Prepare changelog for v2.4.2. (#778)

* Add set-safe-directory input to allow customers to take control.

.github/workflows/check-dist.yml

@@ -22,12 +22,12 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
 
-      - name: Set Node.js 16.x
+      - name: Set Node.js 12.x
         uses: actions/setup-node@v1
         with:
-          node-version: 16.x
+          node-version: 12.x
 
       - name: Install dependencies
         run: npm ci

.github/workflows/codeql-analysis.yml

@@ -39,7 +39,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v2
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v1

.github/workflows/licensed.yml

@@ -9,6 +9,6 @@ jobs:
     runs-on: ubuntu-latest
     name: Check licenses
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
       - run: npm ci
       - run: npm run licensed-check

.github/workflows/test.yml

@@ -13,8 +13,8 @@ jobs:
     steps:
       - uses: actions/setup-node@v1
         with:
-          node-version: 16.x
-      - uses: actions/checkout@v3
+          node-version: 12.x
+      - uses: actions/checkout@v2
       - run: npm ci
       - run: npm run build
       - run: npm run format-check
@@ -32,7 +32,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
 
       # Basic checkout
       - name: Checkout basic
@@ -150,7 +150,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
 
       # Basic checkout using git
       - name: Checkout basic
@@ -182,7 +182,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
 
       # Basic checkout using git
       - name: Checkout basic

.gitignore

@@ -1,21 +1,4 @@
 __test__/_temp
 _temp/
 lib/
-node_modules/
-/dist/fs-helper.d.ts
-/dist/git-auth-helper.d.ts
-/dist/git-command-manager.d.ts
-/dist/git-directory-helper.d.ts
-/dist/git-source-provider.d.ts
-/dist/git-source-settings.d.ts
-/dist/git-version.d.ts
-/dist/github-api-helper.d.ts
-/dist/input-helper.d.ts
-/dist/main.d.ts
-/dist/misc/generate-docs.d.ts
-/dist/ref-helper.d.ts
-/dist/regexp-helper.d.ts
-/dist/retry-helper.d.ts
-/dist/state-helper.d.ts
-/dist/url-helper.d.ts
-/dist/workflow-context-helper.d.ts
+node_modules/

.licenses/npm/node-fetch.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: node-fetch
-version: 2.6.7
+version: 2.6.5
 type: npm
 summary: A light-weight module that brings window.fetch to node.js
 homepage: https://github.com/bitinn/node-fetch

CHANGELOG.md

@@ -1,20 +1,16 @@
 # Changelog
 
-## v3.0.2
-- [Add input `set-safe-directory`](https://github.com/actions/checkout/pull/770)
+## v2.4.2
+- [Add input `set-safe-directory`](https://github.com/actions/checkout/pull/776)
 
-## v3.0.1
-- [Fixed an issue where checkout failed to run in container jobs due to the new git setting `safe.directory`](https://github.com/actions/checkout/pull/762)
-- [Bumped various npm package versions](https://github.com/actions/checkout/pull/744)
-
-## v3.0.0
-
-- [Update to node 16](https://github.com/actions/checkout/pull/689)
+## v2.4.1
+- [Set the safe directory option on git to prevent git commands failing when running in containers](https://github.com/actions/checkout/pull/762)
 
 ## v2.3.1
 
 - [Fix default branch resolution for .wiki and when using SSH](https://github.com/actions/checkout/pull/284)
 
+
 ## v2.3.0
 
 - [Fallback to the default branch](https://github.com/actions/checkout/pull/278)

README.md

@@ -2,28 +2,39 @@
   <a href="https://github.com/actions/checkout"><img alt="GitHub Actions status" src="https://github.com/actions/checkout/workflows/test-local/badge.svg"></a>
 </p>
 
-This is a fork of https://github.com/actions/checkout@v3
+# Checkout V2
 
-# Build
+This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it.
 
-## Windows
+Only a single commit is fetched by default, for the ref/SHA that triggered the workflow. Set `fetch-depth: 0` to fetch all history for all branches and tags. Refer [here](https://help.github.com/en/articles/events-that-trigger-workflows) to learn which commit `$GITHUB_SHA` points to for different events.
 
-ncc.cmd build .\src\main.ts
+The auth token is persisted in the local git config. This enables your scripts to run authenticated git commands. The token is removed during post-job cleanup. Set `persist-credentials: false` to opt-out.
+
+When Git 2.18 or higher is not in your PATH, falls back to the REST API to download the files.
 
 # What's new
 
-With this action it is possible to check out a repository located on a Gitea instance with subdirectories.
+- Improved performance
+  - Fetches only a single commit by default
+- Script authenticated git commands
+  - Auth token persisted in the local git config
+- Supports SSH
+- Creates a local branch
+  - No longer detached HEAD when checking out a branch
+- Improved layout
+  - The input `path` is always relative to $GITHUB_WORKSPACE
+  - Aligns better with container actions, where $GITHUB_WORKSPACE gets mapped in
+- Fallback to REST API download
+  - When Git 2.18 or higher is not in the PATH, the REST API will be used to download the files
+  - When using a job container, the container's PATH is used
 
-Changed  
-`https://<domain>[:<port>]/<name>/<repository>`  
-to  
-`https://<domain>[:<port>]/<subpath>/<name>/<repository>`
+Refer [here](https://github.com/actions/checkout/blob/v1/README.md) for previous versions.
 
 # Usage
 
 <!-- start usage -->
 ```yaml
-- uses: https://gitea.com/ScMi1/checkout@v1
+- uses: actions/checkout@v2
   with:
     # Repository name with owner. For example, actions/checkout
     # Default: ${{ github.repository }}
@@ -117,7 +128,7 @@ to
 ## Fetch all history for all tags and branches
 
 ```yaml
-- uses: actions/checkout@v3
+- uses: actions/checkout@v2
   with:
     fetch-depth: 0
 ```
@@ -125,7 +136,7 @@ to
 ## Checkout a different branch
 
 ```yaml
-- uses: actions/checkout@v3
+- uses: actions/checkout@v2
   with:
     ref: my-branch
 ```
@@ -133,7 +144,7 @@ to
 ## Checkout HEAD^
 
 ```yaml
-- uses: actions/checkout@v3
+- uses: actions/checkout@v2
   with:
     fetch-depth: 2
 - run: git checkout HEAD^
@@ -143,12 +154,12 @@ to
 
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
   with:
     path: main
 
 - name: Checkout tools repo
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
   with:
     repository: my-org/my-tools
     path: my-tools
@@ -158,10 +169,10 @@ to
 
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
 
 - name: Checkout tools repo
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
   with:
     repository: my-org/my-tools
     path: my-tools
@@ -171,12 +182,12 @@ to
 
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
   with:
     path: main
 
 - name: Checkout private tools
-  uses: actions/checkout@v3
+  uses: actions/checkout@v2
   with:
     repository: my-org/my-private-tools
     token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
@@ -189,7 +200,7 @@ to
 ## Checkout pull request HEAD commit instead of merge commit
 
 ```yaml
-- uses: actions/checkout@v3
+- uses: actions/checkout@v2
   with:
     ref: ${{ github.event.pull_request.head.sha }}
 ```
@@ -205,7 +216,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
 ```
 
 ## Push a commit using the built-in token
@@ -216,7 +227,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v2
       - run: |
           date > generated.txt
           git config user.name github-actions

action.yml

@@ -72,6 +72,6 @@ inputs:
     description: Add repository path as safe.directory for Git global config by running `git config --global --add safe.directory <path>`
     default: true
 runs:
-  using: node16
+  using: node12
   main: dist/index.js
   post: dist/index.js

src/git-auth-helper.ts

@@ -53,7 +53,7 @@ class GitAuthHelper {
 
     // Token auth header
     const serverUrl = urlHelper.getServerUrl()
-    this.tokenConfigKey = `http.${serverUrl.origin}${serverUrl.pathname}/.extraheader` // "origin" is SCHEME://HOSTNAME[:PORT]
+    this.tokenConfigKey = `http.${serverUrl.origin}/.extraheader` // "origin" is SCHEME://HOSTNAME[:PORT]
     const basicCredential = Buffer.from(
       `x-access-token:${this.settings.authToken}`,
       'utf8'
@@ -63,7 +63,7 @@ class GitAuthHelper {
     this.tokenConfigValue = `AUTHORIZATION: basic ${basicCredential}`
 
     // Instead of SSH URL
-    this.insteadOfKey = `url.${serverUrl.origin}${serverUrl.pathname}/.insteadOf` // "origin" is SCHEME://HOSTNAME[:PORT]
+    this.insteadOfKey = `url.${serverUrl.origin}/.insteadOf` // "origin" is SCHEME://HOSTNAME[:PORT]
     this.insteadOfValues.push(`git@${serverUrl.hostname}:`)
     if (this.settings.workflowOrganizationId) {
       this.insteadOfValues.push(

src/git-command-manager.ts

@@ -231,7 +231,6 @@ class GitCommandManager {
   }
 
   async init(): Promise<void> {
-    await this.execGit(['config', '--global', 'init.defaultBranch', 'main'])
     await this.execGit(['init', this.workingDirectory])
   }
 

src/input-helper.ts

@@ -23,10 +23,6 @@ export async function getInputs(): Promise<IGitSourceSettings> {
     `${github.context.repo.owner}/${github.context.repo.repo}`
   core.debug(`qualified repository = '${qualifiedRepository}'`)
   const splitRepository = qualifiedRepository.split('/')
-  if(splitRepository.length === 3) {
-    splitRepository.shift()
-  }
-
   if (
     splitRepository.length !== 2 ||
     !splitRepository[0] ||

src/misc/generate-docs.ts

@@ -120,7 +120,7 @@ function updateUsage(
 }
 
 updateUsage(
-  'actions/checkout@v3',
+  'actions/checkout@v2',
   path.join(__dirname, '..', '..', 'action.yml'),
   path.join(__dirname, '..', '..', 'README.md')
 )

src/misc/licensed-check.sh

@@ -5,4 +5,4 @@ set -e
 src/misc/licensed-download.sh
 
 echo 'Running: licensed cached'
-_temp/licensed-3.6.0/licensed status
+_temp/licensed-3.3.1/licensed status

src/misc/licensed-download.sh

@@ -2,23 +2,23 @@
 
 set -e
 
-if [ ! -f _temp/licensed-3.6.0.done ]; then
+if [ ! -f _temp/licensed-3.3.1.done ]; then
   echo 'Clearing temp'
-  rm -rf _temp/licensed-3.6.0 || true
+  rm -rf _temp/licensed-3.3.1 || true
 
   echo 'Downloading licensed'
-  mkdir -p _temp/licensed-3.6.0
-  pushd _temp/licensed-3.6.0
+  mkdir -p _temp/licensed-3.3.1
+  pushd _temp/licensed-3.3.1
   if [[ "$OSTYPE" == "darwin"* ]]; then
-    curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.6.0/licensed-3.6.0-darwin-x64.tar.gz
+    curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.3.1/licensed-3.3.1-darwin-x64.tar.gz
   else
-    curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.6.0/licensed-3.6.0-linux-x64.tar.gz
+    curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/3.3.1/licensed-3.3.1-linux-x64.tar.gz
   fi
 
   echo 'Extracting licenesed'
   tar -xzf licensed.tar.gz
   popd
-  touch _temp/licensed-3.6.0.done
+  touch _temp/licensed-3.3.1.done
 else
   echo 'Licensed already downloaded'
 fi

src/misc/licensed-generate.sh

@@ -5,4 +5,4 @@ set -e
 src/misc/licensed-download.sh
 
 echo 'Running: licensed cached'
-_temp/licensed-3.6.0/licensed cache
+_temp/licensed-3.3.1/licensed cache

src/url-helper.ts

@@ -16,7 +16,7 @@ export function getFetchUrl(settings: IGitSourceSettings): string {
   }
 
   // "origin" is SCHEME://HOSTNAME[:PORT]
-  return `${serviceUrl.origin}${serviceUrl.pathname}/${encodedOwner}/${encodedName}`
+  return `${serviceUrl.origin}/${encodedOwner}/${encodedName}`
 }
 
 export function getServerUrl(): URL {