Gitea/checkout
1
0
Fork 0
mirror of https://github.com/actions/checkout.git synced 2025-10-31 18:18:37 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
127 Commits 48 Branches 52 Tags 36 MiB
77481491f5
Commit Graph

127 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
snyk-bot
77481491f5
fix: upgrade @actions/github from 5.0.0 to 5.0.1 
Snyk has created this PR to upgrade @actions/github from 5.0.0 to 5.0.1.

See this package in npm:
https://www.npmjs.com/package/@actions/github

See this project in Snyk:
https://app.snyk.io/org/emnmer1/project/34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-04-22 22:24:18 +00:00
Emnmer1
1b0cc5085d
Merge pull request #10 from Emnmer1/snyk-upgrade-0658ef0dff4fc660c08767912341a88e 
[Snyk] Upgrade uuid from 3.4.0 to 8.3.2
 2022-04-21 12:35:20 -07:00
Emnmer1
1f9ae1535f
Merge pull request #11 from Emnmer1/snyk-upgrade-fa9aa46d4dcbc77e2f2edfe30c4fd662 
[Snyk] Upgrade @actions/github from 2.2.0 to 5.0.0
 2022-04-21 12:35:03 -07:00
snyk-bot
4a2308bbdc
feat: upgrade @actions/github from 2.2.0 to 5.0.0 
Snyk has created this PR to upgrade @actions/github from 2.2.0 to 5.0.0.

See this package in npm:
https://www.npmjs.com/package/@actions/github

See this project in Snyk:
https://app.snyk.io/org/emnmer1/project/34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-04-21 09:00:22 +00:00
snyk-bot
66bcca04ba
feat: upgrade uuid from 3.4.0 to 8.3.2 
Snyk has created this PR to upgrade uuid from 3.4.0 to 8.3.2.

See this package in npm:
https://www.npmjs.com/package/uuid

See this project in Snyk:
https://app.snyk.io/org/emnmer1/project/34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-04-21 09:00:18 +00:00
Emnmer1
b03235eb78
Merge pull request #9 from Emnmer1/snyk-upgrade-051c28ecc7862af26b0c9a9eb027d14a 
[Snyk] Upgrade uuid from 3.3.3 to 3.4.0
 2022-04-20 06:58:36 -07:00
Emnmer1
cad0b42c07
Merge branch 'actions:main' into snyk-upgrade-051c28ecc7862af26b0c9a9eb027d14a 2022-04-20 04:54:42 -07:00
Emnmer1
a8b45e2744
Merge pull request #6 from Emnmer1/snyk-upgrade-4e5967dab2475ae6b8293da21f49909b 
[Snyk] Upgrade @actions/core from 1.2.6 to 1.6.0
 2022-04-20 04:40:41 -07:00
Thomas Boop
dcd71f6466
Enforce safe directory (#762) 
* set safe directory when running checkout

* Update CHANGELOG.md
 2022-04-14 14:13:20 -04:00
snyk-bot
4c7e6c7cd3
fix: upgrade uuid from 3.3.3 to 3.4.0 
Snyk has created this PR to upgrade uuid from 3.3.3 to 3.4.0.

See this package in npm:
https://www.npmjs.com/package/uuid

See this project in Snyk:
https://app.snyk.io/org/emnmer1/project/34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-04-11 07:10:33 +00:00
snyk-bot
6012935062
fix: upgrade @actions/core from 1.2.6 to 1.6.0 
Snyk has created this PR to upgrade @actions/core from 1.2.6 to 1.6.0.

See this package in npm:
https://www.npmjs.com/package/@actions/core

See this project in Snyk:
https://app.snyk.io/org/emnmer1/project/34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-04-11 07:10:23 +00:00
Emnmer1
360b1bd174
Merge branch 'actions:main' into main 2022-04-06 00:19:41 -07:00
Tingluo Huang
add3486cc3
Patch to fix the dependbot alert. (#744) 
* Patch to fix the dependbot alert.

* .

* .

* .
 2022-04-05 13:01:33 -04:00
Emnmer1
38f735923c
3 
gh pr checkout 3
 2022-04-02 14:19:51 -07:00
Emnmer1
389fa9dff2
Merge branch 'actions:main' into main 2022-04-01 01:53:36 -07:00
dependabot[bot]
5126516654
Bump minimist from 1.2.5 to 1.2.6 (#741) 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-31 10:09:15 -04:00
Emnmer1
e3c1862394
Merge branch 'actions:main' into main 2022-03-26 04:30:50 -07:00
Emnmer1
61a89dd64d
Merge pull request #1 from Emnmer1/dependabot/npm_and_yarn/node-fetch-2.6.7 
Bump node-fetch from 2.6.5 to 2.6.7
 2022-03-26 03:55:27 -07:00
Edward Thomson
d50f8ea767
Add v3.0 release information to changelog (#740) 2022-03-25 09:52:31 -04:00
dependabot[bot]
890204e24f
Bump node-fetch from 2.6.5 to 2.6.7 
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.5 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.5...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-22 00:40:08 +00:00
Emnmer1
3a9da3354b
Add files via upload 2022-03-21 10:24:10 -07:00
Thomas Boop
2d1c1198e7
update test workflows to checkout v3 (#709) 2022-03-01 13:02:13 -05:00
Thomas Boop
a12a3943b4
update readme for v3 (#708) 
* update readme for v3

* update readme with changes

* nit grammar
 2022-03-01 12:46:45 -05:00
Thomas Boop
8f9e05e482
Update to node 16 (#689) 
* Update to node 16

* update setup-node version

* Update check-dist.yml

update setup node version

* update dist/index.js
 2022-02-28 16:17:29 -05:00
Ameya Lokare
230611dbd0
Change secret name for PAT to not start with GITHUB_ (#623) 
Github doesn't allow secret names that start with `GITHUB_` (case insensitive). Update README to choose a different prefix (GH).
 2021-11-02 16:20:59 -05:00
eric sciple
ec3a7ce113
set insteadOf url for org-id (#621) 2021-11-01 11:43:18 -05:00
eric sciple
fd47087372
codeql should analyze lib not dist (#620) 2021-10-20 15:11:24 -05:00
eric sciple
3d677ac575
script to generate license info (#614) 2021-10-19 14:30:04 -05:00
eric sciple
826ba42d6c
npm audit fix (#612) 2021-10-19 10:05:28 -05:00
eric sciple
eb8a193c1d
update dev dependencies and react to new linting rules (#611) 2021-10-19 09:52:57 -05:00
Jeremy Epling
c49af7ca1f
Create codeql-analysis.yml (#602) 2021-10-18 16:28:25 -05:00
Thomas Boop
1e204e9a92
update licensed check (#606) 2021-10-13 16:22:03 -05:00
eric sciple
0299a0d2b6
update dist (#605) 2021-10-13 16:07:05 -05:00
dependabot[bot]
be0f448456
Bump ws from 5.2.2 to 5.2.3 (#604) 
Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/5.2.2...5.2.3)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:14:20 -05:00
dependabot[bot]
56c00a7b1f
Bump tmpl from 1.0.4 to 1.0.5 (#588) 
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases)
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5)

---
updated-dependencies:
- dependency-name: tmpl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:13:31 -05:00
dependabot[bot]
85e47d1a2b
Bump path-parse from 1.0.6 to 1.0.7 (#568) 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:13:04 -05:00
dependabot[bot]
3fc17f8645
Bump hosted-git-info from 2.8.5 to 2.8.9 (#500) 
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.5 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:11:06 -05:00
dependabot[bot]
e3bc06d986
Bump lodash from 4.17.15 to 4.17.21 (#499) 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:08:31 -05:00
dependabot[bot]
442567ba57
Bump handlebars from 4.5.3 to 4.7.7 (#497) 
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.5.3 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.5.3...v4.7.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:07:45 -05:00
dependabot[bot]
7f00b66d06
Bump y18n from 4.0.0 to 4.0.1 (#469) 
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:07:05 -05:00
dependabot[bot]
eccf386318
Bump @actions/core from 1.1.3 to 1.2.6 (#361) 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.1.3 to 1.2.6.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 08:57:33 -05:00
dependabot[bot]
2bd2911be9
Bump acorn from 5.7.3 to 5.7.4 (#186) 
Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.3 to 5.7.4.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/5.7.3...5.7.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 08:55:25 -05:00
Brian Cristante
afe4af09a7
Create check-dist.yml (#566) 
* Add check-dist.yml

* Don't need to mv to git diff

* Upload the whole dist/ directory as an artifact

* Update .github/workflows/check-dist.yml
 2021-08-17 16:08:22 -04:00
Ross Brodbeck
25a956c84d
Create CODEOWNERS 2021-02-04 12:25:41 -05:00
Johannes Schindelin
5a4ac9002d
Add missing awaits (#379) 
* auth-helper: properly await replacement of the token value in the config

After writing the `.extraheader` config, we manually replace the token
with the actual value. This is done in an `async` function, but we were
not `await`ing the result.

In our tests, this commit fixes a flakiness we observed where
`remote.origin.url` sometimes (very rarely, actually) is not set for
submodules. Our interpretation is that the configs are in the process of
being rewritten with the correct token value _while_ another `git
config` that wants to set the `insteadOf` value is reading the config,
which is currently empty.

A more idiomatic way to fix this in Typescript would use
`Promise.all()`, like this:

      await Promise.all(
        configPaths.map(async configPath => {
          core.debug(`Replacing token placeholder in '${configPath}'`)
          await this.replaceTokenPlaceholder(configPath)
        })
      )

However, during review of https://github.com/actions/checkout/pull/379
it was decided to keep the `for` loop in the interest of simplicity.

Reported by Ian Lynagh.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* downloadRepository(): await the result of recursive deletions

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* Ask ESLint to report floating Promises

This rule is quite helpful in avoiding hard-to-debug missing `await`s.

Note: there are two locations in `src/main.ts` that trigger warnings:
the `run()` and the `cleanup()` function are called without `await` and
without any `.catch()` clause.

In the initial version of https://github.com/actions/checkout/pull/379,
this was addressed by adding `.catch()` clauses. However, it was
determined that this is boilerplate code that will need to be fixed in a
broader way.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* Rebuild

This trick was brought to you by `npm ci && npm run build`. Needed to
get the PR build to pass.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
 2020-11-03 09:44:09 -05:00
Thomas Boop
c952173edf
Swap to Environment Files (#360) 2020-09-30 11:41:09 -04:00
Thomas Boop
a81bbbf829
Remove unneeded commit information from build logs (#345) 
* Remove unneeded commit information from stdout
 2020-09-23 09:41:47 -04:00
Thomas Boop
21dc310f19
Add Licensed To Help Verify Prod Licenses (#326) 
* Add Licensed file and workflow

* manual updates of dependencies

* Delete licenses.txt

* Ignore Generated Files in Git PR's
 2020-09-10 09:24:29 -04:00
Thomas Boop
be6c44d969 Revert "Delete licenses.txt" 2020-08-11 19:41:01 -04:00
Thomas Boop
dac8cc78a1
Delete licenses.txt 2020-08-11 19:36:35 -04:00