Update update-main-version.yml

.github/workflows/check-dist.yml

@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v3
 
       - name: Set Node.js 20.x
         uses: actions/setup-node@v4

.github/workflows/codeql-analysis.yml

@@ -39,7 +39,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4.1.6
+      uses: actions/checkout@v3
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3

.github/workflows/licensed.yml

@@ -9,6 +9,6 @@ jobs:
     runs-on: ubuntu-latest
     name: Check licenses
     steps:
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v3
       - run: npm ci
       - run: npm run licensed-check

.github/workflows/test.yml

@@ -19,7 +19,7 @@ jobs:
       - uses: actions/setup-node@v4
         with:
           node-version: 20.x
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v3
       - run: npm ci
       - run: npm run build
       - run: npm run format-check
@@ -37,7 +37,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v3
 
       # Basic checkout
       - name: Checkout basic
@@ -202,7 +202,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v3
 
       # Basic checkout using git
       - name: Checkout basic
@@ -234,7 +234,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v3
 
       # Basic checkout using git
       - name: Checkout basic
@@ -264,13 +264,13 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v3
         with:
-          path: localClone
+          path: v3
 
       # Basic checkout using git
       - name: Checkout basic
-        uses: ./localClone
+        uses: ./v3
         with:
           ref: test-data/v2/basic
       - name: Verify basic
@@ -291,41 +291,7 @@ jobs:
           git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main
 
       # needed to make checkout post cleanup succeed
-      - name: Fix Checkout v4
-        uses: actions/checkout@v4.1.6
+      - name: Fix Checkout v3
+        uses: actions/checkout@v3
         with:
-          path: localClone
-
-  test-output:
-    runs-on: ubuntu-latest
-    steps:
-      # Clone this repo
-      - name: Checkout
-        uses: actions/checkout@v4.1.6
-
-      # Basic checkout using git
-      - name: Checkout basic
-        id: checkout
-        uses: ./
-        with:
-          ref: test-data/v2/basic
-
-      # Verify output
-      - name: Verify output
-        run: |
-          echo "Commit: ${{ steps.checkout.outputs.commit }}"
-          echo "Ref: ${{ steps.checkout.outputs.ref }}"
-
-          if [ "${{ steps.checkout.outputs.ref }}" != "test-data/v2/basic" ]; then
-            echo "Expected ref to be test-data/v2/basic"
-            exit 1
-          fi
-
-          if [ "${{ steps.checkout.outputs.commit }}" != "82f71901cf8c021332310dcc8cdba84c4193ff5d" ]; then
-            echo "Expected commit to be 82f71901cf8c021332310dcc8cdba84c4193ff5d"
-            exit 1
-          fi
-
-      # needed to make checkout post cleanup succeed
-      - name: Fix Checkout
-        uses: actions/checkout@v4.1.6
+          path: v3

.github/workflows/update-main-version.yml

@@ -21,14 +21,14 @@ jobs:
     steps:
     # Note this update workflow can also be used as a rollback tool.
     # For that reason, it's best to pin `actions/checkout` to a known, stable version
-    # (typically, about two releases back).
-    - uses: actions/checkout@v4.1.6
+    # (typically, the previous major version -- see https://github.com/actions/checkout/pull/1705).
+    - uses: actions/checkout@v3
       with:
         fetch-depth: 0
     - name: Git config
       run: |
-        git config user.name "github-actions[bot]"
-        git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+        git config user.name github-actions
+        git config user.email github-actions@github.com
     - name: Tag new target
       run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }}
     - name: Push new tag

.github/workflows/update-test-ubuntu-git.yml

@@ -31,7 +31,7 @@ jobs:
       # Use `docker/login-action` to log in to GHCR.io. 
       # Once published, the packages are scoped to the account defined here.
       - name: Log in to the ghcr.io container registry
-        uses: docker/login-action@v3.3.0
+        uses: docker/login-action@v3.1.0
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -48,7 +48,7 @@ jobs:
 
       # Use `docker/build-push-action` to build (and optionally publish) the image. 
       - name: Build Docker Image (with optional Push)
-        uses: docker/build-push-action@v6.5.0
+        uses: docker/build-push-action@v5.3.0
         with:
           context: .
           file: images/test-ubuntu-git.Dockerfile

CHANGELOG.md

@@ -1,21 +1,5 @@
 # Changelog
 
-## v4.1.7
-* Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in https://github.com/actions/checkout/pull/1739
-* Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/actions/checkout/pull/1697
-* Check out other refs/* by commit by @orhantoy in https://github.com/actions/checkout/pull/1774
-* Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in https://github.com/actions/checkout/pull/1776
-
-## v4.1.6
-* Check platform to set archive extension appropriately by @cory-miller in https://github.com/actions/checkout/pull/1732
-
-## v4.1.5
-* Update NPM dependencies by @cory-miller in https://github.com/actions/checkout/pull/1703
-* Bump github/codeql-action from 2 to 3 by @dependabot in https://github.com/actions/checkout/pull/1694
-* Bump actions/setup-node from 1 to 4 by @dependabot in https://github.com/actions/checkout/pull/1696
-* Bump actions/upload-artifact from 2 to 4 by @dependabot in https://github.com/actions/checkout/pull/1695
-* README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` by @cory-miller in https://github.com/actions/checkout/pull/1707
-
 ## v4.1.4
 - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by @jww3 in https://github.com/actions/checkout/pull/1692
 - Add dependabot config by @cory-miller in https://github.com/actions/checkout/pull/1688

README.md

@@ -279,14 +279,12 @@ jobs:
       - uses: actions/checkout@v4
       - run: |
           date > generated.txt
-          # Note: the following account information will not work on GHES
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config user.name github-actions
+          git config user.email github-actions@github.com
           git add .
           git commit -m "generated"
           git push
 ```
-*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
 
 # License
 

__test__/ref-helper.test.ts

@@ -67,16 +67,6 @@ describe('ref-helper tests', () => {
     expect(checkoutInfo.startPoint).toBeFalsy()
   })
 
-  it('getCheckoutInfo refs/', async () => {
-    const checkoutInfo = await refHelper.getCheckoutInfo(
-      git,
-      'refs/gh/queue/main/pr-123',
-      commit
-    )
-    expect(checkoutInfo.ref).toBe(commit)
-    expect(checkoutInfo.startPoint).toBeFalsy()
-  })
-
   it('getCheckoutInfo unqualified branch only', async () => {
     git.branchExists = jest.fn(async (remote: boolean, pattern: string) => {
       return true

action.yml

@@ -98,11 +98,6 @@ inputs:
   github-server-url:
     description: The base URL for the GitHub instance that you are trying to clone from, will use environment defaults to fetch from the same instance that the workflow is running from unless specified. Example URLs are https://github.com or https://my-ghes-server.example.com
     required: false
-outputs:
-  ref:
-    description: 'The branch, tag or SHA that was checked out'
-  commit:
-    description: 'The commit SHA that was checked out'
 runs:
   using: node20
   main: dist/index.js

package.json

@@ -1,6 +1,6 @@
 {
   "name": "checkout",
-  "version": "4.1.7",
+  "version": "4.1.4",
   "description": "checkout action",
   "main": "lib/main.js",
   "scripts": {
@@ -33,23 +33,23 @@
     "@actions/github": "^6.0.0",
     "@actions/io": "^1.1.3",
     "@actions/tool-cache": "^2.0.1",
-    "uuid": "^10.0.0"
+    "uuid": "^9.0.1"
   },
   "devDependencies": {
     "@types/jest": "^29.5.12",
-    "@types/node": "^20.12.12",
-    "@types/uuid": "^10.0.0",
-    "@typescript-eslint/eslint-plugin": "^7.9.0",
-    "@typescript-eslint/parser": "^7.9.0",
+    "@types/node": "^20.12.7",
+    "@types/uuid": "^9.0.8",
+    "@typescript-eslint/eslint-plugin": "^7.7.1",
+    "@typescript-eslint/parser": "^7.7.1",
     "@vercel/ncc": "^0.38.1",
     "eslint": "^8.57.0",
     "eslint-plugin-github": "^4.10.2",
-    "eslint-plugin-jest": "^28.8.2",
+    "eslint-plugin-jest": "^28.2.0",
     "jest": "^29.7.0",
     "jest-circus": "^29.7.0",
     "js-yaml": "^4.1.0",
-    "prettier": "^3.3.3",
-    "ts-jest": "^29.2.5",
-    "typescript": "^5.5.4"
+    "prettier": "^3.2.5",
+    "ts-jest": "^29.1.2",
+    "typescript": "^5.4.5"
   }
 }

src/git-source-provider.ts

@@ -261,8 +261,7 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
     const commitInfo = await git.log1()
 
     // Log commit sha
-    const commitSHA = await git.log1('--format=%H')
-    core.setOutput('commit', commitSHA.trim())
+    await git.log1("--format='%H'")
 
     // Check for incorrect pull request merge commit
     await refHelper.checkCommitInfo(

src/github-api-helper.ts

@@ -35,9 +35,7 @@ export async function downloadRepository(
   // Write archive to disk
   core.info('Writing archive to disk')
   const uniqueId = uuid()
-  const archivePath = IS_WINDOWS
-    ? path.join(repositoryPath, `${uniqueId}.zip`)
-    : path.join(repositoryPath, `${uniqueId}.tar.gz`)
+  const archivePath = path.join(repositoryPath, `${uniqueId}.tar.gz`)
   await fs.promises.writeFile(archivePath, archiveData)
   archiveData = Buffer.from('') // Free memory
 

src/main.ts

@@ -19,7 +19,6 @@ async function run(): Promise<void> {
 
       // Get sources
       await gitSourceProvider.getSource(sourceSettings)
-      core.setOutput('ref', sourceSettings.ref)
     } finally {
       // Unregister problem matcher
       coreCommand.issueCommand('remove-matcher', {owner: 'checkout-git'}, '')

src/ref-helper.ts

@@ -42,13 +42,9 @@ export async function getCheckoutInfo(
     result.ref = `refs/remotes/pull/${branch}`
   }
   // refs/tags/
-  else if (upperRef.startsWith('REFS/TAGS/')) {
+  else if (upperRef.startsWith('REFS/')) {
     result.ref = ref
   }
-  // refs/
-  else if (upperRef.startsWith('REFS/') && commit) {
-    result.ref = commit
-  }
   // Unqualified ref, check for a matching branch or tag
   else {
     if (await git.branchExists(true, `origin/${ref}`)) {