actions/checkout
1
0
Fork 0
mirror of https://code.forgejo.org/actions/checkout.git synced 2024-11-06 12:05:51 +00:00
Code Releases 1 Activity
131 commits 47 branches 50 tags 30 MiB
Commit graph

131 commits

This branch
This branch
All branches
Author SHA1 Message Date
Emnmer1
459d804628
Merge pull request #12 from Emnmer1/snyk-upgrade-9f9457bd6a324eb509b33b0ed4812fee 
[Snyk] Upgrade @actions/github from 5.0.0 to 5.0.1
 2022-04-25 04:03:44 -07:00
Emnmer1
44abdd19d9
Merge branch 'actions:main' into main 2022-04-23 12:09:59 -07:00
snyk-bot
77481491f5
fix: upgrade @actions/github from 5.0.0 to 5.0.1 
Snyk has created this PR to upgrade @actions/github from 5.0.0 to 5.0.1.

See this package in npm:
https://www.npmjs.com/package/@actions/github

See this project in Snyk:
https://app.snyk.io/org/emnmer1/project/34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-04-22 22:24:18 +00:00
Emnmer1
1b0cc5085d
Merge pull request #10 from Emnmer1/snyk-upgrade-0658ef0dff4fc660c08767912341a88e 
[Snyk] Upgrade uuid from 3.4.0 to 8.3.2
 2022-04-21 12:35:20 -07:00
Emnmer1
1f9ae1535f
Merge pull request #11 from Emnmer1/snyk-upgrade-fa9aa46d4dcbc77e2f2edfe30c4fd662 
[Snyk] Upgrade @actions/github from 2.2.0 to 5.0.0
 2022-04-21 12:35:03 -07:00
Tingluo Huang
2541b1294d
Prepare changelog for v3.0.2. (#777) 2022-04-21 10:29:04 -04:00
snyk-bot
4a2308bbdc
feat: upgrade @actions/github from 2.2.0 to 5.0.0 
Snyk has created this PR to upgrade @actions/github from 2.2.0 to 5.0.0.

See this package in npm:
https://www.npmjs.com/package/@actions/github

See this project in Snyk:
https://app.snyk.io/org/emnmer1/project/34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-04-21 09:00:22 +00:00
snyk-bot
66bcca04ba
feat: upgrade uuid from 3.4.0 to 8.3.2 
Snyk has created this PR to upgrade uuid from 3.4.0 to 8.3.2.

See this package in npm:
https://www.npmjs.com/package/uuid

See this project in Snyk:
https://app.snyk.io/org/emnmer1/project/34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-04-21 09:00:18 +00:00
Tingluo Huang
0ffe6f9c55
Add set-safe-directory input to allow customers to take control. (#770) 
* Add set-safe-directory input to allow customers to take control.
 2022-04-20 21:37:43 -04:00
Emnmer1
b03235eb78
Merge pull request #9 from Emnmer1/snyk-upgrade-051c28ecc7862af26b0c9a9eb027d14a 
[Snyk] Upgrade uuid from 3.3.3 to 3.4.0
 2022-04-20 06:58:36 -07:00
Emnmer1
cad0b42c07
Merge branch 'actions:main' into snyk-upgrade-051c28ecc7862af26b0c9a9eb027d14a 2022-04-20 04:54:42 -07:00
Emnmer1
a8b45e2744
Merge pull request #6 from Emnmer1/snyk-upgrade-4e5967dab2475ae6b8293da21f49909b 
[Snyk] Upgrade @actions/core from 1.2.6 to 1.6.0
 2022-04-20 04:40:41 -07:00
Thomas Boop
dcd71f6466
Enforce safe directory (#762) 
* set safe directory when running checkout

* Update CHANGELOG.md
 2022-04-14 14:13:20 -04:00
snyk-bot
4c7e6c7cd3
fix: upgrade uuid from 3.3.3 to 3.4.0 
Snyk has created this PR to upgrade uuid from 3.3.3 to 3.4.0.

See this package in npm:
https://www.npmjs.com/package/uuid

See this project in Snyk:
https://app.snyk.io/org/emnmer1/project/34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-04-11 07:10:33 +00:00
snyk-bot
6012935062
fix: upgrade @actions/core from 1.2.6 to 1.6.0 
Snyk has created this PR to upgrade @actions/core from 1.2.6 to 1.6.0.

See this package in npm:
https://www.npmjs.com/package/@actions/core

See this project in Snyk:
https://app.snyk.io/org/emnmer1/project/34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-04-11 07:10:23 +00:00
Emnmer1
360b1bd174
Merge branch 'actions:main' into main 2022-04-06 00:19:41 -07:00
Tingluo Huang
add3486cc3
Patch to fix the dependbot alert. (#744) 
* Patch to fix the dependbot alert.

* .

* .

* .
 2022-04-05 13:01:33 -04:00
Emnmer1
38f735923c
3 
gh pr checkout 3
 2022-04-02 14:19:51 -07:00
Emnmer1
389fa9dff2
Merge branch 'actions:main' into main 2022-04-01 01:53:36 -07:00
dependabot[bot]
5126516654
Bump minimist from 1.2.5 to 1.2.6 (#741) 
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-31 10:09:15 -04:00
Emnmer1
e3c1862394
Merge branch 'actions:main' into main 2022-03-26 04:30:50 -07:00
Emnmer1
61a89dd64d
Merge pull request #1 from Emnmer1/dependabot/npm_and_yarn/node-fetch-2.6.7 
Bump node-fetch from 2.6.5 to 2.6.7
 2022-03-26 03:55:27 -07:00
Edward Thomson
d50f8ea767
Add v3.0 release information to changelog (#740) 2022-03-25 09:52:31 -04:00
dependabot[bot]
890204e24f
Bump node-fetch from 2.6.5 to 2.6.7 
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.5 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.5...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-22 00:40:08 +00:00
Emnmer1
3a9da3354b
Add files via upload 2022-03-21 10:24:10 -07:00
Thomas Boop
2d1c1198e7
update test workflows to checkout v3 (#709) 2022-03-01 13:02:13 -05:00
Thomas Boop
a12a3943b4
update readme for v3 (#708) 
* update readme for v3

* update readme with changes

* nit grammar
 2022-03-01 12:46:45 -05:00
Thomas Boop
8f9e05e482
Update to node 16 (#689) 
* Update to node 16

* update setup-node version

* Update check-dist.yml

update setup node version

* update dist/index.js
 2022-02-28 16:17:29 -05:00
Ameya Lokare
230611dbd0
Change secret name for PAT to not start with GITHUB_ (#623) 
Github doesn't allow secret names that start with `GITHUB_` (case insensitive). Update README to choose a different prefix (GH).
 2021-11-02 16:20:59 -05:00
eric sciple
ec3a7ce113
set insteadOf url for org-id (#621) 2021-11-01 11:43:18 -05:00
eric sciple
fd47087372
codeql should analyze lib not dist (#620) 2021-10-20 15:11:24 -05:00
eric sciple
3d677ac575
script to generate license info (#614) 2021-10-19 14:30:04 -05:00
eric sciple
826ba42d6c
npm audit fix (#612) 2021-10-19 10:05:28 -05:00
eric sciple
eb8a193c1d
update dev dependencies and react to new linting rules (#611) 2021-10-19 09:52:57 -05:00
Jeremy Epling
c49af7ca1f
Create codeql-analysis.yml (#602) 2021-10-18 16:28:25 -05:00
Thomas Boop
1e204e9a92
update licensed check (#606) 2021-10-13 16:22:03 -05:00
eric sciple
0299a0d2b6
update dist (#605) 2021-10-13 16:07:05 -05:00
dependabot[bot]
be0f448456
Bump ws from 5.2.2 to 5.2.3 (#604) 
Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/5.2.2...5.2.3)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:14:20 -05:00
dependabot[bot]
56c00a7b1f
Bump tmpl from 1.0.4 to 1.0.5 (#588) 
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases)
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5)

---
updated-dependencies:
- dependency-name: tmpl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:13:31 -05:00
dependabot[bot]
85e47d1a2b
Bump path-parse from 1.0.6 to 1.0.7 (#568) 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:13:04 -05:00
dependabot[bot]
3fc17f8645
Bump hosted-git-info from 2.8.5 to 2.8.9 (#500) 
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.5 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:11:06 -05:00
dependabot[bot]
e3bc06d986
Bump lodash from 4.17.15 to 4.17.21 (#499) 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:08:31 -05:00
dependabot[bot]
442567ba57
Bump handlebars from 4.5.3 to 4.7.7 (#497) 
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.5.3 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.5.3...v4.7.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:07:45 -05:00
dependabot[bot]
7f00b66d06
Bump y18n from 4.0.0 to 4.0.1 (#469) 
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 09:07:05 -05:00
dependabot[bot]
eccf386318
Bump @actions/core from 1.1.3 to 1.2.6 (#361) 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.1.3 to 1.2.6.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 08:57:33 -05:00
dependabot[bot]
2bd2911be9
Bump acorn from 5.7.3 to 5.7.4 (#186) 
Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.3 to 5.7.4.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/5.7.3...5.7.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-10-13 08:55:25 -05:00
Brian Cristante
afe4af09a7
Create check-dist.yml (#566) 
* Add check-dist.yml

* Don't need to mv to git diff

* Upload the whole dist/ directory as an artifact

* Update .github/workflows/check-dist.yml
 2021-08-17 16:08:22 -04:00
Ross Brodbeck
25a956c84d
Create CODEOWNERS 2021-02-04 12:25:41 -05:00
Johannes Schindelin
5a4ac9002d
Add missing awaits (#379) 
* auth-helper: properly await replacement of the token value in the config

After writing the `.extraheader` config, we manually replace the token
with the actual value. This is done in an `async` function, but we were
not `await`ing the result.

In our tests, this commit fixes a flakiness we observed where
`remote.origin.url` sometimes (very rarely, actually) is not set for
submodules. Our interpretation is that the configs are in the process of
being rewritten with the correct token value _while_ another `git
config` that wants to set the `insteadOf` value is reading the config,
which is currently empty.

A more idiomatic way to fix this in Typescript would use
`Promise.all()`, like this:

      await Promise.all(
        configPaths.map(async configPath => {
          core.debug(`Replacing token placeholder in '${configPath}'`)
          await this.replaceTokenPlaceholder(configPath)
        })
      )

However, during review of https://github.com/actions/checkout/pull/379
it was decided to keep the `for` loop in the interest of simplicity.

Reported by Ian Lynagh.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* downloadRepository(): await the result of recursive deletions

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* Ask ESLint to report floating Promises

This rule is quite helpful in avoiding hard-to-debug missing `await`s.

Note: there are two locations in `src/main.ts` that trigger warnings:
the `run()` and the `cleanup()` function are called without `await` and
without any `.catch()` clause.

In the initial version of https://github.com/actions/checkout/pull/379,
this was addressed by adding `.catch()` clauses. However, it was
determined that this is boilerplate code that will need to be fixed in a
broader way.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* Rebuild

This trick was brought to you by `npm ci && npm run build`. Needed to
get the PR build to pass.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
 2020-11-03 09:44:09 -05:00
Thomas Boop
c952173edf
Swap to Environment Files (#360) 2020-09-30 11:41:09 -04:00