Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: actions/checkout
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: b4ffde6
Choose a base ref
...
head repository: actions/checkout
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 692973e
Choose a head ref
9 contributors

Commits on Feb 20, 2024

  1. Create test-ubuntu-git Docker Container for Proxy Tests (#1616)

    @jww3
    jww3 authored Feb 20, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    473055b View commit details

Commits on Feb 21, 2024

  1. Refine workflow for generating test-ubuntu-git (#1617)

    @jww3
    jww3 authored Feb 21, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    df0bcdd View commit details

  2. Explicitly disable sparse checkout unless asked for (#1598) 

    When a worktree is reused by actions/checkout and the first time sparse checkout was enabled, we need to ensure that the second time it is only a sparse checkout if explicitly asked for. Otherwise, we need to disable the sparse checkout so that a full checkout is the outcome of this Action.

## Details
* If no `sparse-checkout` parameter is specified, disable it

This should allow users to reuse existing folders when running
`actions/checkout` where a previous run asked for a sparse checkout but
the current run does not ask for a sparse checkout.

This fixes #1475

There are use cases in particular with non-ephemeral (self-hosted) runners where an
existing worktree (that has been initialized as a sparse checkout) is
reused in subsequent CI runs (where `actions/checkout` is run _without_
any `sparse-checkout` parameter).

In these scenarios, we need to make sure that the sparse checkout is
disabled before checking out the files.

### Also includes:

* npm run build
* ci: verify that an existing sparse checkout can be made unsparse
* Added a clarifying comment about test branches.
* `test-proxy` now uses newly-minted `test-ubuntu-git` container image from ghcr.io

---------

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Co-authored-by: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
    @dscho @jww3
    dscho and jww3 authored Feb 21, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    aadec89 View commit details

Commits on Feb 22, 2024

  1. Give test-ubuntu-git its own README (#1620) 

    * Give `test-ubuntu-git` its own `README`
* Refined title and description in `test-ubuntu-git.Dockerfile`
* nit accepted:  Remove double space

---------

Co-authored-by: Ferenc Hammerl <31069338+fhammerl@users.noreply.github.com>
    @jww3 @fhammerl
    jww3 and fhammerl authored Feb 22, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    2650dbd View commit details

  2. Warn on attempts to publish test-ubuntu-git from non-main branch. (#… 

    …1623)

* Warn on attempts to publish test-ubuntu-git from non-main branch.
* Rename build step to clarify that Push is optional.
    @jww3
    jww3 authored Feb 22, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    b32f140 View commit details

Commits on Mar 5, 2024

  1. Bump tough-cookie from 4.0.0 to 4.1.3 (#1406) 

    Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.0.0 to 4.1.3.
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v4.0.0...v4.1.3)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Mar 5, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    556e4c3 View commit details

  2. Bump @babel/traverse from 7.20.5 to 7.24.0 (#1642) 

    Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.20.5 to 7.24.0.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.24.0/packages/babel-traverse)

---
updated-dependencies:
- dependency-name: "@babel/traverse"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Mar 5, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    8eb1f6a View commit details

Commits on Mar 12, 2024

  1. Prep for release of v4.1.2 (#1649) 

    * Add v4.1.2 and v4.1.1 to CHANGELOG.md
* Bump version in package.json to 4.1.2
* Ran `npm i` to regenerate package-lock.json
    @jww3
    jww3 authored Mar 12, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    9bb5618 View commit details

  2. Update actions/checkout version in update-main-version.yml (#1650)

    @jww3
    jww3 authored Mar 12, 2024
    Loading
    Loading status checks…
    4
    Copy the full SHA
    8410ad0 View commit details

Commits on Mar 14, 2024

  1. Check git version before attempting to disable sparse-checkout (#1656) 

    * Check git version before attempting to disable `sparse-checkout`
* Bump `MinimumGitSparseCheckoutVersion` to 2.28 due to #1386
* Initial prep for release 4.1.3
    @jww3
    jww3 authored Mar 14, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    cd7d8d6 View commit details

Commits on Apr 18, 2024

  1. Add SSH user parameter (#1685) 

    * Add a configurable SSH user

* Update docs with param

* Indentation of readme

* formatting woes

* Update src/url-helper.ts

Co-authored-by: Josh Gross <joshmgross@github.com>

* Update action.yml

Co-authored-by: Josh Gross <joshmgross@github.com>

* Update genfiles

---------

Co-authored-by: Josh Gross <joshmgross@github.com>
    @cory-miller @joshmgross
    cory-miller and joshmgross authored Apr 18, 2024
    Loading
    Loading status checks…
    7
    Copy the full SHA
    1d96c77 View commit details

Commits on Apr 23, 2024

  1. Bump word-wrap from 1.2.3 to 1.2.5 (#1643) 

    Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.5.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](jonschlinkert/word-wrap@1.2.3...1.2.5)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 23, 2024
    Loading
    Loading status checks…
    1
    Copy the full SHA
    9b4c13b View commit details

  2. Add dependabot config (#1688) 

    * Add dependabot config
* Group minor and patch updates for NPM and GH Actions
    @cory-miller
    cory-miller authored Apr 23, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    9839dc1 View commit details

  3. Bump the minor-actions-dependencies group with 2 updates (#1693) 

    Bumps the minor-actions-dependencies group with 2 updates: [docker/login-action](https://github.com/docker/login-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `docker/login-action` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v3.0.0...v3.1.0)

Updates `docker/build-push-action` from 5.1.0 to 5.3.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v5.1.0...v5.3.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-actions-dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 23, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    37b0821 View commit details

  4. Disable extensions.worktreeConfig when disabling sparse-checkout (#… 

    …1692)
    @jww3
    jww3 authored Apr 23, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    43045ae View commit details

Commits on Apr 24, 2024

  1. Prep Release v4.1.4 (#1704) 

    * Update package.json and package-lock.json to reflect v4.1.4
* Update CHANGELOG
    @jww3
    jww3 authored Apr 24, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    0ad4b8f View commit details

  2. Update NPM dependencies (#1703) 

    * Update dependencies manually
* Format files
* Update licenses
    @cory-miller
    cory-miller authored Apr 24, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    9c1e94e View commit details

  3. Bump github/codeql-action from 2 to 3 (#1694) 

    Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 24, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    fd084cd View commit details

  4. Bump actions/setup-node from 1 to 4 (#1696) 

    Bumps [actions/setup-node](https://github.com/actions/setup-node) from 1 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v1...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 24, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    3f603f6 View commit details

  5. Bump actions/upload-artifact from 2 to 4 (#1695) 

    Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v2...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored Apr 24, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    8459bc0 View commit details

Commits on Apr 30, 2024

  1. README: Suggest user.email to be `41898282+github-actions[bot]@user… 

    …s.noreply.github.com` (#1707)

* README: Set `user.email` to GitHub Actions Bot

* Update workflow to use proper bot GitHub Bot email

* Prefix `user.email` with `41898282+`

To match squash merge user, else showing as two different users, see: SocketDev/socket-sdk-js@b0948d0

* Update README.md

---------

Co-authored-by: Pelle Wessman <pelle@kodfabrik.se>
    @cory-miller @voxpelli
    cory-miller and voxpelli authored Apr 30, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    44c2b7a View commit details

Commits on May 16, 2024

  1. Check platform for extension (#1732)

    @cory-miller
    cory-miller authored May 16, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    24ed1a3 View commit details

  2. Update for 4.1.6 release (#1733)

    @cory-miller
    cory-miller authored May 16, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    a5ac7e5 View commit details

Commits on May 20, 2024

  1. Bump the minor-npm-dependencies group across 1 directory with 4 updat… 

    …es (#1739)

Bumps the minor-npm-dependencies group with 4 updates in the / directory: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) and [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest).


Updates `@types/node` from 20.12.7 to 20.12.12
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Updates `@typescript-eslint/eslint-plugin` from 7.7.1 to 7.9.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.9.0/packages/eslint-plugin)

Updates `@typescript-eslint/parser` from 7.7.1 to 7.9.0
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.9.0/packages/parser)

Updates `eslint-plugin-jest` from 28.2.0 to 28.5.0
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases)
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md)
- [Commits](jest-community/eslint-plugin-jest@v28.2.0...v28.5.0)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-npm-dependencies
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-npm-dependencies
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-npm-dependencies
- dependency-name: eslint-plugin-jest
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    @dependabot
    dependabot[bot] authored May 20, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    b1ec302 View commit details

  2. Bump actions/checkout from 3 to 4 (#1697) 

    * Bump actions/checkout from 3 to 4

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Apply suggestions from code review

* .

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Cory Miller <13227161+cory-miller@users.noreply.github.com>
    @dependabot @cory-miller
    dependabot[bot] and cory-miller authored May 20, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    b80ff79 View commit details

Commits on Jun 12, 2024

  1. Handle hidden refs (#1774) 

    Co-authored-by: Chris Gavin <chris@chrisgavin.me>
    @orhantoy @chrisgavin
    orhantoy and chrisgavin authored Jun 12, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    b17fe1e View commit details

  2. Pin actions/checkout's own workflows to a known, good, stable version. ( 

    #1776)

* Pin actions/checkout's own workflows to a known, good, stable version.

* fixed failing unit test

* fix unit test
    @jww3
    jww3 authored Jun 12, 2024
    Loading
    Loading status checks…
    Copy the full SHA
    6ccd57f View commit details

  3. Prepare 4.1.7 release (#1775) 

    * Prepare 4.1.7 release

* Include #1776 in 4.1.7 release
    @joshmgross
    joshmgross authored Jun 12, 2024
    Loading
    Loading status checks…
    1
    Copy the full SHA
    692973e View commit details
Showing with 34,776 additions and 24,898 deletions.
  1. +20 −0 .github/dependabot.yml
  2. +3 −3 .github/workflows/check-dist.yml
  3. +3 −3 .github/workflows/codeql-analysis.yml
  4. +1 −1 .github/workflows/licensed.yml
  5. +28 −13 .github/workflows/test.yml
  6. +6 −3 .github/workflows/update-main-version.yml
  7. +59 −0 .github/workflows/update-test-ubuntu-git.yml
  8. +1 −1 .licenses/npm/@actions/core.dep.yml
  9. +4 −2 .licenses/npm/@actions/exec.dep.yml
  10. +1 −1 .licenses/npm/@actions/github.dep.yml
  11. +1 −1 .licenses/npm/@actions/http-client.dep.yml
  12. +10 −20 .licenses/npm/@actions/tool-cache.dep.yml
  13. +13 −14 .licenses/npm/{function-bind.dep.yml → @fastify/busboy.dep.yml}
  14. +1 −1 .licenses/npm/@octokit/auth-token.dep.yml
  15. +1 −1 .licenses/npm/@octokit/core.dep.yml
  16. +1 −1 .licenses/npm/@octokit/endpoint.dep.yml
  17. +1 −1 .licenses/npm/@octokit/graphql.dep.yml
  18. +1 −1 .licenses/npm/@octokit/{openapi-types.dep.yml → openapi-types-20.0.0.dep.yml}
  19. +20 −0 .licenses/npm/@octokit/openapi-types-22.1.0.dep.yml
  20. +1 −1 .licenses/npm/@octokit/plugin-paginate-rest.dep.yml
  21. +1 −1 .licenses/npm/@octokit/plugin-rest-endpoint-methods.dep.yml
  22. +1 −1 .licenses/npm/@octokit/request-error.dep.yml
  23. +1 −1 .licenses/npm/@octokit/request.dep.yml
  24. +1 −1 .licenses/npm/@octokit/{types.dep.yml → types-12.6.0.dep.yml}
  25. +20 −0 .licenses/npm/@octokit/types-13.4.1.dep.yml
  26. +0 −32 .licenses/npm/call-bind.dep.yml
  27. +0 −33 .licenses/npm/get-intrinsic.dep.yml
  28. +0 −33 .licenses/npm/has.dep.yml
  29. +0 −40 .licenses/npm/is-plain-object.dep.yml
  30. +0 −56 .licenses/npm/node-fetch.dep.yml
  31. +0 −51 .licenses/npm/object-inspect.dep.yml
  32. +0 −40 .licenses/npm/qs.dep.yml
  33. +1 −1 .licenses/npm/semver.dep.yml
  34. +0 −32 .licenses/npm/side-channel.dep.yml
  35. +0 −30 .licenses/npm/tr46.dep.yml
  36. +0 −945 .licenses/npm/typed-rest-client.dep.yml
  37. +0 −33 .licenses/npm/underscore.dep.yml
  38. +7 −5 .licenses/npm/{has-symbols.dep.yml → undici.dep.yml}
  39. +1 −1 .licenses/npm/universal-user-agent.dep.yml
  40. +2 −2 .licenses/npm/{uuid-3.3.3.dep.yml → uuid-3.4.0.dep.yml}
  41. +20 −0 .licenses/npm/uuid-9.0.1.dep.yml
  42. +0 −23 .licenses/npm/webidl-conversions.dep.yml
  43. +0 −32 .licenses/npm/whatwg-url.dep.yml
  44. +34 −0 CHANGELOG.md
  45. +8 −2 README.md
  46. +8 −5 __test__/git-auth-helper.test.ts
  47. +3 −1 __test__/git-directory-helper.test.ts
  48. +42 −1 __test__/git-version.test.ts
  49. +12 −2 __test__/ref-helper.test.ts
  50. +1 −1 __test__/retry-helper.test.ts
  51. +14 −0 __test__/verify-basic.sh
  52. +4 −0 action.yml
  53. +30,180 −10,280 dist/index.js
  54. +12 −0 images/test-ubuntu-git.Dockerfile
  55. +15 −0 images/test-ubuntu-git.md
  56. +1 −0 jest.config.js
  57. +4,119 −13,093 package-lock.json
  58. +22 −22 package.json
  59. +9 −6 src/fs-helper.ts
  60. +2 −2 src/git-auth-helper.ts
  61. +23 −10 src/git-command-manager.ts
  62. +11 −2 src/git-source-provider.ts
  63. +5 −0 src/git-source-settings.ts
  64. +4 −2 src/github-api-helper.ts
  65. +4 −2 src/input-helper.ts
  66. +1 −1 src/misc/generate-docs.ts
  67. +6 −2 src/ref-helper.ts
  68. +2 −1 src/url-helper.ts
  69. +3 −2 src/workflow-context-helper.ts
20 changes: 20 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
---
version: 2

updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
groups:
minor-npm-dependencies:
# NPM: Only group minor and patch updates (we want to carefully review major updates)
update-types: [minor, patch]
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
groups:
minor-actions-dependencies:
# GitHub Actions: Only group minor and patch updates (we want to carefully review major updates)
update-types: [minor, patch]
6 changes: 3 additions & 3 deletions .github/workflows/check-dist.yml
View file
Original file line number Diff line number Diff line change
@@ -22,10 +22,10 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4.1.6

- name: Set Node.js 20.x
uses: actions/setup-node@v1
uses: actions/setup-node@v4
with:
node-version: 20.x

@@ -44,7 +44,7 @@ jobs:
fi
# If dist/ was different than expected, upload the expected version as an artifact
- uses: actions/upload-artifact@v2
- uses: actions/upload-artifact@v4
if: ${{ failure() && steps.diff.conclusion == 'failure' }}
with:
name: dist
6 changes: 3 additions & 3 deletions .github/workflows/codeql-analysis.yml
View file
Original file line number Diff line number Diff line change
@@ -39,10 +39,10 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4.1.6

- name: Initialize CodeQL
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -55,4 +55,4 @@ jobs:
- run: rm -rf dist # We want code scanning to analyze lib instead (individual .js files)

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
uses: github/codeql-action/analyze@v3
2 changes: 1 addition & 1 deletion .github/workflows/licensed.yml
View file
Original file line number Diff line number Diff line change
@@ -9,6 +9,6 @@ jobs:
runs-on: ubuntu-latest
name: Check licenses
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4.1.6
- run: npm ci
- run: npm run licensed-check
41 changes: 28 additions & 13 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
@@ -7,14 +7,19 @@ on:
- main
- releases/*


# Note that when you see patterns like "ref: test-data/v2/basic" within this workflow,
# these refer to "test-data" branches on this actions/checkout repo.
# (For example, test-data/v2/basic -> https://github.com/actions/checkout/tree/test-data/v2/basic)

jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/setup-node@v1
- uses: actions/setup-node@v4
with:
node-version: 20.x
- uses: actions/checkout@v3
- uses: actions/checkout@v4.1.6
- run: npm ci
- run: npm run build
- run: npm run format-check
@@ -32,7 +37,7 @@ jobs:
steps:
# Clone this repo
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4.1.6

# Basic checkout
- name: Checkout basic
@@ -95,6 +100,16 @@ jobs:
- name: Verify sparse checkout
run: __test__/verify-sparse-checkout.sh

# Disabled sparse checkout in existing checkout
- name: Disabled sparse checkout
uses: ./
with:
path: sparse-checkout

- name: Verify disabled sparse checkout
shell: bash
run: set -x && ls -l sparse-checkout/src/git-command-manager.ts

# Sparse checkout (non-cone mode)
- name: Sparse checkout (non-cone mode)
uses: ./
@@ -175,7 +190,7 @@ jobs:
test-proxy:
runs-on: ubuntu-latest
container:
image: alpine/git:latest
image: ghcr.io/actions/test-ubuntu-git:main.20240221.114913.703z
options: --dns 127.0.0.1
services:
squid-proxy:
@@ -187,7 +202,7 @@ jobs:
steps:
# Clone this repo
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4.1.6

# Basic checkout using git
- name: Checkout basic
@@ -219,7 +234,7 @@ jobs:
steps:
# Clone this repo
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4.1.6

# Basic checkout using git
- name: Checkout basic
@@ -242,20 +257,20 @@ jobs:
path: basic
- name: Verify basic
run: __test__/verify-basic.sh --archive

test-git-container:
runs-on: ubuntu-latest
container: bitnami/git:latest
steps:
# Clone this repo
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4.1.6
with:
path: v3
path: localClone

# Basic checkout using git
- name: Checkout basic
uses: ./v3
uses: ./localClone
with:
ref: test-data/v2/basic
- name: Verify basic
@@ -276,7 +291,7 @@ jobs:
git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main
# needed to make checkout post cleanup succeed
- name: Fix Checkout v3
uses: actions/checkout@v3
- name: Fix Checkout v4
uses: actions/checkout@v4.1.6
with:
path: v3
path: localClone
9 changes: 6 additions & 3 deletions .github/workflows/update-main-version.yml
View file
Original file line number Diff line number Diff line change
@@ -19,13 +19,16 @@ jobs:
tag:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
# Note this update workflow can also be used as a rollback tool.
# For that reason, it's best to pin `actions/checkout` to a known, stable version
# (typically, about two releases back).
- uses: actions/checkout@v4.1.6
with:
fetch-depth: 0
- name: Git config
run: |
git config user.name github-actions
git config user.email github-actions@github.com
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
- name: Tag new target
run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }}
- name: Push new tag
59 changes: 59 additions & 0 deletions .github/workflows/update-test-ubuntu-git.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
name: Publish test-ubuntu-git Container

on:
# Use an on demand workflow trigger.
# (Forked copies of actions/checkout won't have permission to update GHCR.io/actions,
# so avoid trigger events that run automatically.)
workflow_dispatch:
inputs:
publish:
description: 'Publish to ghcr.io? (main branch only)'
type: boolean
required: true
default: false

env:
REGISTRY: ghcr.io
IMAGE_NAME: actions/test-ubuntu-git

jobs:
build-and-push-image:
runs-on: ubuntu-latest
# Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
permissions:
contents: read
packages: write

steps:
- name: Checkout repository
uses: actions/checkout@v4

# Use `docker/login-action` to log in to GHCR.io.
# Once published, the packages are scoped to the account defined here.
- name: Log in to the ghcr.io container registry
uses: docker/login-action@v3.1.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Format Timestamp
id: timestamp
# Use `date` with a custom format to achieve the key=value format GITHUB_OUTPUT expects.
run: date -u "+now=%Y%m%d.%H%M%S.%3NZ" >> "$GITHUB_OUTPUT"

- name: Issue Image Publish Warning
if: ${{ inputs.publish && github.ref_name != 'main' }}
run: echo "::warning::test-ubuntu-git images can only be published from the actions/checkout 'main' branch. Workflow will continue with push/publish disabled."

# Use `docker/build-push-action` to build (and optionally publish) the image.
- name: Build Docker Image (with optional Push)
uses: docker/build-push-action@v5.3.0
with:
context: .
file: images/test-ubuntu-git.Dockerfile
# For now, attempts to push to ghcr.io must target the `main` branch.
# In the future, consider also allowing attempts from `releases/*` branches.
push: ${{ inputs.publish && github.ref_name == 'main' }}
tags: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}.${{ steps.timestamp.outputs.now }}
2 changes: 1 addition & 1 deletion .licenses/npm/@actions/core.dep.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 4 additions & 2 deletions .licenses/npm/@actions/exec.dep.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .licenses/npm/@actions/github.dep.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .licenses/npm/@actions/http-client.dep.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

30 changes: 10 additions & 20 deletions .licenses/npm/@actions/tool-cache.dep.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

27 changes: 13 additions & 14 deletions .licenses/npm/function-bind.dep.yml → .licenses/npm/@fastify/busboy.dep.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion .licenses/npm/@octokit/auth-token.dep.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading