
 ];
 
-// Convenience metadata. Custom-tags may override (suppresses the default for that key).
-// Listed in priority order; lower-priority entries are dropped first if the user's custom-tags
-// would push the total above MAX_SESSION_TAGS.
-const OVERRIDEABLE_TAG_SOURCES_BY_PRIORITY: ReadonlyArray<{ key: string; envVar: string }> = [
+// Convenience metadata. If the AssumeRole call fails due to compressed size of
+// session tags being too large, we will drop these tags and retry once.
+const DROPPABLE_TAG_SOURCES: ReadonlyArray<{ key: string; envVar: string }> = [
   { key: 'EventName', envVar: 'GITHUB_EVENT_NAME' },
   { key: 'BaseRef', envVar: 'GITHUB_BASE_REF' },
   { key: 'HeadRef', envVar: 'GITHUB_HEAD_REF' },
-  { key: 'RefName', envVar: 'GITHUB_REF_NAME' },
   { key: 'RunId', envVar: 'GITHUB_RUN_ID' },
-  { key: 'RefType', envVar: 'GITHUB_REF_TYPE' },
   { key: 'Job', envVar: 'GITHUB_JOB' },
   { key: 'TriggeringActor', envVar: 'GITHUB_TRIGGERING_ACTOR' },
 ];
 
-const PROTECTED_TAG_KEYS = new Set<string>(['GitHub', ...PROTECTED_TAG_SOURCES.map((s) => s.key)]);
+const PROTECTED_TAG_KEYS = new Set<string>([
+  'GitHub',
+  ...NON_DROPPABLE_TAG_SOURCES.map((s) => s.key),
+  ...DROPPABLE_TAG_SOURCES.map((s) => s.key),
+]);
 
 export function parseAndValidateCustomTags(customTags: string, existingTags: Tag[]): Tag[] {
   let parsed: unknown;
@@ -198,7 +210,13 @@ export async function assumeRole(params: assumeRoleParams) {
   // Build session tags. Values are sanitized because the AWS tag value spec is more
   // restrictive than permissible characters in environment variables.
   const protectedTags: Tag[] = [{ Key: 'GitHub', Value: 'Actions' }];
-  for (const { key, envVar } of PROTECTED_TAG_SOURCES) {
+  for (const { key, envVar } of NON_DROPPABLE_TAG_SOURCES) {
+    const value = process.env[envVar];
+    if (value) {
+      protectedTags.push({ Key: key, Value: sanitizeGitHubVariables(value) });
+    }
+  }
+  for (const { key, envVar } of DROPPABLE_TAG_SOURCES) {
     const value = process.env[envVar];
     if (value) {
       protectedTags.push({ Key: key, Value: sanitizeGitHubVariables(value) });
@@ -206,26 +224,15 @@ export async function assumeRole(params: assumeRoleParams) {
   }
 
   const parsedCustomTags: Tag[] = customTags ? parseAndValidateCustomTags(customTags, protectedTags) : [];
-  const customTagKeys = new Set(parsedCustomTags.map((t) => t.Key));
 
-  const availableOverrideableSlots = MAX_SESSION_TAGS - protectedTags.length - parsedCustomTags.length;
-  const overrideableTags: Tag[] = [];
-  for (const { key, envVar } of OVERRIDEABLE_TAG_SOURCES_BY_PRIORITY) {
-    if (overrideableTags.length >= availableOverrideableSlots) break;
-    if (customTagKeys.has(key)) continue;
-    const value = process.env[envVar];
-    if (value) {
-      overrideableTags.push({ Key: key, Value: sanitizeGitHubVariables(value) });
-    }
-  }
-
-  const tagArray: Tag[] = [...protectedTags, ...overrideableTags, ...parsedCustomTags];
+  const tagArray: Tag[] = [...protectedTags, ...parsedCustomTags];
 
   const tags = roleSkipSessionTagging ? undefined : tagArray;
   if (!tags) {
     core.debug('Role session tagging has been skipped.');
   } else {
     core.debug(`${tags.length} role session tags are being used:`);
+    core.debug(JSON.stringify(tagArray));
   }
 
   //only populate transitiveTagKeys array if user is actually using session tagging

src/helpers.ts

@@ -1,3 +1,5 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
 import * as core from '@actions/core';
 import type { Credentials, STSClient } from '@aws-sdk/client-sts';
 import { GetCallerIdentityCommand } from '@aws-sdk/client-sts';
@@ -291,3 +293,106 @@ export function getBooleanInput(name: string, options?: core.InputOptions & { de
       `Support boolean input list: \`true | True | TRUE | false | False | FALSE\``,
   );
 }
+
+// O_NOFOLLOW is undefined on Windows. This sets it to 0 if it's not defined.
+const O_NOFOLLOW: number = (fs.constants as { O_NOFOLLOW?: number }).O_NOFOLLOW ?? 0;
+
+export function isAllowListed(filePath: string): boolean {
+  // Kubelet projects service-account tokens through a symlink chain
+  // (token -> ..data/token, ..data -> ..<timestamp>/). The containing path is
+  // kubelet-controlled, so we allow symlink-following reads of this fixed
+  // location only.
+  const KUBERNETES_TOKEN_PATH_REGEX = /^\/var\/run\/secrets\/[^/]+\/serviceaccount\/token$/;
+
+  if (process.platform !== 'win32') {
+    // No Kubernetes token paths on Windows
+    return KUBERNETES_TOKEN_PATH_REGEX.test(path.posix.normalize(filePath));
+  }
+  return false;
+}
+
+export function isSymlink(filePath: string): boolean {
+  try {
+    return fs.lstatSync(filePath).isSymbolicLink();
+  } catch (err) {
+    if ((err as NodeJS.ErrnoException).code === 'ENOENT') return false;
+    throw err;
+  }
+}
+
+// Refuses if filePath or its parent directory is a symbolic link.
+function refuseSymlinkOnPath(filePath: string): void {
+  const parent = path.dirname(filePath);
+  if (parent !== filePath && isSymlink(parent)) {
+    throw new Error(`Refusing ${filePath} (parent directory is a symbolic link)`);
+  }
+  if (isSymlink(filePath)) {
+    throw new Error(`Refusing ${filePath} (path is a symbolic link)`);
+  }
+}
+
+function assertRegularFile(fd: number, filePath: string): void {
+  const stats = fs.fstatSync(fd);
+  if (!stats.isFile()) {
+    throw new Error(`${filePath} (path is not a regular file)`);
+  }
+}
+
+// ENOENT: file does not exist
+// ELOOP: too many symbolic links (from NOFOLLOW)
+
+export function readFileUtf8(filePath: string): string | null {
+  const allowSymlink = isAllowListed(filePath);
+  if (!allowSymlink) {
+    refuseSymlinkOnPath(filePath);
+  }
+  const openFlags = fs.constants.O_RDONLY | (allowSymlink ? 0 : O_NOFOLLOW);
+  let fd: number;
+  try {
+    fd = fs.openSync(filePath, openFlags);
+  } catch (err) {
+    const code = (err as NodeJS.ErrnoException).code;
+    if (code === 'ENOENT') return null;
+    if (code === 'ELOOP') {
+      throw new Error(`Refusing ${filePath} (path is a symbolic link)`);
+    }
+    throw err;
+  }
+  try {
+    assertRegularFile(fd, filePath);
+    return fs.readFileSync(fd, 'utf-8');
+  } finally {
+    fs.closeSync(fd);
+  }
+}
+
+export function writeFileUtf8(filePath: string, content: string, mode = 0o600): void {
+  refuseSymlinkOnPath(filePath);
+  let fd: number;
+  try {
+    fd = fs.openSync(filePath, fs.constants.O_WRONLY | fs.constants.O_CREAT | fs.constants.O_TRUNC | O_NOFOLLOW, mode);
+  } catch (err) {
+    if ((err as NodeJS.ErrnoException).code === 'ELOOP') {
+      throw new Error(`Refusing ${filePath} (path is a symbolic link)`);
+    }
+    throw err;
+  }
+  try {
+    assertRegularFile(fd, filePath);
+    // openSync only applies mode on creation.
+    // If the file already exists, we need to ensure the mode is correct.
+    if (process.platform !== 'win32') {
+      fs.fchmodSync(fd, mode);
+    }
+    fs.writeFileSync(fd, content);
+  } finally {
+    fs.closeSync(fd);
+  }
+}
+
+export function mkdir(dir: string, mode = 0o700): void {
+  fs.mkdirSync(dir, { recursive: true, mode });
+  if (isSymlink(dir)) {
+    throw new Error(`Refusing ${dir} (path is a symbolic link)`);
+  }
+}

src/profileManager.ts

@@ -1,8 +1,8 @@
-import * as fs from 'node:fs';
 import * as os from 'node:os';
 import * as path from 'node:path';
 import * as core from '@actions/core';
 import type { Credentials } from '@aws-sdk/client-sts';
+import { mkdir, readFileUtf8, writeFileUtf8 } from './helpers';
 
 /**
  * Parse an INI-format string into a nested object.
@@ -87,10 +87,8 @@ export function getProfileFilePaths(): ProfileFilePaths {
  */
 export function ensureAwsDirectoryExists(filePath: string): void {
   const dir = path.dirname(filePath);
-  if (!fs.existsSync(dir)) {
-    core.debug(`Creating directory: ${dir}`);
-    fs.mkdirSync(dir, { recursive: true, mode: 0o700 });
-  }
+  core.debug(`Ensuring directory exists: ${dir}`);
+  mkdir(dir, 0o700);
 }
 
 /**
@@ -127,14 +125,8 @@ export function mergeProfileSection(
   data: Record<string, string>,
   overwriteAwsProfile: boolean,
 ): void {
-  let existingContent: Record<string, Record<string, string>> = {};
-
-  // Read existing file if it exists
-  if (fs.existsSync(filePath)) {
-    core.debug(`Reading existing file: ${filePath}`);
-    const fileContent = fs.readFileSync(filePath, 'utf-8');
-    existingContent = parseIni(fileContent);
-  }
+  const fileContent = readFileUtf8(filePath);
+  const existingContent: Record<string, Record<string, string>> = fileContent === null ? {} : parseIni(fileContent);
 
   if (existingContent[sectionName] && !overwriteAwsProfile) {
     throw new Error(
@@ -147,7 +139,7 @@ export function mergeProfileSection(
   const content = stringifyIni(existingContent);
 
   core.debug(`Writing profile to ${filePath}`);
-  fs.writeFileSync(filePath, content, { mode: 0o600 });
+  writeFileUtf8(filePath, content, 0o600);
 }
 
 /**

test/assumeRole.test.ts

@@ -0,0 +1,63 @@
+import * as core from '@actions/core';
+import { AssumeRoleWithWebIdentityCommand, GetCallerIdentityCommand, STSClient } from '@aws-sdk/client-sts';
+import { mockClient } from 'aws-sdk-client-mock';
+import { fs, vol } from 'memfs';
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest';
+import * as helpers from '../src/helpers';
+import { run } from '../src/index';
+import mocks from './mockinputs.test';
+
+vi.mock('node:fs');
+vi.mock('@actions/core');
+
+const mockedSTSClient = mockClient(STSClient);
+
+describe('assumeRoleWithWebIdentityTokenFile', {}, () => {
+  beforeEach(() => {
+    vi.restoreAllMocks();
+    vi.clearAllMocks();
+    mockedSTSClient.reset();
+    vol.reset();
+    helpers.withsleep(() => Promise.resolve());
+    vi.mocked(core.getInput).mockImplementation(mocks.getInput(mocks.WEBIDENTITY_TOKEN_FILE_INPUTS));
+    vi.mocked(core.getMultilineInput).mockReturnValue([]);
+    mockedSTSClient.on(GetCallerIdentityCommand).resolves({ ...mocks.outputs.GET_CALLER_IDENTITY });
+    process.env = { ...mocks.envs };
+    fs.mkdirSync('/home/github', { recursive: true });
+  });
+
+  afterEach(() => {
+    helpers.reset();
+  });
+
+  it('refuses when the token file is a symlink and never calls STS', async () => {
+    fs.mkdirSync('/etc', { recursive: true });
+    fs.writeFileSync('/etc/passwd', 'root:x:0:0::/root:/bin/sh');
+    fs.symlinkSync('/etc/passwd', '/home/github/file.txt');
+
+    await run();
+
+    expect(core.setFailed).toHaveBeenCalledWith(expect.stringMatching(/Refusing .* \(.* symbolic link\)/));
+    expect(mockedSTSClient.commandCalls(AssumeRoleWithWebIdentityCommand)).toHaveLength(0);
+    expect(fs.readFileSync('/etc/passwd', 'utf-8')).toBe('root:x:0:0::/root:/bin/sh');
+  });
+
+  it('preserves the existing missing-file error when the token file does not exist', async () => {
+    await run();
+
+    expect(core.setFailed).toHaveBeenCalledWith(expect.stringContaining('Web identity token file does not exist'));
+    expect(mockedSTSClient.commandCalls(AssumeRoleWithWebIdentityCommand)).toHaveLength(0);
+  });
+
+  it('passes token contents to STS when the file is regular', async () => {
+    fs.writeFileSync('/home/github/file.txt', 'real-token');
+    mockedSTSClient.on(AssumeRoleWithWebIdentityCommand).resolves(mocks.outputs.STS_CREDENTIALS);
+
+    await run();
+
+    expect(core.setFailed).not.toHaveBeenCalled();
+    const calls = mockedSTSClient.commandCalls(AssumeRoleWithWebIdentityCommand);
+    expect(calls).toHaveLength(1);
+    expect(calls[0]?.args[0].input.WebIdentityToken).toBe('real-token');
+  });
+});

test/helpers.test.ts

@@ -1,12 +1,16 @@
 import * as core from '@actions/core';
+import { fs, vol } from 'memfs';
 import { beforeEach, describe, expect, it, vi } from 'vitest';
 import * as helpers from '../src/helpers';
 
+vi.mock('node:fs');
 vi.mock('@actions/core');
 
 describe('Configure AWS Credentials helpers', {}, () => {
   beforeEach(() => {
-    vi.resetAllMocks();
+    vi.restoreAllMocks();
+    vi.clearAllMocks();
+    vol.reset();
   });
   it('removes brackets from GitHub Actor', {}, () => {
     const actor = 'actor[bot]';
@@ -48,6 +52,9 @@ describe('Configure AWS Credentials helpers', {}, () => {
     helpers.reset();
   });
   it('can output creds when told to', {}, () => {
+    vi.spyOn(core, 'setOutput').mockImplementation(() => {});
+    vi.spyOn(core, 'setSecret').mockImplementation(() => {});
+    vi.spyOn(core, 'exportVariable').mockImplementation(() => {});
     helpers.exportCredentials(
       { AccessKeyId: 'test', SecretAccessKey: 'test', SessionToken: 'test', Expiration: new Date(8640000000000000) },
       true,
@@ -68,6 +75,9 @@ describe('Configure AWS Credentials helpers', {}, () => {
     process.env = env;
   });
   it(`won't output credentials to env if told not to`, {}, () => {
+    vi.spyOn(core, 'setOutput').mockImplementation(() => {});
+    vi.spyOn(core, 'setSecret').mockImplementation(() => {});
+    vi.spyOn(core, 'exportVariable').mockImplementation(() => {});
     helpers.exportCredentials(
       { AccessKeyId: 'test', SecretAccessKey: 'test', SessionToken: 'test', Expiration: new Date(8640000000000000) },
       true,
@@ -95,22 +105,163 @@ describe('Configure AWS Credentials helpers', {}, () => {
   });
 
   it('handles getBooleanInput correctly', {}, () => {
-    vi.mocked(core.getInput).mockReturnValue('true');
+    vi.spyOn(core, 'getInput').mockReturnValue('true');
     expect(helpers.getBooleanInput('test')).toBe(true);
 
-    vi.mocked(core.getInput).mockReturnValue('false');
+    vi.spyOn(core, 'getInput').mockReturnValue('false');
     expect(helpers.getBooleanInput('test')).toBe(false);
 
-    vi.mocked(core.getInput).mockReturnValue('');
+    vi.spyOn(core, 'getInput').mockReturnValue('');
     expect(helpers.getBooleanInput('test', { default: true })).toBe(true);
 
-    vi.mocked(core.getInput).mockReturnValue('invalid');
+    vi.spyOn(core, 'getInput').mockReturnValue('invalid');
     expect(() => helpers.getBooleanInput('test')).toThrow();
   });
 
   it('clears session token when not provided', {}, () => {
+    vi.spyOn(core, 'setSecret').mockImplementation(() => {});
+    vi.spyOn(core, 'exportVariable').mockImplementation(() => {});
     process.env.AWS_SESSION_TOKEN = 'old-token';
     helpers.exportCredentials({ AccessKeyId: 'test', SecretAccessKey: 'test' }, false, true);
     expect(core.exportVariable).toHaveBeenCalledWith('AWS_SESSION_TOKEN', '');
   });
+
+  describe('filesystem helpers', {}, () => {
+    describe('isSymlink', {}, () => {
+      it('returns true for a symlink', {}, () => {
+        fs.mkdirSync('/dir', { recursive: true });
+        fs.writeFileSync('/dir/target', 'data');
+        fs.symlinkSync('/dir/target', '/dir/link');
+        expect(helpers.isSymlink('/dir/link')).toBe(true);
+      });
+
+      it('returns false for a regular file', {}, () => {
+        fs.mkdirSync('/dir', { recursive: true });
+        fs.writeFileSync('/dir/file', 'data');
+        expect(helpers.isSymlink('/dir/file')).toBe(false);
+      });
+
+      it('returns false for a missing path', {}, () => {
+        expect(helpers.isSymlink('/nonexistent')).toBe(false);
+      });
+    });
+
+    describe('readFileUtf8', {}, () => {
+      it('returns content for a regular file', {}, () => {
+        fs.mkdirSync('/dir', { recursive: true });
+        fs.writeFileSync('/dir/file', 'hello');
+        expect(helpers.readFileUtf8('/dir/file')).toBe('hello');
+      });
+
+      it('returns null when the file does not exist', {}, () => {
+        fs.mkdirSync('/dir', { recursive: true });
+        expect(helpers.readFileUtf8('/dir/missing')).toBe(null);
+      });
+
+      it('refuses to read through a symlink at the target', {}, () => {
+        fs.mkdirSync('/dir', { recursive: true });
+        fs.writeFileSync('/dir/secret', 'sensitive');
+        fs.symlinkSync('/dir/secret', '/dir/link');
+        expect(() => helpers.readFileUtf8('/dir/link')).toThrow(/Refusing .* \(.* symbolic link\)/);
+      });
+
+      it('refuses to read when the parent directory is a symlink', {}, () => {
+        fs.mkdirSync('/real/.aws', { recursive: true });
+        fs.writeFileSync('/real/.aws/credentials', 'data');
+        fs.mkdirSync('/home', { recursive: true });
+        fs.symlinkSync('/real/.aws', '/home/.aws');
+        expect(() => helpers.readFileUtf8('/home/.aws/credentials')).toThrow(/Refusing .* \(.* symbolic link\)/);
+      });
+
+      it('refuses to read when the path is a directory', {}, () => {
+        fs.mkdirSync('/dir/subdir', { recursive: true });
+        expect(() => helpers.readFileUtf8('/dir/subdir')).toThrow(/not a regular file/);
+      });
+
+      it.skipIf(process.platform === 'win32')(
+        'follows the kubelet projected-token symlink chain at /var/run/secrets/*/serviceaccount/token',
+        () => {
+          fs.mkdirSync('/var/run/secrets/eks.amazonaws.com/serviceaccount/..2026_05_28_00_00_00.123', {
+            recursive: true,
+          });
+          fs.writeFileSync(
+            '/var/run/secrets/eks.amazonaws.com/serviceaccount/..2026_05_28_00_00_00.123/token',
+            'jwt-token',
+          );
+          fs.symlinkSync('..2026_05_28_00_00_00.123', '/var/run/secrets/eks.amazonaws.com/serviceaccount/..data');
+          fs.symlinkSync('..data/token', '/var/run/secrets/eks.amazonaws.com/serviceaccount/token');
+          expect(helpers.readFileUtf8('/var/run/secrets/eks.amazonaws.com/serviceaccount/token')).toBe('jwt-token');
+        },
+      );
+
+      it.skipIf(process.platform === 'win32')('still refuses symlinks at lookalike paths outside the allowlist', () => {
+        fs.mkdirSync('/var/run/secrets/eks.amazonaws.com/serviceaccount', { recursive: true });
+        fs.writeFileSync('/var/run/secrets/eks.amazonaws.com/serviceaccount/secret', 'jwt-token');
+        fs.symlinkSync(
+          '/var/run/secrets/eks.amazonaws.com/serviceaccount/secret',
+          '/var/run/secrets/eks.amazonaws.com/serviceaccount/token2',
+        );
+        expect(() => helpers.readFileUtf8('/var/run/secrets/eks.amazonaws.com/serviceaccount/token2')).toThrow(
+          /Refusing .* \(.* symbolic link\)/,
+        );
+      });
+    });
+
+    describe('isAllowListed', {}, () => {
+      it.skipIf(process.platform === 'win32')('matches the canonical kubelet projected-token path', () => {
+        expect(helpers.isAllowListed('/var/run/secrets/eks.amazonaws.com/serviceaccount/token')).toBe(true);
+        expect(helpers.isAllowListed('/var/run/secrets/kubernetes.io/serviceaccount/token')).toBe(true);
+      });
+
+      it.skipIf(process.platform === 'win32')('rejects nested or unrelated paths', () => {
+        expect(helpers.isAllowListed('/var/run/secrets/serviceaccount/token')).toBe(false);
+        expect(helpers.isAllowListed('/var/run/secrets/a/b/serviceaccount/token')).toBe(false);
+        expect(helpers.isAllowListed('/var/run/secrets/eks.amazonaws.com/serviceaccount/token2')).toBe(false);
+        expect(helpers.isAllowListed('/etc/var/run/secrets/foo/serviceaccount/token')).toBe(false);
+      });
+
+      it.skipIf(process.platform === 'win32')('normalizes path traversal attempts', () => {
+        expect(helpers.isAllowListed('/var/run/secrets/foo/serviceaccount/../../../../etc/passwd')).toBe(false);
+      });
+    });
+
+    describe('writeFileUtf8', {}, () => {
+      it('writes content with the specified mode', {}, () => {
+        fs.mkdirSync('/dir', { recursive: true });
+        helpers.writeFileUtf8('/dir/file', 'payload', 0o600);
+        expect(fs.readFileSync('/dir/file', 'utf-8')).toBe('payload');
+        expect(fs.statSync('/dir/file').mode & 0o777).toBe(0o600);
+      });
+
+      it('refuses to follow a symlink at the target and leaves the target file untouched', {}, () => {
+        fs.mkdirSync('/dir', { recursive: true });
+        fs.writeFileSync('/dir/target', 'original');
+        fs.symlinkSync('/dir/target', '/dir/link');
+        expect(() => helpers.writeFileUtf8('/dir/link', 'attacker', 0o600)).toThrow(/Refusing .* \(.* symbolic link\)/);
+        expect(fs.readFileSync('/dir/target', 'utf-8')).toBe('original');
+      });
+
+      it.skipIf(process.platform === 'win32')('tightens mode on existing files', () => {
+        fs.mkdirSync('/dir', { recursive: true });
+        fs.writeFileSync('/dir/file', 'old', { mode: 0o644 });
+        helpers.writeFileUtf8('/dir/file', 'new', 0o600);
+        expect(fs.statSync('/dir/file').mode & 0o777).toBe(0o600);
+      });
+    });
+
+    describe('mkdir', {}, () => {
+      it('is idempotent on a regular directory', {}, () => {
+        helpers.mkdir('/some/nested/dir', 0o700);
+        helpers.mkdir('/some/nested/dir', 0o700);
+        expect(fs.statSync('/some/nested/dir').isDirectory()).toBe(true);
+      });
+
+      it('refuses when the target directory is a symlink', {}, () => {
+        fs.mkdirSync('/real', { recursive: true });
+        fs.mkdirSync('/home', { recursive: true });
+        fs.symlinkSync('/real', '/home/.aws');
+        expect(() => helpers.mkdir('/home/.aws', 0o700)).toThrow(/Refusing .* \(.* symbolic link\)/);
+      });
+    });
+  });
 });

test/index.test.ts

@@ -3,6 +3,7 @@ import {
   AssumeRoleCommand,
   AssumeRoleWithWebIdentityCommand,
   GetCallerIdentityCommand,
+  PackedPolicyTooLargeException,
   STSClient,
 } from '@aws-sdk/client-sts';
 import { mockClient } from 'aws-sdk-client-mock';
@@ -202,6 +203,18 @@ describe('Configure AWS Credentials', {}, () => {
       expect(core.setOutput).toHaveBeenCalledTimes(2);
       expect(core.setFailed).not.toHaveBeenCalled();
     });
+    it('does not send Tags or TransitiveTagKeys to AssumeRoleWithWebIdentity', async () => {
+      // AssumeRoleWithWebIdentity reads session tags from JWT claims, not the request.
+      // Both fields must be stripped before the STS call.
+      vi.mocked(core.getMultilineInput).mockImplementation((name: string) => {
+        if (name === 'transitive-tag-keys') return ['Repository'];
+        return [];
+      });
+      await run();
+      const callInput = mockedSTSClient.commandCalls(AssumeRoleWithWebIdentityCommand)[0].args[0].input;
+      expect(callInput.Tags).toBeUndefined();
+      expect(callInput.TransitiveTagKeys).toBeUndefined();
+    });
   });
 
   describe('Assume existing role', {}, () => {
@@ -282,9 +295,9 @@ describe('Configure AWS Credentials', {}, () => {
       await run();
       const tags = mockedSTSClient.commandCalls(AssumeRoleCommand)[0].args[0].input.Tags ?? [];
       // 7 protected (GitHub + Repository, Workflow, Action, Actor, Commit, Branch)
-      // + 8 overrideable (EventName, BaseRef, HeadRef, RefName, RunId, RefType, Job, TriggeringActor).
-      // No custom-tags, all env vars set in mocks.envs → all 15 should be present, nothing else.
-      expect(tags).toHaveLength(15);
+      // + 6 droppable (EventName, BaseRef, HeadRef, RunId, Job, TriggeringActor).
+      // No custom-tags, all env vars set in mocks.envs → all 13 should be present, nothing else.
+      expect(tags).toHaveLength(13);
       const tagsByKey = Object.fromEntries(tags.map((t) => [t.Key, t.Value]));
       expect(tagsByKey).toEqual({
         GitHub: 'Actions',
@@ -297,14 +310,12 @@ describe('Configure AWS Credentials', {}, () => {
         EventName: 'pull_request',
         BaseRef: 'main',
         HeadRef: 'feature-branch',
-        RefName: 'feature-branch',
         RunId: '16412345678',
-        RefType: 'branch',
         Job: 'build',
         TriggeringActor: 'MY-USERNAME_bot_',
       });
     });
-    it('omits overrideable tags whose env vars are unset', {}, async () => {
+    it('omits droppable tags whose env vars are unset', {}, async () => {
       vi.mocked(core.getInput).mockImplementation(mocks.getInput(mocks.IAM_ASSUMEROLE_INPUTS));
       delete process.env.GITHUB_BASE_REF;
       delete process.env.GITHUB_HEAD_REF;
@@ -318,6 +329,27 @@ describe('Configure AWS Credentials', {}, () => {
       expect(tagKeys).toContain('EventName');
       expect(tagKeys).toContain('RunId');
     });
+    it('drops droppable tags and retries on PackedPolicyTooLargeException', {}, async () => {
+      vi.mocked(core.getInput).mockImplementation(mocks.getInput(mocks.IAM_ASSUMEROLE_INPUTS));
+      mockedSTSClient
+        .on(AssumeRoleCommand)
+        .rejectsOnce(new PackedPolicyTooLargeException({ message: 'too large', $metadata: {} }))
+        .resolvesOnce(mocks.outputs.STS_CREDENTIALS);
+      await run();
+      expect(core.info).toHaveBeenCalledWith('Session tag size is too large; dropping droppable tags and retrying.');
+      const retryInput = mockedSTSClient.commandCalls(AssumeRoleCommand)[1].args[0].input;
+      const retryTagKeys = (retryInput.Tags ?? []).map((t) => t.Key);
+      expect(retryTagKeys).not.toContain('EventName');
+      expect(retryTagKeys).not.toContain('BaseRef');
+      expect(retryTagKeys).not.toContain('HeadRef');
+      expect(retryTagKeys).not.toContain('RunId');
+      expect(retryTagKeys).not.toContain('Job');
+      expect(retryTagKeys).not.toContain('TriggeringActor');
+      // Protected tags remain
+      expect(retryTagKeys).toContain('GitHub');
+      expect(retryTagKeys).toContain('Repository');
+      expect(core.setFailed).not.toHaveBeenCalled();
+    });
     it('sanitizes invalid characters in env-derived tag values', {}, async () => {
       vi.mocked(core.getInput).mockImplementation(mocks.getInput(mocks.IAM_ASSUMEROLE_INPUTS));
       process.env.GITHUB_HEAD_REF = 'feature/has spaces&bad?chars';
@@ -370,8 +402,6 @@ describe('Configure AWS Credentials', {}, () => {
           { Key: 'EventName', Value: 'pull_request' },
           { Key: 'RunId', Value: '16412345678' },
           { Key: 'Job', Value: 'build' },
-          { Key: 'RefName', Value: 'feature-branch' },
-          { Key: 'RefType', Value: 'branch' },
           { Key: 'TriggeringActor', Value: 'MY-USERNAME_bot_' },
           { Key: 'Environment', Value: 'Production' },
           { Key: 'Team', Value: 'DevOps' },
@@ -420,7 +450,7 @@ describe('Configure AWS Credentials', {}, () => {
       await run();
       expect(core.warning).toHaveBeenCalledWith(expect.stringContaining("'custom-tags' is set but will be ignored"));
     });
-    it('lets custom tags override overrideable default tag keys', {}, async () => {
+    it('rejects custom tags that conflict with droppable tag keys', {}, async () => {
       vi.mocked(core.getInput).mockImplementation(
         mocks.getInput({
           ...mocks.IAM_ASSUMEROLE_INPUTS,
@@ -428,13 +458,10 @@ describe('Configure AWS Credentials', {}, () => {
         }),
       );
       await run();
-      const tags = mockedSTSClient.commandCalls(AssumeRoleCommand)[0].args[0].input.Tags ?? [];
-      const eventNameTags = tags.filter((t) => t.Key === 'EventName');
-      const baseRefTags = tags.filter((t) => t.Key === 'BaseRef');
-      expect(eventNameTags).toHaveLength(1);
-      expect(eventNameTags[0]?.Value).toBe('workflow_dispatch');
-      expect(baseRefTags).toHaveLength(1);
-      expect(baseRefTags[0]?.Value).toBe('release/2026');
+      expect(core.setFailed).toHaveBeenCalledWith(
+        "custom-tags: key 'EventName' conflicts with a protected session tag set by this action and cannot be overridden",
+      );
+      expect(mockedSTSClient.commandCalls(AssumeRoleCommand)).toHaveLength(0);
     });
     it('rejects custom tags that conflict with the protected Branch tag', {}, async () => {
       // Regression guard: Branch was a default before v6.2 and must remain unoverridable.
@@ -450,62 +477,10 @@ describe('Configure AWS Credentials', {}, () => {
       );
       expect(mockedSTSClient.commandCalls(AssumeRoleCommand)).toHaveLength(0);
     });
-    it('drops lower-priority overrideable tags when custom-tags would exceed the session-tag limit', {}, async () => {
-      // 7 protected (GitHub + 6 from PROTECTED_TAG_SOURCES) + 40 custom = 47 used → 3 overrideable slots.
-      // The first 3 overrideable tags by priority are EventName, BaseRef, HeadRef (RefName, RunId, RefType,
-      // Job, TriggeringActor must be dropped).
+    it('rejects custom-tags that would exceed the session-tag limit', {}, async () => {
+      // 13 existing tags (7 non-droppable + 6 droppable) + 38 custom = 51 > 50.
       const customTagsObj: Record<string, string> = {};
-      for (let i = 0; i < 40; i++) {
-        customTagsObj[`Custom${i}`] = `value${i}`;
-      }
-      vi.mocked(core.getInput).mockImplementation(
-        mocks.getInput({
-          ...mocks.IAM_ASSUMEROLE_INPUTS,
-          'custom-tags': JSON.stringify(customTagsObj),
-        }),
-      );
-      await run();
-      const tags = mockedSTSClient.commandCalls(AssumeRoleCommand)[0].args[0].input.Tags ?? [];
-      const tagKeys = tags.map((t) => t.Key);
-      expect(tags).toHaveLength(50);
-      expect(tagKeys).toContain('Branch');
-      expect(tagKeys).toContain('EventName');
-      expect(tagKeys).toContain('BaseRef');
-      expect(tagKeys).toContain('HeadRef');
-      expect(tagKeys).not.toContain('RefName');
-      expect(tagKeys).not.toContain('RunId');
-      expect(tagKeys).not.toContain('RefType');
-      expect(tagKeys).not.toContain('Job');
-      expect(tagKeys).not.toContain('TriggeringActor');
-    });
-    it('overridden overrideable tags free a slot for a lower-priority overrideable tag', {}, async () => {
-      // Same 40-custom-tag scenario as above, but one of the customs overrides BaseRef.
-      // BaseRef no longer competes for the overrideable budget, so the next-priority overrideable (RefName) gets in.
-      const customTagsObj: Record<string, string> = { BaseRef: 'release/2026' };
-      for (let i = 0; i < 39; i++) {
-        customTagsObj[`Custom${i}`] = `value${i}`;
-      }
-      vi.mocked(core.getInput).mockImplementation(
-        mocks.getInput({
-          ...mocks.IAM_ASSUMEROLE_INPUTS,
-          'custom-tags': JSON.stringify(customTagsObj),
-        }),
-      );
-      await run();
-      const tags = mockedSTSClient.commandCalls(AssumeRoleCommand)[0].args[0].input.Tags ?? [];
-      const tagKeys = tags.map((t) => t.Key);
-      expect(tags).toHaveLength(50);
-      expect(tagKeys).toContain('Branch');
-      expect(tagKeys).toContain('EventName');
-      expect(tagKeys).toContain('BaseRef');
-      expect(tagKeys).toContain('HeadRef');
-      expect(tagKeys).toContain('RefName');
-      expect(tagKeys).not.toContain('RunId');
-    });
-    it('rejects custom-tags that would exceed the session-tag limit on their own', {}, async () => {
-      // 7 protected + 44 custom = 51, which is over 50 even with zero overrideable tags.
-      const customTagsObj: Record<string, string> = {};
-      for (let i = 0; i < 44; i++) {
+      for (let i = 0; i < 38; i++) {
         customTagsObj[`Custom${i}`] = `value${i}`;
       }
       vi.mocked(core.getInput).mockImplementation(
@@ -518,12 +493,10 @@ describe('Configure AWS Credentials', {}, () => {
       expect(core.setFailed).toHaveBeenCalledWith(expect.stringContaining('would exceed the AWS limit of 50'));
       expect(mockedSTSClient.commandCalls(AssumeRoleCommand)).toHaveLength(0);
     });
-    it('drops transitive-tag-keys entries that refer to evicted overrideable tags', {}, async () => {
-      // Force eviction of all overrideable tags below EventName/BaseRef/HeadRef. The user transitive-tags
-      // RunId (which gets evicted) and Repository (which is protected and stays). The TransitiveTagKeys
-      // payload must include only the keys that actually appear in Tags.
+    it('allows custom-tags up to the session-tag limit', {}, async () => {
+      // 13 existing tags + 37 custom = 50, exactly at the limit.
       const customTagsObj: Record<string, string> = {};
-      for (let i = 0; i < 40; i++) {
+      for (let i = 0; i < 37; i++) {
         customTagsObj[`Custom${i}`] = `value${i}`;
       }
       vi.mocked(core.getInput).mockImplementation(
@@ -532,15 +505,10 @@ describe('Configure AWS Credentials', {}, () => {
           'custom-tags': JSON.stringify(customTagsObj),
         }),
       );
-      vi.mocked(core.getMultilineInput).mockImplementation((name: string) => {
-        if (name === 'transitive-tag-keys') return ['Repository', 'RunId'];
-        return [];
-      });
       await run();
-      const callInput = mockedSTSClient.commandCalls(AssumeRoleCommand)[0].args[0].input;
-      const tagKeys = (callInput.Tags ?? []).map((t) => t.Key);
-      expect(tagKeys).not.toContain('RunId');
-      expect(callInput.TransitiveTagKeys).toEqual(['Repository']);
+      expect(core.setFailed).not.toHaveBeenCalled();
+      const tags = mockedSTSClient.commandCalls(AssumeRoleCommand)[0].args[0].input.Tags ?? [];
+      expect(tags).toHaveLength(50);
     });
   });
 

test/mockinputs.test.ts

@@ -105,8 +105,6 @@ const envs = {
   GITHUB_EVENT_NAME: 'pull_request',
   GITHUB_RUN_ID: '16412345678',
   GITHUB_JOB: 'build',
-  GITHUB_REF_NAME: 'feature-branch',
-  GITHUB_REF_TYPE: 'branch',
   GITHUB_BASE_REF: 'main',
   GITHUB_HEAD_REF: 'feature-branch',
   GITHUB_TRIGGERING_ACTOR: 'MY-USERNAME[bot]',

test/profileManager.test.ts

@@ -11,12 +11,13 @@ import {
   writeProfileFiles,
 } from '../src/profileManager';
 
-vi.mock('@actions/core');
 vi.mock('node:fs');
+vi.mock('@actions/core');
 
 describe('Profile Manager', {}, () => {
   beforeEach(() => {
-    vi.resetAllMocks();
+    vi.restoreAllMocks();
+    vi.clearAllMocks();
     vol.reset();
   });
 
@@ -735,4 +736,69 @@ describe('Profile Manager', {}, () => {
       );
     });
   });
+
+  describe('symlink hardening', {}, () => {
+    const credsPath = '/home/user/.aws/credentials';
+    const configPath = '/home/user/.aws/config';
+
+    beforeEach(() => {
+      process.env.AWS_SHARED_CREDENTIALS_FILE = credsPath;
+      process.env.AWS_CONFIG_FILE = configPath;
+    });
+
+    it('mergeProfileSection refuses when the credentials path is a symlink and leaves the target unchanged', {}, () => {
+      fs.mkdirSync('/home/user/.aws', { recursive: true });
+      fs.mkdirSync('/etc', { recursive: true });
+      fs.writeFileSync('/etc/passwd', 'root:x:0:0::/root:/bin/sh');
+      fs.symlinkSync('/etc/passwd', credsPath);
+
+      expect(() => mergeProfileSection(credsPath, 'dev', { aws_access_key_id: 'AKIA' }, true)).toThrow(
+        /Refusing .* \(.* symbolic link\)/,
+      );
+      expect(fs.readFileSync('/etc/passwd', 'utf-8')).toBe('root:x:0:0::/root:/bin/sh');
+    });
+
+    it('mergeProfileSection refuses when the config path is a symlink', {}, () => {
+      fs.mkdirSync('/home/user/.aws', { recursive: true });
+      fs.mkdirSync('/etc', { recursive: true });
+      fs.writeFileSync('/etc/sensitive', 'do not overwrite');
+      fs.symlinkSync('/etc/sensitive', configPath);
+
+      expect(() => mergeProfileSection(configPath, 'profile dev', { region: 'us-east-1' }, true)).toThrow(
+        /Refusing .* \(.* symbolic link\)/,
+      );
+      expect(fs.readFileSync('/etc/sensitive', 'utf-8')).toBe('do not overwrite');
+    });
+
+    it('ensureAwsDirectoryExists refuses when ~/.aws is a symlink', {}, () => {
+      fs.mkdirSync('/real-target', { recursive: true });
+      fs.mkdirSync('/home/user', { recursive: true });
+      fs.symlinkSync('/real-target', '/home/user/.aws');
+
+      expect(() => ensureAwsDirectoryExists(credsPath)).toThrow(/Refusing .* \(.* symbolic link\)/);
+    });
+
+    it('writeProfileFiles refuses to overwrite a pre-existing symlink at the credentials path', {}, () => {
+      fs.mkdirSync('/home/user/.aws', { recursive: true });
+      fs.mkdirSync('/etc', { recursive: true });
+      fs.writeFileSync('/etc/passwd', 'root:x:0:0::/root:/bin/sh');
+      fs.symlinkSync('/etc/passwd', credsPath);
+
+      expect(() =>
+        writeProfileFiles('dev', { AccessKeyId: 'AKIA', SecretAccessKey: 'secret' }, 'us-east-1', true),
+      ).toThrow(/Refusing .* \(.* symbolic link\)/);
+
+      expect(fs.lstatSync(credsPath).isSymbolicLink()).toBe(true);
+      expect(fs.readFileSync('/etc/passwd', 'utf-8')).toBe('root:x:0:0::/root:/bin/sh');
+    });
+
+    it('happy path still writes both files with mode 0o600 when no symlinks are present', {}, () => {
+      writeProfileFiles('dev', { AccessKeyId: 'AKIA', SecretAccessKey: 'secret' }, 'us-east-1', false);
+
+      expect(fs.statSync(credsPath).mode & 0o777).toBe(0o600);
+      expect(fs.statSync(configPath).mode & 0o777).toBe(0o600);
+      expect(fs.lstatSync(credsPath).isSymbolicLink()).toBe(false);
+      expect(fs.lstatSync(configPath).isSymbolicLink()).toBe(false);
+    });
+  });
 });