Add hide_outputs input to suppress command output from Actions log

[Copilot]

Commands that emit sensitive data (secrets, tokens) to stdout/stderr have no way to prevent that output from appearing in the GitHub Actions log, while still making it available to downstream steps via output files.

Changes

• action.yml: New hide_outputs boolean input (default: false). When true, stdout/stderr are written only to the output files and not forwarded to process.stdout/process.stderr.
• src/main.ts: Reads hide_outputs input and passes it as { hideOutputs } to executeCommand(). Updated executeCommand() signature to accept an options object and conditionally skip piping to process streams.
• README.md: Documents the new input and adds a usage example.

Example

- name: Fetch Secret Data
  id: fetch
  uses: retailnext/exec-action@main
  with:
    command: 'my-tool --output-secret'
    hide_outputs: 'true'

- name: Process Secret Data
  run: process-data < "${{ steps.fetch.outputs.stdout_file }}"

Output is hidden from the workflow log but remains accessible to subsequent steps via stdout_file / stderr_file.

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.