1
0
mirror of https://github.com/actions/checkout.git synced 2026-06-29 18:13:51 +08:00

Compare commits

...

5 Commits

Author SHA1 Message Date
brian m. carlson
86eceafa51 Merge 02ade5d400 into ff7abcd0c3 2025-08-20 00:06:43 +08:00
Salman Chishti
ff7abcd0c3 Update README to include Node.js 24 support details and requirements (#2248)
* Update README to include Node.js 24 support details and requirements

* Update
2025-08-13 13:57:25 +01:00
Salman Chishti
08c6903cd8 Prepare v5.0.0 release (#2238) 2025-08-11 13:35:28 +01:00
Salman Chishti
9f265659d3 Update actions checkout to use node 24 (#2226)
* use node 24

* update other parts to node 24

* bump to major version, audit fix, changelog

* update licenses

* update dist

* update major version

* will do separate pr for v5 and will do a minor version for previous changes
2025-08-11 11:52:51 +01:00
brian m. carlson
02ade5d400 Don't overwrite annotated tags with commit object
When checking out a repository with full history, a full clone is done
and then the ref is finally updated to point to the commit that caused
the workflow to be run.  Normally, this is a good protection against
someone pushing to the repository twice in short succession, but it
causes problems with annotated tags.

Specifically, because the entry in refs/tags is set to the commit hash,
if an annotated tag was used, the tag is turned merely into a
lightweight one, which breaks `git describe`.  Every other tag in the
repository will continue to remain a valid annotated tag except the one
for which the workflow was invoked, which is not what the user expected.

Let's work around this by not performing a fetch if what we're fetching
is a tag.  Technically, annotated tags can be anywhere in the hierarchy
at any ref, but this should work as a suitable heuristic for now.

Note that the proper solution would be to expose the revision of the
actual object and check against that instead of the commit, but it
doesn't presently appear that that information is exposed.  Also, we
explicitly do not case-fold since Git refs are case sensitive.
2022-02-14 23:18:53 +00:00
10 changed files with 70 additions and 48 deletions

View File

@@ -24,10 +24,10 @@ jobs:
steps: steps:
- uses: actions/checkout@v4.1.6 - uses: actions/checkout@v4.1.6
- name: Set Node.js 20.x - name: Set Node.js 24.x
uses: actions/setup-node@v4 uses: actions/setup-node@v4
with: with:
node-version: 20.x node-version: 24.x
- name: Install dependencies - name: Install dependencies
run: npm ci run: npm ci

View File

@@ -18,7 +18,7 @@ jobs:
steps: steps:
- uses: actions/setup-node@v4 - uses: actions/setup-node@v4
with: with:
node-version: 20.x node-version: 24.x
- uses: actions/checkout@v4.1.6 - uses: actions/checkout@v4.1.6
- run: npm ci - run: npm ci
- run: npm run build - run: npm run build

View File

@@ -11,6 +11,7 @@ on:
type: choice type: choice
description: The major version to update description: The major version to update
options: options:
- v5
- v4 - v4
- v3 - v3
- v2 - v2

View File

@@ -1,5 +1,9 @@
# Changelog # Changelog
## V5.0.0
* Update actions checkout to use node 24 by @salmanmkc in https://github.com/actions/checkout/pull/2226
## V4.3.0 ## V4.3.0
* docs: update README.md by @motss in https://github.com/actions/checkout/pull/1971 * docs: update README.md by @motss in https://github.com/actions/checkout/pull/1971
* Add internal repos for checking out multiple repositories by @mouismail in https://github.com/actions/checkout/pull/1977 * Add internal repos for checking out multiple repositories by @mouismail in https://github.com/actions/checkout/pull/1977

View File

@@ -1,5 +1,13 @@
[![Build and Test](https://github.com/actions/checkout/actions/workflows/test.yml/badge.svg)](https://github.com/actions/checkout/actions/workflows/test.yml) [![Build and Test](https://github.com/actions/checkout/actions/workflows/test.yml/badge.svg)](https://github.com/actions/checkout/actions/workflows/test.yml)
# Checkout V5
## What's new
- Updated to the node24 runtime
- This requires a minimum Actions Runner version of [v2.327.1](https://github.com/actions/runner/releases/tag/v2.327.1) to run.
# Checkout V4 # Checkout V4
This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it. This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it.
@@ -36,7 +44,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
<!-- start usage --> <!-- start usage -->
```yaml ```yaml
- uses: actions/checkout@v4 - uses: actions/checkout@v5
with: with:
# Repository name with owner. For example, actions/checkout # Repository name with owner. For example, actions/checkout
# Default: ${{ github.repository }} # Default: ${{ github.repository }}
@@ -149,24 +157,33 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
# Scenarios # Scenarios
- [Fetch only the root files](#Fetch-only-the-root-files) - [Checkout V5](#checkout-v5)
- [Fetch only the root files and `.github` and `src` folder](#Fetch-only-the-root-files-and-github-and-src-folder) - [What's new](#whats-new)
- [Fetch only a single file](#Fetch-only-a-single-file) - [Checkout V4](#checkout-v4)
- [Fetch all history for all tags and branches](#Fetch-all-history-for-all-tags-and-branches) - [Note](#note)
- [Checkout a different branch](#Checkout-a-different-branch) - [What's new](#whats-new-1)
- [Checkout HEAD^](#Checkout-HEAD) - [Usage](#usage)
- [Checkout multiple repos (side by side)](#Checkout-multiple-repos-side-by-side) - [Scenarios](#scenarios)
- [Checkout multiple repos (nested)](#Checkout-multiple-repos-nested) - [Fetch only the root files](#fetch-only-the-root-files)
- [Checkout multiple repos (private)](#Checkout-multiple-repos-private) - [Fetch only the root files and `.github` and `src` folder](#fetch-only-the-root-files-and-github-and-src-folder)
- [Checkout pull request HEAD commit instead of merge commit](#Checkout-pull-request-HEAD-commit-instead-of-merge-commit) - [Fetch only a single file](#fetch-only-a-single-file)
- [Checkout pull request on closed event](#Checkout-pull-request-on-closed-event) - [Fetch all history for all tags and branches](#fetch-all-history-for-all-tags-and-branches)
- [Push a commit using the built-in token](#Push-a-commit-using-the-built-in-token) - [Checkout a different branch](#checkout-a-different-branch)
- [Push a commit to a PR using the built-in token](#Push-a-commit-to-a-PR-using-the-built-in-token) - [Checkout HEAD^](#checkout-head)
- [Checkout multiple repos (side by side)](#checkout-multiple-repos-side-by-side)
- [Checkout multiple repos (nested)](#checkout-multiple-repos-nested)
- [Checkout multiple repos (private)](#checkout-multiple-repos-private)
- [Checkout pull request HEAD commit instead of merge commit](#checkout-pull-request-head-commit-instead-of-merge-commit)
- [Checkout pull request on closed event](#checkout-pull-request-on-closed-event)
- [Push a commit using the built-in token](#push-a-commit-using-the-built-in-token)
- [Push a commit to a PR using the built-in token](#push-a-commit-to-a-pr-using-the-built-in-token)
- [Recommended permissions](#recommended-permissions)
- [License](#license)
## Fetch only the root files ## Fetch only the root files
```yaml ```yaml
- uses: actions/checkout@v4 - uses: actions/checkout@v5
with: with:
sparse-checkout: . sparse-checkout: .
``` ```
@@ -174,7 +191,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
## Fetch only the root files and `.github` and `src` folder ## Fetch only the root files and `.github` and `src` folder
```yaml ```yaml
- uses: actions/checkout@v4 - uses: actions/checkout@v5
with: with:
sparse-checkout: | sparse-checkout: |
.github .github
@@ -184,7 +201,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
## Fetch only a single file ## Fetch only a single file
```yaml ```yaml
- uses: actions/checkout@v4 - uses: actions/checkout@v5
with: with:
sparse-checkout: | sparse-checkout: |
README.md README.md
@@ -194,7 +211,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
## Fetch all history for all tags and branches ## Fetch all history for all tags and branches
```yaml ```yaml
- uses: actions/checkout@v4 - uses: actions/checkout@v5
with: with:
fetch-depth: 0 fetch-depth: 0
``` ```
@@ -202,7 +219,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
## Checkout a different branch ## Checkout a different branch
```yaml ```yaml
- uses: actions/checkout@v4 - uses: actions/checkout@v5
with: with:
ref: my-branch ref: my-branch
``` ```
@@ -210,7 +227,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
## Checkout HEAD^ ## Checkout HEAD^
```yaml ```yaml
- uses: actions/checkout@v4 - uses: actions/checkout@v5
with: with:
fetch-depth: 2 fetch-depth: 2
- run: git checkout HEAD^ - run: git checkout HEAD^
@@ -220,12 +237,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
```yaml ```yaml
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v5
with: with:
path: main path: main
- name: Checkout tools repo - name: Checkout tools repo
uses: actions/checkout@v4 uses: actions/checkout@v5
with: with:
repository: my-org/my-tools repository: my-org/my-tools
path: my-tools path: my-tools
@@ -236,10 +253,10 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
```yaml ```yaml
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v5
- name: Checkout tools repo - name: Checkout tools repo
uses: actions/checkout@v4 uses: actions/checkout@v5
with: with:
repository: my-org/my-tools repository: my-org/my-tools
path: my-tools path: my-tools
@@ -250,12 +267,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
```yaml ```yaml
- name: Checkout - name: Checkout
uses: actions/checkout@v4 uses: actions/checkout@v5
with: with:
path: main path: main
- name: Checkout private tools - name: Checkout private tools
uses: actions/checkout@v4 uses: actions/checkout@v5
with: with:
repository: my-org/my-private-tools repository: my-org/my-private-tools
token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
@@ -268,7 +285,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
## Checkout pull request HEAD commit instead of merge commit ## Checkout pull request HEAD commit instead of merge commit
```yaml ```yaml
- uses: actions/checkout@v4 - uses: actions/checkout@v5
with: with:
ref: ${{ github.event.pull_request.head.sha }} ref: ${{ github.event.pull_request.head.sha }}
``` ```
@@ -284,7 +301,7 @@ jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v5
``` ```
## Push a commit using the built-in token ## Push a commit using the built-in token
@@ -295,7 +312,7 @@ jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v5
- run: | - run: |
date > generated.txt date > generated.txt
# Note: the following account information will not work on GHES # Note: the following account information will not work on GHES
@@ -317,7 +334,7 @@ jobs:
build: build:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v5
with: with:
ref: ${{ github.head_ref }} ref: ${{ github.head_ref }}
- run: | - run: |

View File

@@ -104,6 +104,6 @@ outputs:
commit: commit:
description: 'The commit SHA that was checked out' description: 'The commit SHA that was checked out'
runs: runs:
using: node20 using: node24
main: dist/index.js main: dist/index.js
post: dist/index.js post: dist/index.js

20
package-lock.json generated
View File

@@ -1,12 +1,12 @@
{ {
"name": "checkout", "name": "checkout",
"version": "4.3.0", "version": "5.0.0",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "checkout", "name": "checkout",
"version": "4.3.0", "version": "5.0.0",
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"@actions/core": "^1.10.1", "@actions/core": "^1.10.1",
@@ -18,7 +18,7 @@
}, },
"devDependencies": { "devDependencies": {
"@types/jest": "^29.5.12", "@types/jest": "^29.5.12",
"@types/node": "^20.12.12", "@types/node": "^24.1.0",
"@types/uuid": "^9.0.8", "@types/uuid": "^9.0.8",
"@typescript-eslint/eslint-plugin": "^7.9.0", "@typescript-eslint/eslint-plugin": "^7.9.0",
"@typescript-eslint/parser": "^7.9.0", "@typescript-eslint/parser": "^7.9.0",
@@ -1515,12 +1515,12 @@
"dev": true "dev": true
}, },
"node_modules/@types/node": { "node_modules/@types/node": {
"version": "20.12.12", "version": "24.1.0",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.12.tgz", "resolved": "https://registry.npmjs.org/@types/node/-/node-24.1.0.tgz",
"integrity": "sha512-eWLDGF/FOSPtAvEqeRAQ4C8LSA7M1I7i0ky1I8U7kD1J5ITyW3AsRhQrKVoWf5pFKZ2kILsEGJhsI9r93PYnOw==", "integrity": "sha512-ut5FthK5moxFKH2T1CUOC6ctR67rQRvvHdFLCD2Ql6KXmMuCrjsSsRI9UsLCm9M18BMwClv4pn327UvB7eeO1w==",
"dev": true, "dev": true,
"dependencies": { "dependencies": {
"undici-types": "~5.26.4" "undici-types": "~7.8.0"
} }
}, },
"node_modules/@types/stack-utils": { "node_modules/@types/stack-utils": {
@@ -6865,9 +6865,9 @@
} }
}, },
"node_modules/undici-types": { "node_modules/undici-types": {
"version": "5.26.5", "version": "7.8.0",
"resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.8.0.tgz",
"integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", "integrity": "sha512-9UJ2xGDvQ43tYyVMpuHlsgApydB8ZKfVYTsLDhXkFL/6gfkp+U8xTGdh8pMJv1SpZna0zxG1DwsKZsreLbXBxw==",
"dev": true "dev": true
}, },
"node_modules/universal-user-agent": { "node_modules/universal-user-agent": {

View File

@@ -1,6 +1,6 @@
{ {
"name": "checkout", "name": "checkout",
"version": "4.3.0", "version": "5.0.0",
"description": "checkout action", "description": "checkout action",
"main": "lib/main.js", "main": "lib/main.js",
"scripts": { "scripts": {
@@ -37,7 +37,7 @@
}, },
"devDependencies": { "devDependencies": {
"@types/jest": "^29.5.12", "@types/jest": "^29.5.12",
"@types/node": "^20.12.12", "@types/node": "^24.1.0",
"@types/uuid": "^9.0.8", "@types/uuid": "^9.0.8",
"@typescript-eslint/eslint-plugin": "^7.9.0", "@typescript-eslint/eslint-plugin": "^7.9.0",
"@typescript-eslint/parser": "^7.9.0", "@typescript-eslint/parser": "^7.9.0",

View File

@@ -179,7 +179,7 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
// When all history is fetched, the ref we're interested in may have moved to a different // When all history is fetched, the ref we're interested in may have moved to a different
// commit (push or force push). If so, fetch again with a targeted refspec. // commit (push or force push). If so, fetch again with a targeted refspec.
if (!(await refHelper.testRef(git, settings.ref, settings.commit))) { if (!settings.refs.startsWith("refs/tags") && !(await refHelper.testRef(git, settings.ref, settings.commit))) {
refSpec = refHelper.getRefSpec(settings.ref, settings.commit) refSpec = refHelper.getRefSpec(settings.ref, settings.commit)
await git.fetch(refSpec, fetchOptions) await git.fetch(refSpec, fetchOptions)
} }

View File

@@ -120,7 +120,7 @@ function updateUsage(
} }
updateUsage( updateUsage(
'actions/checkout@v4', 'actions/checkout@v5',
path.join(__dirname, '..', '..', 'action.yml'), path.join(__dirname, '..', '..', 'action.yml'),
path.join(__dirname, '..', '..', 'README.md') path.join(__dirname, '..', '..', 'README.md')
) )