At the start of October, GitHub posted on their intent over time to fully disable the ability to use add-path and set-env commands in GitHub Actions. As of around the 17th November 2020, these changes were implemented and a number of users have reported failing workflows.

While GitHub did indicate that a warning would appear that the culprit commands would in time be deprecated, this breaking change appears to have caught a number of people off guard. In my workflow for this blog I had noticed for some time that an error was displayed advising me that the set-env command in my case executed during the installation of Ruby was deprecated and soon to be disabled.

You can actually work around this issue quite easily, until all subsequent actions are updated at least downstream, you can add an environment variable to the command affected to allow the use of unsecure commands using the ACTIONS_ALLOW_UNSECURE_COMMANDS variable set to true. It can be set to true quite easily in your workflow as shown below.

- name: Install Ruby
    uses: ruby/setup-ruby@ec106b438a1ff6ff109590de34ddc62c540232e0
    env:
        ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true'
    with:
        ruby-version: 2.6

Once committed to the repository, the workflow will run depending on your configuration and should now complete without error.