mirror of
https://github.com/actions/checkout.git
synced 2026-06-22 18:12:08 +03:00
Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 dependabot[bot]
|
b9e0990d21 | ||
|
dependabot[bot]
|
e8cb398be4 | ||
|
dependabot[bot]
|
5de26ee9b1 | ||
|
dependabot[bot]
|
79102f2503 | ||
 Aiqiao Yan
|
9c091bb21b |
@@ -25,7 +25,7 @@ jobs:
|
|||||||
- uses: actions/checkout@v6
|
- uses: actions/checkout@v6
|
||||||
|
|
||||||
- name: Set Node.js 24.x
|
- name: Set Node.js 24.x
|
||||||
uses: actions/setup-node@v4
|
uses: actions/setup-node@v6
|
||||||
with:
|
with:
|
||||||
node-version: 24.x
|
node-version: 24.x
|
||||||
|
|
||||||
|
|||||||
@@ -42,7 +42,7 @@ jobs:
|
|||||||
uses: actions/checkout@v6
|
uses: actions/checkout@v6
|
||||||
|
|
||||||
- name: Initialize CodeQL
|
- name: Initialize CodeQL
|
||||||
uses: github/codeql-action/init@v3
|
uses: github/codeql-action/init@v4
|
||||||
with:
|
with:
|
||||||
languages: ${{ matrix.language }}
|
languages: ${{ matrix.language }}
|
||||||
# If you wish to specify custom queries, you can do so here or in a config file.
|
# If you wish to specify custom queries, you can do so here or in a config file.
|
||||||
@@ -55,4 +55,4 @@ jobs:
|
|||||||
- run: rm -rf dist # We want code scanning to analyze lib instead (individual .js files)
|
- run: rm -rf dist # We want code scanning to analyze lib instead (individual .js files)
|
||||||
|
|
||||||
- name: Perform CodeQL Analysis
|
- name: Perform CodeQL Analysis
|
||||||
uses: github/codeql-action/analyze@v3
|
uses: github/codeql-action/analyze@v4
|
||||||
|
|||||||
@@ -16,7 +16,7 @@ jobs:
|
|||||||
build:
|
build:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/setup-node@v4
|
- uses: actions/setup-node@v6
|
||||||
with:
|
with:
|
||||||
node-version: 24.x
|
node-version: 24.x
|
||||||
- uses: actions/checkout@v6
|
- uses: actions/checkout@v6
|
||||||
|
|||||||
@@ -31,7 +31,7 @@ jobs:
|
|||||||
# Use `docker/login-action` to log in to GHCR.io.
|
# Use `docker/login-action` to log in to GHCR.io.
|
||||||
# Once published, the packages are scoped to the account defined here.
|
# Once published, the packages are scoped to the account defined here.
|
||||||
- name: Log in to the ghcr.io container registry
|
- name: Log in to the ghcr.io container registry
|
||||||
uses: docker/login-action@v3.3.0
|
uses: docker/login-action@v4.2.0
|
||||||
with:
|
with:
|
||||||
registry: ${{ env.REGISTRY }}
|
registry: ${{ env.REGISTRY }}
|
||||||
username: ${{ github.actor }}
|
username: ${{ github.actor }}
|
||||||
@@ -48,7 +48,7 @@ jobs:
|
|||||||
|
|
||||||
# Use `docker/build-push-action` to build (and optionally publish) the image.
|
# Use `docker/build-push-action` to build (and optionally publish) the image.
|
||||||
- name: Build Docker Image (with optional Push)
|
- name: Build Docker Image (with optional Push)
|
||||||
uses: docker/build-push-action@v6.5.0
|
uses: docker/build-push-action@v7.2.0
|
||||||
with:
|
with:
|
||||||
context: .
|
context: .
|
||||||
file: images/test-ubuntu-git.Dockerfile
|
file: images/test-ubuntu-git.Dockerfile
|
||||||
|
|||||||
Vendored
+3
-3
@@ -42023,9 +42023,9 @@ function assertSafePrCheckout(input) {
|
|||||||
throw new Error(`Refusing to check out fork pull request code from a '${eventName}' workflow. ` +
|
throw new Error(`Refusing to check out fork pull request code from a '${eventName}' workflow. ` +
|
||||||
`This workflow runs with the base repository's GITHUB_TOKEN, secrets, default-branch ` +
|
`This workflow runs with the base repository's GITHUB_TOKEN, secrets, default-branch ` +
|
||||||
`cache scope, and runner access. Fetching and executing a fork's code in that trusted ` +
|
`cache scope, and runner access. Fetching and executing a fork's code in that trusted ` +
|
||||||
`context commonly leads to "pwn request" vulnerabilities. To opt in after reviewing ` +
|
`context commonly leads to "pwn request" vulnerabilities. To opt in, review the risks ` +
|
||||||
`the risks at https://gh.io/securely-using-pull_request_target, set ` +
|
`at https://gh.io/securely-using-pull_request_target and set 'allow-unsafe-pr-checkout: true' ` +
|
||||||
`'allow-unsafe-pr-checkout: true' on the actions/checkout step.`);
|
`on the actions/checkout step.`);
|
||||||
}
|
}
|
||||||
function pushIfSha(target, value) {
|
function pushIfSha(target, value) {
|
||||||
if (typeof value === 'string' && value.length > 0) {
|
if (typeof value === 'string' && value.length > 0) {
|
||||||
|
|||||||
@@ -75,9 +75,9 @@ export function assertSafePrCheckout(input: IUnsafePrCheckoutInput): void {
|
|||||||
`Refusing to check out fork pull request code from a '${eventName}' workflow. ` +
|
`Refusing to check out fork pull request code from a '${eventName}' workflow. ` +
|
||||||
`This workflow runs with the base repository's GITHUB_TOKEN, secrets, default-branch ` +
|
`This workflow runs with the base repository's GITHUB_TOKEN, secrets, default-branch ` +
|
||||||
`cache scope, and runner access. Fetching and executing a fork's code in that trusted ` +
|
`cache scope, and runner access. Fetching and executing a fork's code in that trusted ` +
|
||||||
`context commonly leads to "pwn request" vulnerabilities. To opt in after reviewing ` +
|
`context commonly leads to "pwn request" vulnerabilities. To opt in, review the risks ` +
|
||||||
`the risks at https://gh.io/securely-using-pull_request_target, set ` +
|
`at https://gh.io/securely-using-pull_request_target and set 'allow-unsafe-pr-checkout: true' ` +
|
||||||
`'allow-unsafe-pr-checkout: true' on the actions/checkout step.`
|
`on the actions/checkout step.`
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user