Update for 4.1.6 release (#1733 )

Check platform for extension (#1732 )
README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com (#1707 )
2026-06-11 16:43:48 +08:00 · 2024-05-16 14:08:36 -04:00 · 2024-05-16 13:40:36 -04:00 · 2024-04-30 11:50:54 -04:00 · 2024-04-24 12:39:59 -04:00 · 2024-04-24 12:34:46 -04:00
12 changed files with 61 additions and 17 deletions
--- a/.github/workflows/check-dist.yml
+++ b/.github/workflows/check-dist.yml
@@ -25,7 +25,7 @@ jobs:
      - uses: actions/checkout@v3

      - name: Set Node.js 20.x
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v4
        with:
          node-version: 20.x

@@ -44,7 +44,7 @@ jobs:
          fi

      # If dist/ was different than expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v4
        if: ${{ failure() && steps.diff.conclusion == 'failure' }}
        with:
          name: dist
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -42,7 +42,7 @@ jobs:
      uses: actions/checkout@v3

    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@@ -55,4 +55,4 @@ jobs:
    - run: rm -rf dist # We want code scanning to analyze lib instead (individual .js files)

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -8,7 +8,7 @@ on:
      - releases/*


-# Note that when you see patterns like "ref: test-data/v2/basic" within this workflow, 
+# Note that when you see patterns like "ref: test-data/v2/basic" within this workflow,
 # these refer to "test-data" branches on this actions/checkout repo.
 # (For example, test-data/v2/basic -> https://github.com/actions/checkout/tree/test-data/v2/basic)

@@ -16,7 +16,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/setup-node@v1
+      - uses: actions/setup-node@v4
        with:
          node-version: 20.x
      - uses: actions/checkout@v3
@@ -37,7 +37,7 @@ jobs:
    steps:
      # Clone this repo
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.1

      # Basic checkout
      - name: Checkout basic
@@ -257,7 +257,7 @@ jobs:
          path: basic
      - name: Verify basic
        run: __test__/verify-basic.sh --archive
-    
+
  test-git-container:
    runs-on: ubuntu-latest
    container: bitnami/git:latest
--- a/.github/workflows/update-main-version.yml
+++ b/.github/workflows/update-main-version.yml
@@ -27,8 +27,8 @@ jobs:
        fetch-depth: 0
    - name: Git config
      run: |
-        git config user.name github-actions
-        git config user.email github-actions@github.com
+        git config user.name "github-actions[bot]"
+        git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
    - name: Tag new target
      run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }}
    - name: Push new tag
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,26 @@
 # Changelog

+## v4.1.6
+* Check platform to set archive extension appropriately by @cory-miller in https://github.com/actions/checkout/pull/1732
+
+## v4.1.5
+* Update NPM dependencies by @cory-miller in https://github.com/actions/checkout/pull/1703
+* Bump github/codeql-action from 2 to 3 by @dependabot in https://github.com/actions/checkout/pull/1694
+* Bump actions/setup-node from 1 to 4 by @dependabot in https://github.com/actions/checkout/pull/1696
+* Bump actions/upload-artifact from 2 to 4 by @dependabot in https://github.com/actions/checkout/pull/1695
+* README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` by @cory-miller in https://github.com/actions/checkout/pull/1707
+
+## v4.1.4
+- Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by @jww3 in https://github.com/actions/checkout/pull/1692
+- Add dependabot config by @cory-miller in https://github.com/actions/checkout/pull/1688
+- Bump the minor-actions-dependencies group with 2 updates by @dependabot in https://github.com/actions/checkout/pull/1693
+- Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in https://github.com/actions/checkout/pull/1643
+
+## v4.1.3
+- Check git version before attempting to disable `sparse-checkout` by @jww3 in https://github.com/actions/checkout/pull/1656
+- Add SSH user parameter by @cory-miller in https://github.com/actions/checkout/pull/1685
+- Update `actions/checkout` version in `update-main-version.yml` by @jww3 in https://github.com/actions/checkout/pull/1650
+
 ## v4.1.2
 - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present @dscho in https://github.com/actions/checkout/pull/1598

--- a/README.md
+++ b/README.md
@@ -279,8 +279,9 @@ jobs:
      - uses: actions/checkout@v4
      - run: |
          date > generated.txt
-          git config user.name github-actions
-          git config user.email github-actions@github.com
+          # Note: the following account information will not work on GHES
+          git config user.name "github-actions[bot]"
+          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
          git add .
          git commit -m "generated"
          git push
--- a/test/verify-basic.sh
+++ b/test/verify-basic.sh
@@ -18,6 +18,20 @@ else
    exit 1
  fi

+  # Verify that sparse-checkout is disabled.
+  SPARSE_CHECKOUT_ENABLED=$(git -C ./basic config --local --get-all core.sparseCheckout)
+  if [ "$SPARSE_CHECKOUT_ENABLED" != "" ]; then
+    echo "Expected sparse-checkout to be disabled (discovered: $SPARSE_CHECKOUT_ENABLED)"
+    exit 1
+  fi
+
+  # Verify git configuration shows worktreeConfig is effectively disabled
+  WORKTREE_CONFIG_ENABLED=$(git -C ./basic config --local --get-all extensions.worktreeConfig)
+  if [[ "$WORKTREE_CONFIG_ENABLED" != "" ]]; then
+    echo "Expected extensions.worktreeConfig (boolean) to be disabled in git config.  This could be an artifact of sparse checkout functionality."
+    exit 1
+  fi
+
  # Verify auth token
  cd basic
  git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main
--- a/dist/index.js
+++ b/dist/index.js
@@ -590,6 +590,8 @@ class GitCommandManager {
    disableSparseCheckout() {
        return __awaiter(this, void 0, void 0, function* () {
            yield this.execGit(['sparse-checkout', 'disable']);
+            // Disabling 'sparse-checkout` leaves behind an undesirable side-effect in config (even in a pristine environment).
+            yield this.tryConfigUnset('extensions.worktreeConfig', false);
        });
    }
    sparseCheckout(sparseCheckout) {
@@ -1572,7 +1574,9 @@ function downloadRepository(authToken, owner, repo, ref, commit, repositoryPath,
        // Write archive to disk
        core.info('Writing archive to disk');
        const uniqueId = (0, uuid_1.v4)();
-        const archivePath = path.join(repositoryPath, `${uniqueId}.tar.gz`);
+        const archivePath = IS_WINDOWS
+            ? path.join(repositoryPath, `${uniqueId}.zip`)
+            : path.join(repositoryPath, `${uniqueId}.tar.gz`);
        yield fs.promises.writeFile(archivePath, archiveData);
        archiveData = Buffer.from(''); // Free memory
        // Extract archive
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
  "name": "checkout",
-  "version": "4.1.3",
+  "version": "4.1.6",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "checkout",
-      "version": "4.1.3",
+      "version": "4.1.4",
      "license": "MIT",
      "dependencies": {
        "@actions/core": "^1.10.1",
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "checkout",
-  "version": "4.1.3",
+  "version": "4.1.6",
  "description": "checkout action",
  "main": "lib/main.js",
  "scripts": {
--- a/src/git-command-manager.ts
+++ b/src/git-command-manager.ts
@@ -178,6 +178,8 @@ class GitCommandManager {

  async disableSparseCheckout(): Promise<void> {
    await this.execGit(['sparse-checkout', 'disable'])
+    // Disabling 'sparse-checkout` leaves behind an undesirable side-effect in config (even in a pristine environment).
+    await this.tryConfigUnset('extensions.worktreeConfig', false)
  }

  async sparseCheckout(sparseCheckout: string[]): Promise<void> {
--- a/src/github-api-helper.ts
+++ b/src/github-api-helper.ts
@@ -35,7 +35,9 @@ export async function downloadRepository(
  // Write archive to disk
  core.info('Writing archive to disk')
  const uniqueId = uuid()
-  const archivePath = path.join(repositoryPath, `${uniqueId}.tar.gz`)
+  const archivePath = IS_WINDOWS
+    ? path.join(repositoryPath, `${uniqueId}.zip`)
+    : path.join(repositoryPath, `${uniqueId}.tar.gz`)
  await fs.promises.writeFile(archivePath, archiveData)
  archiveData = Buffer.from('') // Free memory
Author	SHA1	Message	Date
Cory Miller	a5ac7e51b4	Update for 4.1.6 release (#1733 )	2024-05-16 14:08:36 -04:00
Cory Miller	24ed1a3528	Check platform for extension (#1732 )	2024-05-16 13:40:36 -04:00
Cory Miller	44c2b7a8a4	README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` (#1707 ) * README: Set `user.email` to GitHub Actions Bot * Update workflow to use proper bot GitHub Bot email * Prefix `user.email` with `41898282+` To match squash merge user, else showing as two different users, see: `b0948d0da0` * Update README.md --------- Co-authored-by: Pelle Wessman <pelle@kodfabrik.se>	2024-04-30 11:50:54 -04:00
dependabot[bot]	8459bc0c7e	Bump actions/upload-artifact from 2 to 4 (#1695 ) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v2...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-04-24 12:39:59 -04:00
dependabot[bot]	3f603f6d5e	Bump actions/setup-node from 1 to 4 (#1696 ) Bumps [actions/setup-node](https://github.com/actions/setup-node) from 1 to 4. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v1...v4) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-04-24 12:34:46 -04:00
dependabot[bot]	fd084cde18	Bump github/codeql-action from 2 to 3 (#1694 ) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-04-24 12:33:41 -04:00
Cory Miller	9c1e94e0ad	Update NPM dependencies (#1703 ) * Update dependencies manually * Format files * Update licenses	2024-04-24 12:04:10 -04:00
John Wesley Walker III	0ad4b8fada	Prep Release v4.1.4 (#1704 ) * Update package.json and package-lock.json to reflect v4.1.4 * Update CHANGELOG	2024-04-24 15:29:05 +02:00
John Wesley Walker III	43045ae669	Disable `extensions.worktreeConfig` when disabling `sparse-checkout` (#1692 )	2024-04-23 22:07:43 +02:00