Update CHANGELOG.md

* Update @actions/core to 1.10.0

* Backport state-helper updates

.github/workflows/check-dist.yml

@@ -22,12 +22,12 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
 
-      - name: Set Node.js 16.x
+      - name: Set Node.js 12.x
         uses: actions/setup-node@v1
         with:
-          node-version: 16.x
+          node-version: 12.x
 
       - name: Install dependencies
         run: npm ci

.github/workflows/codeql-analysis.yml

@@ -39,7 +39,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v2
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v1

.github/workflows/licensed.yml

@@ -9,6 +9,6 @@ jobs:
     runs-on: ubuntu-latest
     name: Check licenses
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
       - run: npm ci
       - run: npm run licensed-check

.github/workflows/test.yml

@@ -13,8 +13,8 @@ jobs:
     steps:
       - uses: actions/setup-node@v1
         with:
-          node-version: 16.x
+          node-version: 12.x
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
       - run: npm ci
       - run: npm run build
       - run: npm run format-check
@@ -32,7 +32,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
 
       # Basic checkout
       - name: Checkout basic
@@ -150,7 +150,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
 
       # Basic checkout using git
       - name: Checkout basic
@@ -182,7 +182,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
 
       # Basic checkout using git
       - name: Checkout basic

.gitignore

@@ -2,20 +2,3 @@ __test__/_temp
 _temp/
 lib/
 node_modules/
-/dist/fs-helper.d.ts
-/dist/git-auth-helper.d.ts
-/dist/git-command-manager.d.ts
-/dist/git-directory-helper.d.ts
-/dist/git-source-provider.d.ts
-/dist/git-source-settings.d.ts
-/dist/git-version.d.ts
-/dist/github-api-helper.d.ts
-/dist/input-helper.d.ts
-/dist/main.d.ts
-/dist/misc/generate-docs.d.ts
-/dist/ref-helper.d.ts
-/dist/regexp-helper.d.ts
-/dist/retry-helper.d.ts
-/dist/state-helper.d.ts
-/dist/url-helper.d.ts
-/dist/workflow-context-helper.d.ts

.licenses/npm/node-fetch.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: node-fetch
-version: 2.6.7
+version: 2.6.5
 type: npm
 summary: A light-weight module that brings window.fetch to node.js
 homepage: https://github.com/bitinn/node-fetch

CHANGELOG.md

@@ -1,20 +1,19 @@
 # Changelog
 
-## v3.0.2
+## v2.5.0
-- [Add input `set-safe-directory`](https://github.com/actions/checkout/pull/770)
+- [Bump @actions/core to v1.10.0](https://github.com/actions/checkout/pull/962)
 
-## v3.0.1
+## v2.4.2
-- [Fixed an issue where checkout failed to run in container jobs due to the new git setting `safe.directory`](https://github.com/actions/checkout/pull/762)
+- [Add input `set-safe-directory`](https://github.com/actions/checkout/pull/776)
-- [Bumped various npm package versions](https://github.com/actions/checkout/pull/744)
 
-## v3.0.0
+## v2.4.1
-
+- [Set the safe directory option on git to prevent git commands failing when running in containers](https://github.com/actions/checkout/pull/762)
-- [Update to node 16](https://github.com/actions/checkout/pull/689)
 
 ## v2.3.1
 
 - [Fix default branch resolution for .wiki and when using SSH](https://github.com/actions/checkout/pull/284)
 
+
 ## v2.3.0
 
 - [Fallback to the default branch](https://github.com/actions/checkout/pull/278)

README.md

@@ -2,22 +2,39 @@
   <a href="https://github.com/actions/checkout"><img alt="GitHub Actions status" src="https://github.com/actions/checkout/workflows/test-local/badge.svg"></a>
 </p>
 
-This is a fork of https://github.com/actions/checkout@v3
+# Checkout V2
+
+This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it.
+
+Only a single commit is fetched by default, for the ref/SHA that triggered the workflow. Set `fetch-depth: 0` to fetch all history for all branches and tags. Refer [here](https://help.github.com/en/articles/events-that-trigger-workflows) to learn which commit `$GITHUB_SHA` points to for different events.
+
+The auth token is persisted in the local git config. This enables your scripts to run authenticated git commands. The token is removed during post-job cleanup. Set `persist-credentials: false` to opt-out.
+
+When Git 2.18 or higher is not in your PATH, falls back to the REST API to download the files.
 
 # What's new
 
-With this action it is possible to check out a repository located on a Gitea instance with subdirectories.
+- Improved performance
+  - Fetches only a single commit by default
+- Script authenticated git commands
+  - Auth token persisted in the local git config
+- Supports SSH
+- Creates a local branch
+  - No longer detached HEAD when checking out a branch
+- Improved layout
+  - The input `path` is always relative to $GITHUB_WORKSPACE
+  - Aligns better with container actions, where $GITHUB_WORKSPACE gets mapped in
+- Fallback to REST API download
+  - When Git 2.18 or higher is not in the PATH, the REST API will be used to download the files
+  - When using a job container, the container's PATH is used
 
-Changed  
+Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous versions.
-`https://<domain>[:<port>]/<name>/<repository>`  
-to  
-`https://<domain>[:<port>]/<subpath>/<name>/<repository>`
 
 # Usage
 
 <!-- start usage -->
 ```yaml
-- uses: https://gitea.com/ScMi1/checkout@v1
+- uses: actions/checkout@v2
   with:
     # Repository name with owner. For example, actions/checkout
     # Default: ${{ github.repository }}
@@ -111,7 +128,7 @@ to
 ## Fetch all history for all tags and branches
 
 ```yaml
-- uses: actions/checkout@v3
+- uses: actions/checkout@v2
   with:
     fetch-depth: 0
 ```
@@ -119,7 +136,7 @@ to
 ## Checkout a different branch
 
 ```yaml
-- uses: actions/checkout@v3
+- uses: actions/checkout@v2
   with:
     ref: my-branch
 ```
@@ -127,7 +144,7 @@ to
 ## Checkout HEAD^
 
 ```yaml
-- uses: actions/checkout@v3
+- uses: actions/checkout@v2
   with:
     fetch-depth: 2
 - run: git checkout HEAD^
@@ -137,12 +154,12 @@ to
 
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
   with:
     path: main
 
 - name: Checkout tools repo
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
   with:
     repository: my-org/my-tools
     path: my-tools
@@ -152,10 +169,10 @@ to
 
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
 
 - name: Checkout tools repo
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
   with:
     repository: my-org/my-tools
     path: my-tools
@@ -165,12 +182,12 @@ to
 
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
   with:
     path: main
 
 - name: Checkout private tools
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
   with:
     repository: my-org/my-private-tools
     token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
@@ -183,7 +200,7 @@ to
 ## Checkout pull request HEAD commit instead of merge commit
 
 ```yaml
-- uses: actions/checkout@v3
+- uses: actions/checkout@v2
   with:
     ref: ${{ github.event.pull_request.head.sha }}
 ```
@@ -199,7 +216,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
 ```
 
 ## Push a commit using the built-in token
@@ -210,7 +227,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
       - run: |
           date > generated.txt
           git config user.name github-actions

action.yml

@@ -72,6 +72,6 @@ inputs:
     description: Add repository path as safe.directory for Git global config by running `git config --global --add safe.directory <path>`
     default: true
 runs:
-  using: node16
+  using: node12
   main: dist/index.js
   post: dist/index.js

package.json

@@ -28,7 +28,7 @@
   },
   "homepage": "https://github.com/actions/checkout#readme",
   "dependencies": {
-    "@actions/core": "^1.2.6",
+    "@actions/core": "^1.10.0",
     "@actions/exec": "^1.0.1",
     "@actions/github": "^2.2.0",
     "@actions/io": "^1.0.1",

src/git-auth-helper.ts

@@ -53,7 +53,7 @@ class GitAuthHelper {
 
     // Token auth header
     const serverUrl = urlHelper.getServerUrl()
-    this.tokenConfigKey = `http.${serverUrl.origin}${serverUrl.pathname}/.extraheader` // "origin" is SCHEME://HOSTNAME[:PORT]
+    this.tokenConfigKey = `http.${serverUrl.origin}/.extraheader` // "origin" is SCHEME://HOSTNAME[:PORT]
     const basicCredential = Buffer.from(
       `x-access-token:${this.settings.authToken}`,
       'utf8'
@@ -63,7 +63,7 @@ class GitAuthHelper {
     this.tokenConfigValue = `AUTHORIZATION: basic ${basicCredential}`
 
     // Instead of SSH URL
-    this.insteadOfKey = `url.${serverUrl.origin}${serverUrl.pathname}/.insteadOf` // "origin" is SCHEME://HOSTNAME[:PORT]
+    this.insteadOfKey = `url.${serverUrl.origin}/.insteadOf` // "origin" is SCHEME://HOSTNAME[:PORT]
     this.insteadOfValues.push(`git@${serverUrl.hostname}:`)
     if (this.settings.workflowOrganizationId) {
       this.insteadOfValues.push(

src/git-command-manager.ts

@@ -231,7 +231,6 @@ class GitCommandManager {
   }
 
   async init(): Promise<void> {
-    await this.execGit(['config', '--global', 'init.defaultBranch', 'main'])
     await this.execGit(['init', this.workingDirectory])
   }
 

src/misc/generate-docs.ts

@@ -120,7 +120,7 @@ function updateUsage(
 }
 
 updateUsage(
-  'actions/checkout@v3',
+  'actions/checkout@v2',
   path.join(__dirname, '..', '..', 'action.yml'),
   path.join(__dirname, '..', '..', 'README.md')
 )

src/misc/licensed-check.sh

@@ -5,4 +5,4 @@ set -e
 src/misc/licensed-download.sh
 
 echo 'Running: licensed cached'
-_temp/licensed-3.6.0/licensed status
+_temp/licensed-3.3.1/licensed status

src/misc/licensed-download.sh

@@ -2,23 +2,23 @@
 
 set -e
 
-if [ ! -f _temp/licensed-3.6.0.done ]; then
+if [ ! -f _temp/licensed-3.3.1.done ]; then
   echo 'Clearing temp'
-  rm -rf _temp/licensed-3.6.0 || true
+  rm -rf _temp/licensed-3.3.1 || true
 
   echo 'Downloading licensed'
-  mkdir -p _temp/licensed-3.6.0
+  mkdir -p _temp/licensed-3.3.1
-  pushd _temp/licensed-3.6.0
+  pushd _temp/licensed-3.3.1
   if [[ "$OSTYPE" == "darwin"* ]]; then
-    curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.6.0/licensed-3.6.0-darwin-x64.tar.gz
+    curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.3.1/licensed-3.3.1-darwin-x64.tar.gz
   else
-    curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.6.0/licensed-3.6.0-linux-x64.tar.gz
+    curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.3.1/licensed-3.3.1-linux-x64.tar.gz
   fi
 
   echo 'Extracting licenesed'
   tar -xzf licensed.tar.gz
   popd
-  touch _temp/licensed-3.6.0.done
+  touch _temp/licensed-3.3.1.done
 else
   echo 'Licensed already downloaded'
 fi

src/misc/licensed-generate.sh

@@ -5,4 +5,4 @@ set -e
 src/misc/licensed-download.sh
 
 echo 'Running: licensed cached'
-_temp/licensed-3.6.0/licensed cache
+_temp/licensed-3.3.1/licensed cache

src/state-helper.ts

@@ -1,71 +1,60 @@
-import * as coreCommand from '@actions/core/lib/command'
+import * as core from '@actions/core'
 
 /**
  * Indicates whether the POST action is running
  */
-export const IsPost = !!process.env['STATE_isPost']
+export const IsPost = !!core.getState('isPost')
 
 /**
  * The repository path for the POST action. The value is empty during the MAIN action.
  */
-export const RepositoryPath =
+export const RepositoryPath = core.getState('repositoryPath')
-  (process.env['STATE_repositoryPath'] as string) || ''
 
 /**
  * The set-safe-directory for the POST action. The value is set if input: 'safe-directory' is set during the MAIN action.
  */
-export const PostSetSafeDirectory =
+export const PostSetSafeDirectory = core.getState('setSafeDirectory') === 'true'
-  (process.env['STATE_setSafeDirectory'] as string) === 'true'
 
 /**
  * The SSH key path for the POST action. The value is empty during the MAIN action.
  */
-export const SshKeyPath = (process.env['STATE_sshKeyPath'] as string) || ''
+export const SshKeyPath = core.getState('sshKeyPath')
 
 /**
  * The SSH known hosts path for the POST action. The value is empty during the MAIN action.
  */
-export const SshKnownHostsPath =
+export const SshKnownHostsPath = core.getState('sshKnownHostsPath')
-  (process.env['STATE_sshKnownHostsPath'] as string) || ''
 
 /**
  * Save the repository path so the POST action can retrieve the value.
  */
 export function setRepositoryPath(repositoryPath: string) {
-  coreCommand.issueCommand(
+  core.saveState('repositoryPath', repositoryPath)
-    'save-state',
-    {name: 'repositoryPath'},
-    repositoryPath
-  )
 }
 
 /**
  * Save the SSH key path so the POST action can retrieve the value.
  */
 export function setSshKeyPath(sshKeyPath: string) {
-  coreCommand.issueCommand('save-state', {name: 'sshKeyPath'}, sshKeyPath)
+  core.saveState('sshKeyPath', sshKeyPath)
 }
 
 /**
  * Save the SSH known hosts path so the POST action can retrieve the value.
  */
 export function setSshKnownHostsPath(sshKnownHostsPath: string) {
-  coreCommand.issueCommand(
+  core.saveState('sshKnownHostsPath', sshKnownHostsPath)
-    'save-state',
-    {name: 'sshKnownHostsPath'},
-    sshKnownHostsPath
-  )
 }
 
 /**
  * Save the sef-safe-directory input so the POST action can retrieve the value.
  */
 export function setSafeDirectory() {
-  coreCommand.issueCommand('save-state', {name: 'setSafeDirectory'}, 'true')
+  core.saveState('setSafeDirectory', 'true')
 }
 
 // Publish a variable so that when the POST action runs, it can determine it should run the cleanup logic.
 // This is necessary since we don't have a separate entry point.
 if (!IsPost) {
-  coreCommand.issueCommand('save-state', {name: 'isPost'}, 'true')
+  core.saveState('isPost', 'true')
 }

src/url-helper.ts

@@ -16,7 +16,7 @@ export function getFetchUrl(settings: IGitSourceSettings): string {
   }
 
   // "origin" is SCHEME://HOSTNAME[:PORT]
-  return `${serviceUrl.origin}${serviceUrl.pathname}/${encodedOwner}/${encodedName}`
+  return `${serviceUrl.origin}/${encodedOwner}/${encodedName}`
 }
 
 export function getServerUrl(): URL {