While GitHub did indicate that a warning would appear that the culprit commands would in time be deprecated, this breaking change appears to have caught a number of people off guard. In my workflow for this blog I had noticed for some time that an error was displayed advising me that the set-env command in my case executed during the installation of Ruby was deprecated and soon to be disabled.
You can actually work around this issue quite easily, until all subsequent actions are updated at least downstream, you can add an environment variable to the command affected to allow the use of unsecure commands using the ACTIONS_ALLOW_UNSECURE_COMMANDS variable set to true. It can be set to true quite easily in your workflow as shown below.
- name: Install Ruby uses: ruby/setup-ruby@ec106b438a1ff6ff109590de34ddc62c540232e0 env: ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true' with: ruby-version: 2.6Once committed to the repository, the workflow will run depending on your configuration and should now complete without error.
Martyn Coupland 
Leave a comment