Commit Graph

113 Commits

Author SHA1 Message Date
Daniel Müller 3a2088e347
Log more comprehensive commit information after checkout
After checkout, the action currently logs the SHA-1 of the top most
commit. There are cases when this information is not very telling,
though. Consider the case of some automation that applies one or more
commits on top of what the repository already contained. If something
like this happens, the SHA-1 may be meaningless to the user. Given that
this information is unlikely to be programmatically evaluated, we may as
well include a bit more than only the commit SHA-1, in the hopes that it
provides some more useful information to the user.
To that end, this change proposes logging not just the SHA-1, but also
the commit summary. At the very least that gives a user a straw what to
look for if the commit is indeed not available locally, in the best case
we end up with a message about a merge commit, that helps users glean
information about the base commit as well:
> e0dcaaee9063ab55ffe2e0c8dcffb4a9611208f9 Merge e3aafdc7d10cf5002e39c5d4fe867d1b27d0ff7b into b77ffb30cfc5f58e957571d8541c6a7e3da19221
2022-07-19 15:35:29 -07:00
Tingluo Huang 2541b1294d
Prepare changelog for v3.0.2. (#777) 2022-04-21 10:29:04 -04:00
Tingluo Huang 0ffe6f9c55
Add set-safe-directory input to allow customers to take control. (#770)
* Add set-safe-directory input to allow customers to take control.
2022-04-20 21:37:43 -04:00
Thomas Boop dcd71f6466
Enforce safe directory (#762)
* set safe directory when running checkout

* Update CHANGELOG.md
2022-04-14 14:13:20 -04:00
Tingluo Huang add3486cc3
Patch to fix the dependbot alert. (#744)
* Patch to fix the dependbot alert.

* .

* .

* .
2022-04-05 13:01:33 -04:00
dependabot[bot] 5126516654
Bump minimist from 1.2.5 to 1.2.6 (#741)
Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases)
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6)

---
updated-dependencies:
- dependency-name: minimist
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-31 10:09:15 -04:00
Edward Thomson d50f8ea767
Add v3.0 release information to changelog (#740) 2022-03-25 09:52:31 -04:00
Thomas Boop 2d1c1198e7
update test workflows to checkout v3 (#709) 2022-03-01 13:02:13 -05:00
Thomas Boop a12a3943b4
update readme for v3 (#708)
* update readme for v3

* update readme with changes

* nit grammar
2022-03-01 12:46:45 -05:00
Thomas Boop 8f9e05e482
Update to node 16 (#689)
* Update to node 16

* update setup-node version

* Update check-dist.yml

update setup node version

* update dist/index.js
2022-02-28 16:17:29 -05:00
Ameya Lokare 230611dbd0
Change secret name for PAT to not start with GITHUB_ (#623)
Github doesn't allow secret names that start with `GITHUB_` (case insensitive). Update README to choose a different prefix (GH).
2021-11-02 16:20:59 -05:00
eric sciple ec3a7ce113
set insteadOf url for org-id (#621) 2021-11-01 11:43:18 -05:00
eric sciple fd47087372
codeql should analyze lib not dist (#620) 2021-10-20 15:11:24 -05:00
eric sciple 3d677ac575
script to generate license info (#614) 2021-10-19 14:30:04 -05:00
eric sciple 826ba42d6c
npm audit fix (#612) 2021-10-19 10:05:28 -05:00
eric sciple eb8a193c1d
update dev dependencies and react to new linting rules (#611) 2021-10-19 09:52:57 -05:00
Jeremy Epling c49af7ca1f
Create codeql-analysis.yml (#602) 2021-10-18 16:28:25 -05:00
Thomas Boop 1e204e9a92
update licensed check (#606) 2021-10-13 16:22:03 -05:00
eric sciple 0299a0d2b6
update dist (#605) 2021-10-13 16:07:05 -05:00
dependabot[bot] be0f448456
Bump ws from 5.2.2 to 5.2.3 (#604)
Bumps [ws](https://github.com/websockets/ws) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/5.2.2...5.2.3)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:14:20 -05:00
dependabot[bot] 56c00a7b1f
Bump tmpl from 1.0.4 to 1.0.5 (#588)
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases)
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5)

---
updated-dependencies:
- dependency-name: tmpl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:13:31 -05:00
dependabot[bot] 85e47d1a2b
Bump path-parse from 1.0.6 to 1.0.7 (#568)
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:13:04 -05:00
dependabot[bot] 3fc17f8645
Bump hosted-git-info from 2.8.5 to 2.8.9 (#500)
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.5 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:11:06 -05:00
dependabot[bot] e3bc06d986
Bump lodash from 4.17.15 to 4.17.21 (#499)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:08:31 -05:00
dependabot[bot] 442567ba57
Bump handlebars from 4.5.3 to 4.7.7 (#497)
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.5.3 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.5.3...v4.7.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:07:45 -05:00
dependabot[bot] 7f00b66d06
Bump y18n from 4.0.0 to 4.0.1 (#469)
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 09:07:05 -05:00
dependabot[bot] eccf386318
Bump @actions/core from 1.1.3 to 1.2.6 (#361)
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.1.3 to 1.2.6.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 08:57:33 -05:00
dependabot[bot] 2bd2911be9
Bump acorn from 5.7.3 to 5.7.4 (#186)
Bumps [acorn](https://github.com/acornjs/acorn) from 5.7.3 to 5.7.4.
- [Release notes](https://github.com/acornjs/acorn/releases)
- [Commits](https://github.com/acornjs/acorn/compare/5.7.3...5.7.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-13 08:55:25 -05:00
Brian Cristante afe4af09a7
Create check-dist.yml (#566)
* Add check-dist.yml

* Don't need to mv to git diff

* Upload the whole dist/ directory as an artifact

* Update .github/workflows/check-dist.yml
2021-08-17 16:08:22 -04:00
Ross Brodbeck 25a956c84d
Create CODEOWNERS 2021-02-04 12:25:41 -05:00
Johannes Schindelin 5a4ac9002d
Add missing `await`s (#379)
* auth-helper: properly await replacement of the token value in the config

After writing the `.extraheader` config, we manually replace the token
with the actual value. This is done in an `async` function, but we were
not `await`ing the result.

In our tests, this commit fixes a flakiness we observed where
`remote.origin.url` sometimes (very rarely, actually) is not set for
submodules. Our interpretation is that the configs are in the process of
being rewritten with the correct token value _while_ another `git
config` that wants to set the `insteadOf` value is reading the config,
which is currently empty.

A more idiomatic way to fix this in Typescript would use
`Promise.all()`, like this:

      await Promise.all(
        configPaths.map(async configPath => {
          core.debug(`Replacing token placeholder in '${configPath}'`)
          await this.replaceTokenPlaceholder(configPath)
        })
      )

However, during review of https://github.com/actions/checkout/pull/379
it was decided to keep the `for` loop in the interest of simplicity.

Reported by Ian Lynagh.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* downloadRepository(): await the result of recursive deletions

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* Ask ESLint to report floating Promises

This rule is quite helpful in avoiding hard-to-debug missing `await`s.

Note: there are two locations in `src/main.ts` that trigger warnings:
the `run()` and the `cleanup()` function are called without `await` and
without any `.catch()` clause.

In the initial version of https://github.com/actions/checkout/pull/379,
this was addressed by adding `.catch()` clauses. However, it was
determined that this is boilerplate code that will need to be fixed in a
broader way.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>

* Rebuild

This trick was brought to you by `npm ci && npm run build`. Needed to
get the PR build to pass.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2020-11-03 09:44:09 -05:00
Thomas Boop c952173edf
Swap to Environment Files (#360) 2020-09-30 11:41:09 -04:00
Thomas Boop a81bbbf829
Remove unneeded commit information from build logs (#345)
* Remove unneeded commit information from stdout
2020-09-23 09:41:47 -04:00
Thomas Boop 21dc310f19
Add `Licensed` To Help Verify Prod Licenses (#326)
* Add Licensed file and workflow

* manual updates of dependencies

* Delete licenses.txt

* Ignore Generated Files in Git PR's
2020-09-10 09:24:29 -04:00
Thomas Boop be6c44d969 Revert "Delete licenses.txt" 2020-08-11 19:41:01 -04:00
Thomas Boop dac8cc78a1
Delete licenses.txt 2020-08-11 19:36:35 -04:00
Thomas Boop 2036a08e25
Add Third Party License Information to Dist Files (#320) 2020-08-07 09:22:39 -04:00
eric sciple 592cf69a22
Update README.md 2020-07-14 16:30:57 -04:00
eric sciple a4b69b4886
Update README.md 2020-07-14 13:08:52 -04:00
eric sciple 1433f62caa
update default branch (#305) 2020-07-14 09:23:30 -04:00
eric sciple 61b9e3751b
improve description for fetch-depth (#301) 2020-07-12 21:02:24 -04:00
eric sciple 28c7f3d2b5 changelog 2020-06-18 10:27:39 -04:00
eric sciple fb6f360df2
fix default branch for .wiki and when using ssh (#284) 2020-06-18 10:20:33 -04:00
eric sciple b4483adec3 changelog 2020-06-16 13:48:53 -04:00
eric sciple 00a3be8934
determine default branch (#278) 2020-06-16 13:41:01 -04:00
eric sciple 453ee27fca update troubleshooting instructions to include 'npm run format' 2020-05-31 17:48:51 -04:00
Daniel Hwang 65865e15a1
build because all is no more (#264) 2020-05-31 17:46:53 -04:00
eric sciple aabbfeb2ce changelog 2020-05-27 12:37:40 -04:00
eric sciple e52d022eb5
Fetch all history for all tags and branches when fetch-depth=0 (#258) 2020-05-27 09:54:28 -04:00
eric sciple 2ff2fbdea4
telemetry for incorrect merge commit (#253) 2020-05-21 11:09:16 -04:00