From 9f265659d3bb64ab1440b03b12f4d47a24320917 Mon Sep 17 00:00:00 2001 From: Salman Chishti Date: Mon, 11 Aug 2025 11:52:51 +0100 Subject: [PATCH 1/2] Update actions checkout to use node 24 (#2226) * use node 24 * update other parts to node 24 * bump to major version, audit fix, changelog * update licenses * update dist * update major version * will do separate pr for v5 and will do a minor version for previous changes --- .github/workflows/check-dist.yml | 4 ++-- .github/workflows/test.yml | 2 +- action.yml | 2 +- package-lock.json | 16 ++++++++-------- package.json | 2 +- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index 53902eeb9..db3e37f2b 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -24,10 +24,10 @@ jobs: steps: - uses: actions/checkout@v4.1.6 - - name: Set Node.js 20.x + - name: Set Node.js 24.x uses: actions/setup-node@v4 with: - node-version: 20.x + node-version: 24.x - name: Install dependencies run: npm ci diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index cde9f060e..e62ac3ba6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -18,7 +18,7 @@ jobs: steps: - uses: actions/setup-node@v4 with: - node-version: 20.x + node-version: 24.x - uses: actions/checkout@v4.1.6 - run: npm ci - run: npm run build diff --git a/action.yml b/action.yml index 6842eb843..767c41649 100644 --- a/action.yml +++ b/action.yml @@ -104,6 +104,6 @@ outputs: commit: description: 'The commit SHA that was checked out' runs: - using: node20 + using: node24 main: dist/index.js post: dist/index.js diff --git a/package-lock.json b/package-lock.json index aef29d3bc..73c773eaf 100644 --- a/package-lock.json +++ b/package-lock.json @@ -18,7 +18,7 @@ }, "devDependencies": { "@types/jest": "^29.5.12", - "@types/node": "^20.12.12", + "@types/node": "^24.1.0", "@types/uuid": "^9.0.8", "@typescript-eslint/eslint-plugin": "^7.9.0", "@typescript-eslint/parser": "^7.9.0", @@ -1515,12 +1515,12 @@ "dev": true }, "node_modules/@types/node": { - "version": "20.12.12", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.12.tgz", - "integrity": "sha512-eWLDGF/FOSPtAvEqeRAQ4C8LSA7M1I7i0ky1I8U7kD1J5ITyW3AsRhQrKVoWf5pFKZ2kILsEGJhsI9r93PYnOw==", + "version": "24.1.0", + "resolved": "https://registry.npmjs.org/@types/node/-/node-24.1.0.tgz", + "integrity": "sha512-ut5FthK5moxFKH2T1CUOC6ctR67rQRvvHdFLCD2Ql6KXmMuCrjsSsRI9UsLCm9M18BMwClv4pn327UvB7eeO1w==", "dev": true, "dependencies": { - "undici-types": "~5.26.4" + "undici-types": "~7.8.0" } }, "node_modules/@types/stack-utils": { @@ -6865,9 +6865,9 @@ } }, "node_modules/undici-types": { - "version": "5.26.5", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", - "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "version": "7.8.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.8.0.tgz", + "integrity": "sha512-9UJ2xGDvQ43tYyVMpuHlsgApydB8ZKfVYTsLDhXkFL/6gfkp+U8xTGdh8pMJv1SpZna0zxG1DwsKZsreLbXBxw==", "dev": true }, "node_modules/universal-user-agent": { diff --git a/package.json b/package.json index dbbaabbae..f2739924b 100644 --- a/package.json +++ b/package.json @@ -37,7 +37,7 @@ }, "devDependencies": { "@types/jest": "^29.5.12", - "@types/node": "^20.12.12", + "@types/node": "^24.1.0", "@types/uuid": "^9.0.8", "@typescript-eslint/eslint-plugin": "^7.9.0", "@typescript-eslint/parser": "^7.9.0", From 08c6903cd8c0fde910a37f88322edcfb5dd907a8 Mon Sep 17 00:00:00 2001 From: Salman Chishti Date: Mon, 11 Aug 2025 13:35:28 +0100 Subject: [PATCH 2/2] Prepare v5.0.0 release (#2238) --- .github/workflows/update-main-version.yml | 1 + CHANGELOG.md | 4 ++ README.md | 72 +++++++++++++---------- package-lock.json | 4 +- package.json | 2 +- src/misc/generate-docs.ts | 2 +- 6 files changed, 51 insertions(+), 34 deletions(-) diff --git a/.github/workflows/update-main-version.yml b/.github/workflows/update-main-version.yml index 7bec7d5a8..643b954e4 100644 --- a/.github/workflows/update-main-version.yml +++ b/.github/workflows/update-main-version.yml @@ -11,6 +11,7 @@ on: type: choice description: The major version to update options: + - v5 - v4 - v3 - v2 diff --git a/CHANGELOG.md b/CHANGELOG.md index baf5c2d7e..ff8b4e7b0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## V5.0.0 +* Update actions checkout to use node 24 by @salmanmkc in https://github.com/actions/checkout/pull/2226 + + ## V4.3.0 * docs: update README.md by @motss in https://github.com/actions/checkout/pull/1971 * Add internal repos for checking out multiple repositories by @mouismail in https://github.com/actions/checkout/pull/1977 diff --git a/README.md b/README.md index 8969446c3..f9175e995 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,9 @@ [![Build and Test](https://github.com/actions/checkout/actions/workflows/test.yml/badge.svg)](https://github.com/actions/checkout/actions/workflows/test.yml) +# Checkout V5 + +Checkout v5 now supports Node.js 24 + # Checkout V4 This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it. @@ -36,7 +40,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: # Repository name with owner. For example, actions/checkout # Default: ${{ github.repository }} @@ -149,24 +153,32 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ # Scenarios -- [Fetch only the root files](#Fetch-only-the-root-files) -- [Fetch only the root files and `.github` and `src` folder](#Fetch-only-the-root-files-and-github-and-src-folder) -- [Fetch only a single file](#Fetch-only-a-single-file) -- [Fetch all history for all tags and branches](#Fetch-all-history-for-all-tags-and-branches) -- [Checkout a different branch](#Checkout-a-different-branch) -- [Checkout HEAD^](#Checkout-HEAD) -- [Checkout multiple repos (side by side)](#Checkout-multiple-repos-side-by-side) -- [Checkout multiple repos (nested)](#Checkout-multiple-repos-nested) -- [Checkout multiple repos (private)](#Checkout-multiple-repos-private) -- [Checkout pull request HEAD commit instead of merge commit](#Checkout-pull-request-HEAD-commit-instead-of-merge-commit) -- [Checkout pull request on closed event](#Checkout-pull-request-on-closed-event) -- [Push a commit using the built-in token](#Push-a-commit-using-the-built-in-token) -- [Push a commit to a PR using the built-in token](#Push-a-commit-to-a-PR-using-the-built-in-token) +- [Checkout V5](#checkout-v5) +- [Checkout V4](#checkout-v4) + - [Note](#note) +- [What's new](#whats-new) +- [Usage](#usage) +- [Scenarios](#scenarios) + - [Fetch only the root files](#fetch-only-the-root-files) + - [Fetch only the root files and `.github` and `src` folder](#fetch-only-the-root-files-and-github-and-src-folder) + - [Fetch only a single file](#fetch-only-a-single-file) + - [Fetch all history for all tags and branches](#fetch-all-history-for-all-tags-and-branches) + - [Checkout a different branch](#checkout-a-different-branch) + - [Checkout HEAD^](#checkout-head) + - [Checkout multiple repos (side by side)](#checkout-multiple-repos-side-by-side) + - [Checkout multiple repos (nested)](#checkout-multiple-repos-nested) + - [Checkout multiple repos (private)](#checkout-multiple-repos-private) + - [Checkout pull request HEAD commit instead of merge commit](#checkout-pull-request-head-commit-instead-of-merge-commit) + - [Checkout pull request on closed event](#checkout-pull-request-on-closed-event) + - [Push a commit using the built-in token](#push-a-commit-using-the-built-in-token) + - [Push a commit to a PR using the built-in token](#push-a-commit-to-a-pr-using-the-built-in-token) +- [Recommended permissions](#recommended-permissions) +- [License](#license) ## Fetch only the root files ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: sparse-checkout: . ``` @@ -174,7 +186,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ ## Fetch only the root files and `.github` and `src` folder ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: sparse-checkout: | .github @@ -184,7 +196,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ ## Fetch only a single file ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: sparse-checkout: | README.md @@ -194,7 +206,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ ## Fetch all history for all tags and branches ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: fetch-depth: 0 ``` @@ -202,7 +214,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ ## Checkout a different branch ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: ref: my-branch ``` @@ -210,7 +222,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ ## Checkout HEAD^ ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: fetch-depth: 2 - run: git checkout HEAD^ @@ -220,12 +232,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ ```yaml - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: path: main - name: Checkout tools repo - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: repository: my-org/my-tools path: my-tools @@ -236,10 +248,10 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ ```yaml - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Checkout tools repo - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: repository: my-org/my-tools path: my-tools @@ -250,12 +262,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ ```yaml - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: path: main - name: Checkout private tools - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: repository: my-org/my-private-tools token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT @@ -268,7 +280,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/ ## Checkout pull request HEAD commit instead of merge commit ```yaml -- uses: actions/checkout@v4 +- uses: actions/checkout@v5 with: ref: ${{ github.event.pull_request.head.sha }} ``` @@ -284,7 +296,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 ``` ## Push a commit using the built-in token @@ -295,7 +307,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - run: | date > generated.txt # Note: the following account information will not work on GHES @@ -317,7 +329,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: ref: ${{ github.head_ref }} - run: | diff --git a/package-lock.json b/package-lock.json index 73c773eaf..98eb420c1 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "checkout", - "version": "4.3.0", + "version": "5.0.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "checkout", - "version": "4.3.0", + "version": "5.0.0", "license": "MIT", "dependencies": { "@actions/core": "^1.10.1", diff --git a/package.json b/package.json index f2739924b..4b2b58a51 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "checkout", - "version": "4.3.0", + "version": "5.0.0", "description": "checkout action", "main": "lib/main.js", "scripts": { diff --git a/src/misc/generate-docs.ts b/src/misc/generate-docs.ts index 4b3c8ff52..6d4816f15 100644 --- a/src/misc/generate-docs.ts +++ b/src/misc/generate-docs.ts @@ -120,7 +120,7 @@ function updateUsage( } updateUsage( - 'actions/checkout@v4', + 'actions/checkout@v5', path.join(__dirname, '..', '..', 'action.yml'), path.join(__dirname, '..', '..', 'README.md') )