New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⬆️ Updates actions/checkout action to v4 #2425

Open

renovate wants to merge 1 commit into master from renovate/actions-checkout-4.x

renovate bot commented Sep 9, 2023 •

edited

Loading

This PR contains the following updates:

Package	Type	Update	Change
actions/checkout	action	major	`v2.3.4` -> `v4.2.2`
actions/checkout	action	major	`v2` -> `v4`
actions/checkout	action	major	`v1` -> `v4`

Release Notes

actions/checkout (actions/checkout)

`v4.2.2`

url-helper.ts now leverages well-known environment variables by @jww3 in https://github.com/actions/checkout/pull/1941
Expand unit test coverage for isGhes by @jww3 in https://github.com/actions/checkout/pull/1946

`v4.2.1`

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in https://github.com/actions/checkout/pull/1924

`v4.2.0`

Add Ref and Commit outputs by @lucacome in https://github.com/actions/checkout/pull/1180
Dependency updates by @dependabot- https://github.com/actions/checkout/pull/1777, https://github.com/actions/checkout/pull/1872

`v4.1.7`

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in https://github.com/actions/checkout/pull/1739
Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/actions/checkout/pull/1697
Check out other refs/* by commit by @orhantoy in https://github.com/actions/checkout/pull/1774
Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in https://github.com/actions/checkout/pull/1776

`v4.1.6`

Check platform to set archive extension appropriately by @cory-miller in https://github.com/actions/checkout/pull/1732

`v4.1.5`

What's Changed

Update NPM dependencies by @cory-miller in https://github.com/actions/checkout/pull/1703
Bump github/codeql-action from 2 to 3 by @dependabot in https://github.com/actions/checkout/pull/1694
Bump actions/setup-node from 1 to 4 by @dependabot in https://github.com/actions/checkout/pull/1696
Bump actions/upload-artifact from 2 to 4 by @dependabot in https://github.com/actions/checkout/pull/1695
README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in https://github.com/actions/checkout/pull/1707

Full Changelog: actions/checkout@v4.1.4...v4.1.5

`v4.1.4`

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in https://github.com/actions/checkout/pull/1692
Add dependabot config by @cory-miller in https://github.com/actions/checkout/pull/1688
Bump the minor-actions-dependencies group with 2 updates by @dependabot in https://github.com/actions/checkout/pull/1693
Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in https://github.com/actions/checkout/pull/1643

`v4.1.3`

What's Changed

Update actions/checkout version in update-main-version.yml by @jww3 in https://github.com/actions/checkout/pull/1650
Check git version before attempting to disable sparse-checkout by @jww3 in https://github.com/actions/checkout/pull/1656
Add SSH user parameter by @cory-miller in https://github.com/actions/checkout/pull/1685

Full Changelog: actions/checkout@v4.1.2...v4.1.3

`v4.1.2`

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in https://github.com/actions/checkout/pull/1598

`v4.1.1`

What's Changed

Update CODEOWNERS to Launch team by @joshmgross in https://github.com/actions/checkout/pull/1510
Correct link to GitHub Docs by @peterbe in https://github.com/actions/checkout/pull/1511
Link to release page from what's new section by @cory-miller in https://github.com/actions/checkout/pull/1514

New Contributors

@joshmgross made their first contribution in https://github.com/actions/checkout/pull/1510
@peterbe made their first contribution in https://github.com/actions/checkout/pull/1511

Full Changelog: actions/checkout@v4.1.0...v4.1.1

`v4.1.0`

Add support for partial checkout filters

`v4.0.0`

`v3.6.0`

`v3.5.3`

`v3.5.2`

Fix api endpoint for GHES

`v3.5.1`

Fix slow checkout on Windows

`v3.5.0`

Add new public key for known_hosts

`v3.4.0`

`v3.3.0`

`v3.2.0`

`v3.1.0`

`v3.0.2`

Add input set-safe-directory

`v3.0.1`

`v3.0.0`

Update to node 16

`v2.7.0`

What's Changed

Add new public key for known_hosts (#1237) by @TingluoHuang in https://github.com/actions/checkout/pull/1238

Full Changelog: actions/checkout@v2.6.0...v2.7.0

`v2.6.0`

What's Changed

Add backports to v2 branch by @cory-miller in https://github.com/actions/checkout/pull/1040
- Includes backports from the following changes: https://github.com/actions/checkout/pull/964, https://github.com/actions/checkout/pull/1002, https://github.com/actions/checkout/pull/1029
- Upgraded the licensed version to match what is used in v3.

Full Changelog: actions/checkout@v2.5.0...v2.6.0

`v2.5.0`

What's Changed

Update @actions/core to 1.10.0 by @rentziass in https://github.com/actions/checkout/pull/962

Full Changelog: actions/checkout@v2...v2.5.0

`v2.4.2`

What's Changed

Add set-safe-directory input to allow customers to take control. (#770) by @TingluoHuang in https://github.com/actions/checkout/pull/776
Prepare changelog for v2.4.2. by @TingluoHuang in https://github.com/actions/checkout/pull/778

Full Changelog: actions/checkout@v2...v2.4.2

`v2.4.1`

Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

`v2.4.0`

Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

`v2.3.5`

Update dependencies

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" in timezone Europe/Moscow, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate bot added the npm dependencies label

changelogg bot commented Sep 9, 2023

Hey! Changelogs info seems to be missing or might be in incorrect format.
Please use the below template in PR description to ensure Changelogg can detect your changes:
- (tag) changelog_text
or
- tag: changelog_text
OR
You can add tag in PR header or while doing a commit too
(tag) PR header
or
tag: PR header
Valid tags: added / feat, changed, deprecated, fixed / fix, removed, security, build, ci, chore, docs, perf, refactor, revert, style, test
Thanks!
For more info, check out changelogg docs

viezly bot commented Sep 9, 2023

Pull request by bot. No need to analyze

auto-assign bot requested a review from AlexRogalskiy

September 9, 2023 21:00

github-actions bot commented Sep 9, 2023

Thanks for opening an issue! Make sure you've followed CONTRIBUTING.md.

github-actions bot commented Sep 9, 2023

Hello from PR Helper

Is your PR ready for review and processing? Mark the PR ready by including #pr-ready in a comment.

If you still have work to do, even after marking this ready. Put the PR on hold by including #pr-onhold in a comment.

github-actions bot added the review-required label

github-actions bot commented Sep 9, 2023

Thanks for the PR!

This section of the codebase is owner by https://github.com/AlexRogalskiy/ - if they write a comment saying "LGTM" then it will be merged.

github-actions bot commented Sep 9, 2023 •

edited

Loading

Size Change: 0 B

Total Size: 246 kB

ℹ️ View Unchanged

Filename	Size
`dist/index.js`	234 kB
`dist/sourcemap-register.js`	11.6 kB

_{compressed-size-action}

github-actions bot added the security findings label

github-actions bot reviewed

View reviewed changes

github-actions bot left a comment

Scan Summary

Tool	Critical	High	Medium	Low	Status
Dependency Scan (universal)	16	23	11	0	❌
Shell Script Analysis	0	0	0	0	✅
Security Audit for Infrastructure	0	0	0	2	✅

Recommendation

Please review the findings from Code scanning alerts before approving this pull request. You can also configure the build rules or add suppressions to customize this bot 👍

renovate bot force-pushed the renovate/actions-checkout-4.x branch from dcfb469 to 5a772af Compare

September 23, 2023 05:25

renovate bot force-pushed the renovate/actions-checkout-4.x branch 2 times, most recently from 8637c18 to c9dbd1f Compare

October 20, 2023 05:43

renovate bot force-pushed the renovate/actions-checkout-4.x branch from c9dbd1f to e2583da Compare

March 13, 2024 02:35

github-actions bot reviewed

View reviewed changes

github-actions bot left a comment

Scan Summary

Tool	Critical	High	Medium	Low	Status
Dependency Scan (universal)	17	23	12	0	❌
Shell Script Analysis	0	0	0	0	✅
Security Audit for Infrastructure	0	0	0	2	✅

Recommendation

Please review the findings from Code scanning alerts before approving this pull request. You can also configure the build rules or add suppressions to customize this bot 👍

renovate bot force-pushed the renovate/actions-checkout-4.x branch from e2583da to 48bc577 Compare

April 19, 2024 17:37

github-actions bot reviewed

View reviewed changes

github-actions bot left a comment

Scan Summary

Tool	Critical	High	Medium	Low	Status
Dependency Scan (universal)	17	23	12	0	❌
Security Audit for Infrastructure	0	0	0	2	✅
Shell Script Analysis	0	0	0	0	✅

Recommendation

Please review the findings from Code scanning alerts before approving this pull request. You can also configure the build rules or add suppressions to customize this bot 👍

renovate bot force-pushed the renovate/actions-checkout-4.x branch from 48bc577 to 5e02244 Compare

April 24, 2024 23:41

renovate bot force-pushed the renovate/actions-checkout-4.x branch from 5e02244 to d7ea27c Compare

May 7, 2024 08:59

github-actions bot reviewed

View reviewed changes

github-actions bot left a comment

Scan Summary

Tool	Critical	High	Medium	Low	Status
Dependency Scan (universal)	17	24	12	0	❌
Security Audit for Infrastructure	0	0	0	2	✅
Shell Script Analysis	0	0	0	0	✅

Recommendation

Please review the findings from Code scanning alerts before approving this pull request. You can also configure the build rules or add suppressions to customize this bot 👍

renovate bot force-pushed the renovate/actions-checkout-4.x branch from d7ea27c to b9952d8 Compare

May 22, 2024 17:43

github-actions bot reviewed

View reviewed changes

github-actions bot left a comment

Scan Summary

Tool	Critical	High	Medium	Low	Status
Dependency Scan (universal)	17	24	12	0	❌
Shell Script Analysis	0	0	0	0	✅
Security Audit for Infrastructure	0	0	0	2	✅

Recommendation

Please review the findings from Code scanning alerts before approving this pull request. You can also configure the build rules or add suppressions to customize this bot 👍

renovate bot force-pushed the renovate/actions-checkout-4.x branch from b9952d8 to a1cb7dc Compare

June 12, 2024 21:00

renovate bot force-pushed the renovate/actions-checkout-4.x branch from a1cb7dc to c5a70e5 Compare

September 26, 2024 08:59

github-actions bot reviewed

View reviewed changes

github-actions bot left a comment

Scan Summary

Tool	Critical	High	Medium	Low	Status
Dependency Scan (universal)	17	24	13	0	❌
Security Audit for Infrastructure	0	0	0	2	✅
Shell Script Analysis	0	0	0	0	✅

Recommendation

Please review the findings from Code scanning alerts before approving this pull request. You can also configure the build rules or add suppressions to customize this bot 👍

renovate bot force-pushed the renovate/actions-checkout-4.x branch from c5a70e5 to 7a372cd Compare

October 8, 2024 01:04


          ⬆️ Updates actions/checkout action to v4

8d5f95a

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

renovate bot force-pushed the renovate/actions-checkout-4.x branch from 7a372cd to 8d5f95a Compare

October 24, 2024 23:45

github-actions bot reviewed

View reviewed changes

github-actions bot left a comment

Scan Summary

Tool	Critical	High	Medium	Low	Status
Dependency Scan (universal)	17	24	13	0	❌
Shell Script Analysis	0	0	0	0	✅
Security Audit for Infrastructure	0	0	0	2	✅

Recommendation

Please review the findings from Code scanning alerts before approving this pull request. You can also configure the build rules or add suppressions to customize this bot 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

npm dependencies review-required security findings