Vallie Joseph
b2cc39f7b2
updating checkout version
2023-03-15 19:31:10 +00:00
Bassem Dghaidi
27135e314d
Upgrade dependencies ( #1210 )
...
* Upgrade ncc & json5
* Add new dist build
2023-03-09 11:42:29 -05:00
Bassem Dghaidi
7b187184d1
Upgrade codeql actions to v2 ( #1209 )
2023-03-09 10:59:09 -05:00
Andrew Scheller
ac59398561
Fix comment typos (that got added in #770 ) ( #1057 )
v3.3.0
2022-12-28 17:19:08 -05:00
Ryan van Zeben
3ba5ee6fac
Add in explicit reference to private checkout options ( #1050 )
2022-12-16 16:06:54 -05:00
Cory Miller
8856415920
Implement branch list using callbacks from exec function ( #1045 )
...
When trying to list local branches to figure out what needs cleaned up during runs on non-ephemeral Actions Runners, we use git rev-parse --symbolic-full-name to get a list of branches. This can lead to ambiguous ref name errors when there are branches and tags with similar names.
Part of the reason we use rev-parse --symbolic-full-name vs git branch --list or git rev-parse --symbolic seems to related to a bug in Git 2.18. Until we can deprecate our usage of Git 2.18, I think we need to keep --symbolic-full-name. Since part of the problem is that these ambiguous ref name errors clog the Actions annotation limits, this is a mitigation to suppress those messages until we can get rid of the workaround.
2022-12-14 16:08:53 -05:00
Vallie Joseph
755da8c3cf
3.2.0 ( #1039 )
v3.2.0
2022-12-12 14:11:05 -05:00
Cory Miller
26d48e8ea1
Update @actions/io to 1.1.2 ( #1029 )
2022-12-12 13:44:24 -05:00
Jok
bf085276ce
wrap pipeline commands for submoduleForeach in quotes ( #964 )
...
* wrap pipeline commands for submoduleForeach in quotes
* Update src/git-auth-helper.ts
drop extraneous space.
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* Followed CONTRIBUTING.md instructions, updating dist/index.js
* fixed package-lock.json
* updating the pipeline so it runs from sh
Co-authored-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2022-11-15 21:51:19 -05:00
Cory Miller
5c3ccc22eb
Replace datadog/squid with ubuntu/squid Docker image ( #1002 )
...
* test with ubuntu/squid
* Start a contributing guide
* remove link
2022-11-10 15:54:12 -05:00
Scott Brenner
1f9a0c22da
README - fix status badge ( #967 )
2022-10-17 09:49:29 -04:00
Francesco Renzi
8230315d06
Add workflow to update a main version ( #942 )
...
* Add workflow to update a main version
* New line
2022-10-04 13:44:41 +01:00
Francesco Renzi
93ea575cb5
Prepare release v3.1.0 ( #940 )
...
* Prepare changelog for v3.1.0
* Bump package
v3.1.0
2022-10-04 10:37:06 +01:00
Francesco Renzi
6a84743051
Bump @actions/core to 1.10.0 ( #939 )
...
* Bump @actions/core to 1.10.0
* Update licenses
* Use @actions/core helper functions
2022-10-03 18:04:49 +01:00
Peter Murray
e6d535c99c
Inject GitHub host to be able to clone from another GitHub instance ( #922 )
...
* Adding the ability to specify the GitHub Server URL and allowing for it to differ from the Actions workflow host
* Adding tests for injecting the GitHub URL
* Addressing code review comments for PR #922
2022-09-26 12:34:52 -04:00
Tingluo Huang
2541b1294d
Prepare changelog for v3.0.2. ( #777 )
v3.0.2
2022-04-21 10:29:04 -04:00
Tingluo Huang
0ffe6f9c55
Add set-safe-directory input to allow customers to take control. ( #770 )
...
* Add set-safe-directory input to allow customers to take control.
2022-04-20 21:37:43 -04:00
Thomas Boop
dcd71f6466
Enforce safe directory ( #762 )
...
* set safe directory when running checkout
* Update CHANGELOG.md
v3.0.1
2022-04-14 14:13:20 -04:00
Tingluo Huang
add3486cc3
Patch to fix the dependbot alert. ( #744 )
...
* Patch to fix the dependbot alert.
* .
* .
* .
2022-04-05 13:01:33 -04:00
dependabot[bot]
5126516654
Bump minimist from 1.2.5 to 1.2.6 ( #741 )
...
Bumps [minimist](https://github.com/substack/minimist ) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases )
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6 )
---
updated-dependencies:
- dependency-name: minimist
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-31 10:09:15 -04:00
Edward Thomson
d50f8ea767
Add v3.0 release information to changelog ( #740 )
2022-03-25 09:52:31 -04:00
Thomas Boop
2d1c1198e7
update test workflows to checkout v3 ( #709 )
2022-03-01 13:02:13 -05:00
Thomas Boop
a12a3943b4
update readme for v3 ( #708 )
...
* update readme for v3
* update readme with changes
* nit grammar
v3.0.0
2022-03-01 12:46:45 -05:00
Thomas Boop
8f9e05e482
Update to node 16 ( #689 )
...
* Update to node 16
* update setup-node version
* Update check-dist.yml
update setup node version
* update dist/index.js
2022-02-28 16:17:29 -05:00
Ameya Lokare
230611dbd0
Change secret name for PAT to not start with GITHUB_ ( #623 )
...
Github doesn't allow secret names that start with `GITHUB_` (case insensitive). Update README to choose a different prefix (GH).
2021-11-02 16:20:59 -05:00
eric sciple
ec3a7ce113
set insteadOf url for org-id ( #621 )
v2.4.0
2021-11-01 11:43:18 -05:00
eric sciple
fd47087372
codeql should analyze lib not dist ( #620 )
2021-10-20 15:11:24 -05:00
eric sciple
3d677ac575
script to generate license info ( #614 )
2021-10-19 14:30:04 -05:00
eric sciple
826ba42d6c
npm audit fix ( #612 )
2021-10-19 10:05:28 -05:00
eric sciple
eb8a193c1d
update dev dependencies and react to new linting rules ( #611 )
2021-10-19 09:52:57 -05:00
Jeremy Epling
c49af7ca1f
Create codeql-analysis.yml ( #602 )
2021-10-18 16:28:25 -05:00
Thomas Boop
1e204e9a92
update licensed check ( #606 )
v2.3.5
2021-10-13 16:22:03 -05:00
eric sciple
0299a0d2b6
update dist ( #605 )
2021-10-13 16:07:05 -05:00
dependabot[bot]
be0f448456
Bump ws from 5.2.2 to 5.2.3 ( #604 )
...
Bumps [ws](https://github.com/websockets/ws ) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/5.2.2...5.2.3 )
---
updated-dependencies:
- dependency-name: ws
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:14:20 -05:00
dependabot[bot]
56c00a7b1f
Bump tmpl from 1.0.4 to 1.0.5 ( #588 )
...
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl ) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases )
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5 )
---
updated-dependencies:
- dependency-name: tmpl
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:13:31 -05:00
dependabot[bot]
85e47d1a2b
Bump path-parse from 1.0.6 to 1.0.7 ( #568 )
...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse ) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases )
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7 )
---
updated-dependencies:
- dependency-name: path-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:13:04 -05:00
dependabot[bot]
3fc17f8645
Bump hosted-git-info from 2.8.5 to 2.8.9 ( #500 )
...
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info ) from 2.8.5 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases )
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md )
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.9 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:11:06 -05:00
dependabot[bot]
e3bc06d986
Bump lodash from 4.17.15 to 4.17.21 ( #499 )
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.15 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.21 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:08:31 -05:00
dependabot[bot]
442567ba57
Bump handlebars from 4.5.3 to 4.7.7 ( #497 )
...
Bumps [handlebars](https://github.com/wycats/handlebars.js ) from 4.5.3 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases )
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md )
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.5.3...v4.7.7 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:07:45 -05:00
dependabot[bot]
7f00b66d06
Bump y18n from 4.0.0 to 4.0.1 ( #469 )
...
Bumps [y18n](https://github.com/yargs/y18n ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases )
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/y18n/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:07:05 -05:00
dependabot[bot]
eccf386318
Bump @actions/core from 1.1.3 to 1.2.6 ( #361 )
...
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core ) from 1.1.3 to 1.2.6.
- [Release notes](https://github.com/actions/toolkit/releases )
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md )
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 08:57:33 -05:00
dependabot[bot]
2bd2911be9
Bump acorn from 5.7.3 to 5.7.4 ( #186 )
...
Bumps [acorn](https://github.com/acornjs/acorn ) from 5.7.3 to 5.7.4.
- [Release notes](https://github.com/acornjs/acorn/releases )
- [Commits](https://github.com/acornjs/acorn/compare/5.7.3...5.7.4 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 08:55:25 -05:00
Brian Cristante
afe4af09a7
Create check-dist.yml ( #566 )
...
* Add check-dist.yml
* Don't need to mv to git diff
* Upload the whole dist/ directory as an artifact
* Update .github/workflows/check-dist.yml
2021-08-17 16:08:22 -04:00
Ross Brodbeck
25a956c84d
Create CODEOWNERS
2021-02-04 12:25:41 -05:00
Johannes Schindelin
5a4ac9002d
Add missing await
s ( #379 )
...
* auth-helper: properly await replacement of the token value in the config
After writing the `.extraheader` config, we manually replace the token
with the actual value. This is done in an `async` function, but we were
not `await`ing the result.
In our tests, this commit fixes a flakiness we observed where
`remote.origin.url` sometimes (very rarely, actually) is not set for
submodules. Our interpretation is that the configs are in the process of
being rewritten with the correct token value _while_ another `git
config` that wants to set the `insteadOf` value is reading the config,
which is currently empty.
A more idiomatic way to fix this in Typescript would use
`Promise.all()`, like this:
await Promise.all(
configPaths.map(async configPath => {
core.debug(`Replacing token placeholder in '${configPath}'`)
await this.replaceTokenPlaceholder(configPath)
})
)
However, during review of https://github.com/actions/checkout/pull/379
it was decided to keep the `for` loop in the interest of simplicity.
Reported by Ian Lynagh.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
* downloadRepository(): await the result of recursive deletions
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
* Ask ESLint to report floating Promises
This rule is quite helpful in avoiding hard-to-debug missing `await`s.
Note: there are two locations in `src/main.ts` that trigger warnings:
the `run()` and the `cleanup()` function are called without `await` and
without any `.catch()` clause.
In the initial version of https://github.com/actions/checkout/pull/379 ,
this was addressed by adding `.catch()` clauses. However, it was
determined that this is boilerplate code that will need to be fixed in a
broader way.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
* Rebuild
This trick was brought to you by `npm ci && npm run build`. Needed to
get the PR build to pass.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
v2.3.4
2020-11-03 09:44:09 -05:00
Thomas Boop
c952173edf
Swap to Environment Files ( #360 )
2020-09-30 11:41:09 -04:00
Thomas Boop
a81bbbf829
Remove unneeded commit information from build logs ( #345 )
...
* Remove unneeded commit information from stdout
v2.3.3
2020-09-23 09:41:47 -04:00
Thomas Boop
21dc310f19
Add Licensed
To Help Verify Prod Licenses ( #326 )
...
* Add Licensed file and workflow
* manual updates of dependencies
* Delete licenses.txt
* Ignore Generated Files in Git PR's
2020-09-10 09:24:29 -04:00
Thomas Boop
be6c44d969
Revert "Delete licenses.txt"
2020-08-11 19:41:01 -04:00
Thomas Boop
dac8cc78a1
Delete licenses.txt
2020-08-11 19:36:35 -04:00