Bump uuid and @types/uuid

Bumps [uuid](https://github.com/uuidjs/uuid) and [@types/uuid](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/uuid). These dependencies needed to be updated together.

Updates `uuid` from 9.0.1 to 10.0.0
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v9.0.1...v10.0.0)

Updates `@types/uuid` from 9.0.8 to 10.0.0
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/uuid)

---
updated-dependencies:
- dependency-name: uuid
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: "@types/uuid"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/publish-immutable-actions.yml

@@ -1,20 +0,0 @@
-name: 'Publish Immutable Action Version'
-
-on:
-  release:
-    types: [published]
-
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
-      packages: write
-
-    steps:
-      - name: Checking out
-        uses: actions/checkout@v4
-      - name: Publish
-        id: publish
-        uses: actions/publish-immutable-action@0.0.3

CHANGELOG.md

@@ -1,17 +1,5 @@
 # Changelog
 
-## v4.2.2
-* `url-helper.ts` now leverages well-known environment variables by @jww3 in https://github.com/actions/checkout/pull/1941
-* Expand unit test coverage for `isGhes` by @jww3 in https://github.com/actions/checkout/pull/1946
-
-## v4.2.1
-* Check out other refs/* by commit if provided, fall back to ref by @orhantoy in https://github.com/actions/checkout/pull/1924
-
-## v4.2.0
-
-* Add Ref and Commit outputs by @lucacome in https://github.com/actions/checkout/pull/1180
-* Dependency updates by @dependabot- https://github.com/actions/checkout/pull/1777, https://github.com/actions/checkout/pull/1872
-
 ## v4.1.7
 * Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in https://github.com/actions/checkout/pull/1739
 * Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/actions/checkout/pull/1697

README.md

@@ -6,7 +6,7 @@ This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workfl
 
 Only a single commit is fetched by default, for the ref/SHA that triggered the workflow. Set `fetch-depth: 0` to fetch all history for all branches and tags. Refer [here](https://docs.github.com/actions/using-workflows/events-that-trigger-workflows) to learn which commit `$GITHUB_SHA` points to for different events.
 
-Set `persist-credentials: true` to opt-in to persist the auth token in the local git config. This enables your scripts to run authenticated git commands. The token is removed during post-job cleanup.
+The auth token is persisted in the local git config. This enables your scripts to run authenticated git commands. The token is removed during post-job cleanup. Set `persist-credentials: false` to opt-out.
 
 When Git 2.18 or higher is not in your PATH, falls back to the REST API to download the files.
 
@@ -68,7 +68,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     ssh-user: ''
 
     # Whether to configure the token or SSH key with the local git config
-    # Default: false
+    # Default: true
     persist-credentials: ''
 
     # Relative path under $GITHUB_WORKSPACE to place the repository
@@ -143,7 +143,6 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 - [Checkout pull request HEAD commit instead of merge commit](#Checkout-pull-request-HEAD-commit-instead-of-merge-commit)
 - [Checkout pull request on closed event](#Checkout-pull-request-on-closed-event)
 - [Push a commit using the built-in token](#Push-a-commit-using-the-built-in-token)
-- [Push a commit to a PR using the built-in token](#Push-a-commit-to-a-PR-using-the-built-in-token)
 
 ## Fetch only the root files
 
@@ -212,7 +211,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     repository: my-org/my-tools
     path: my-tools
 ```
-> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
+> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
 
 ## Checkout multiple repos (nested)
 
@@ -226,7 +225,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     repository: my-org/my-tools
     path: my-tools
 ```
-> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
+> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
 
 ## Checkout multiple repos (private)
 
@@ -289,40 +288,6 @@ jobs:
 ```
 *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
 
-## Push a commit to a PR using the built-in token
-
-In a pull request trigger, `ref` is required as GitHub Actions checks out in detached HEAD mode, meaning it doesn’t check out your branch by default.
-
-```yaml
-on: pull_request
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ github.head_ref }}
-      - run: |
-          date > generated.txt
-          # Note: the following account information will not work on GHES
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git add .
-          git commit -m "generated"
-          git push
-```
-
-*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
-
-# Recommended permissions
-
-When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
-
-```yaml
-permissions:
-  contents: read
-```
-
 # License
 
 The scripts and documentation in this project are released under the [MIT License](LICENSE)

__test__/ref-helper.test.ts

@@ -77,16 +77,6 @@ describe('ref-helper tests', () => {
     expect(checkoutInfo.startPoint).toBeFalsy()
   })
 
-  it('getCheckoutInfo refs/ without commit', async () => {
-    const checkoutInfo = await refHelper.getCheckoutInfo(
-      git,
-      'refs/non-standard-ref',
-      ''
-    )
-    expect(checkoutInfo.ref).toBe('refs/non-standard-ref')
-    expect(checkoutInfo.startPoint).toBeFalsy()
-  })
-
   it('getCheckoutInfo unqualified branch only', async () => {
     git.branchExists = jest.fn(async (remote: boolean, pattern: string) => {
       return true

__test__/url-helper.test.ts

@@ -1,92 +0,0 @@
-import * as urlHelper from '../src/url-helper'
-
-describe('getServerUrl tests', () => {
-  it('basics', async () => {
-    // Note that URL::toString will append a trailing / when passed just a domain name ...
-    expect(urlHelper.getServerUrl().toString()).toBe('https://github.com/')
-    expect(urlHelper.getServerUrl(' ').toString()).toBe('https://github.com/')
-    expect(urlHelper.getServerUrl('   ').toString()).toBe('https://github.com/')
-    expect(urlHelper.getServerUrl('http://contoso.com').toString()).toBe(
-      'http://contoso.com/'
-    )
-    expect(urlHelper.getServerUrl('https://contoso.com').toString()).toBe(
-      'https://contoso.com/'
-    )
-    expect(urlHelper.getServerUrl('https://contoso.com/').toString()).toBe(
-      'https://contoso.com/'
-    )
-
-    // ... but can't make that same assumption when passed an URL that includes some deeper path.
-    expect(urlHelper.getServerUrl('https://contoso.com/a/b').toString()).toBe(
-      'https://contoso.com/a/b'
-    )
-  })
-})
-
-describe('isGhes tests', () => {
-  const pristineEnv = process.env
-
-  beforeEach(() => {
-    jest.resetModules()
-    process.env = {...pristineEnv}
-  })
-
-  afterAll(() => {
-    process.env = pristineEnv
-  })
-
-  it('basics', async () => {
-    delete process.env['GITHUB_SERVER_URL']
-    expect(urlHelper.isGhes()).toBeFalsy()
-    expect(urlHelper.isGhes('https://github.com')).toBeFalsy()
-    expect(urlHelper.isGhes('https://contoso.ghe.com')).toBeFalsy()
-    expect(urlHelper.isGhes('https://test.github.localhost')).toBeFalsy()
-    expect(urlHelper.isGhes('https://src.onpremise.fabrikam.com')).toBeTruthy()
-  })
-
-  it('returns false when the GITHUB_SERVER_URL environment variable is not defined', async () => {
-    delete process.env['GITHUB_SERVER_URL']
-    expect(urlHelper.isGhes()).toBeFalsy()
-  })
-
-  it('returns false when the GITHUB_SERVER_URL environment variable is set to github.com', async () => {
-    process.env['GITHUB_SERVER_URL'] = 'https://github.com'
-    expect(urlHelper.isGhes()).toBeFalsy()
-  })
-
-  it('returns false when the GITHUB_SERVER_URL environment variable is set to a GitHub Enterprise Cloud-style URL', async () => {
-    process.env['GITHUB_SERVER_URL'] = 'https://contoso.ghe.com'
-    expect(urlHelper.isGhes()).toBeFalsy()
-  })
-
-  it('returns false when the GITHUB_SERVER_URL environment variable has a .localhost suffix', async () => {
-    process.env['GITHUB_SERVER_URL'] = 'https://mock-github.localhost'
-    expect(urlHelper.isGhes()).toBeFalsy()
-  })
-
-  it('returns true when the GITHUB_SERVER_URL environment variable is set to some other URL', async () => {
-    process.env['GITHUB_SERVER_URL'] = 'https://src.onpremise.fabrikam.com'
-    expect(urlHelper.isGhes()).toBeTruthy()
-  })
-})
-
-describe('getServerApiUrl tests', () => {
-  it('basics', async () => {
-    expect(urlHelper.getServerApiUrl()).toBe('https://api.github.com')
-    expect(urlHelper.getServerApiUrl('https://github.com')).toBe(
-      'https://api.github.com'
-    )
-    expect(urlHelper.getServerApiUrl('https://GitHub.com')).toBe(
-      'https://api.github.com'
-    )
-    expect(urlHelper.getServerApiUrl('https://contoso.ghe.com')).toBe(
-      'https://api.contoso.ghe.com'
-    )
-    expect(urlHelper.getServerApiUrl('https://fabrikam.GHE.COM')).toBe(
-      'https://api.fabrikam.ghe.com'
-    )
-    expect(
-      urlHelper.getServerApiUrl('https://src.onpremise.fabrikam.com')
-    ).toBe('https://src.onpremise.fabrikam.com/api/v3')
-  })
-})

action.yml

@@ -51,7 +51,7 @@ inputs:
     default: git
   persist-credentials:
     description: 'Whether to configure the token or SSH key with the local git config'
-    default: false
+    default: true
   path:
     description: 'Relative path under $GITHUB_WORKSPACE to place the repository'
   clean:

dist/index.js

@@ -2005,8 +2005,8 @@ function getCheckoutInfo(git, ref, commit) {
             result.ref = ref;
         }
         // refs/
-        else if (upperRef.startsWith('REFS/')) {
+        else if (upperRef.startsWith('REFS/') && commit) {
-            result.ref = commit ? commit : ref;
+            result.ref = commit;
         }
         // Unqualified ref, check for a matching branch or tag
         else {
@@ -2454,50 +2454,22 @@ function getFetchUrl(settings) {
     return `${serviceUrl.origin}/${encodedOwner}/${encodedName}`;
 }
 function getServerUrl(url) {
-    let resolvedUrl = process.env['GITHUB_SERVER_URL'] || 'https://github.com';
+    let urlValue = url && url.trim().length > 0
-    if (hasContent(url, WhitespaceMode.Trim)) {
+        ? url
-        resolvedUrl = url;
+        : process.env['GITHUB_SERVER_URL'] || 'https://github.com';
-    }
+    return new url_1.URL(urlValue);
-    return new url_1.URL(resolvedUrl);
 }
 function getServerApiUrl(url) {
-    if (hasContent(url, WhitespaceMode.Trim)) {
+    let apiUrl = 'https://api.github.com';
-        let serverUrl = getServerUrl(url);
+    if (isGhes(url)) {
-        if (isGhes(url)) {
+        const serverUrl = getServerUrl(url);
-            serverUrl.pathname = 'api/v3';
+        apiUrl = new url_1.URL(`${serverUrl.origin}/api/v3`).toString();
-        }
-        else {
-            serverUrl.hostname = 'api.' + serverUrl.hostname;
-        }
-        return pruneSuffix(serverUrl.toString(), '/');
     }
-    return process.env['GITHUB_API_URL'] || 'https://api.github.com';
+    return apiUrl;
 }
 function isGhes(url) {
-    const ghUrl = new url_1.URL(url || process.env['GITHUB_SERVER_URL'] || 'https://github.com');
+    const ghUrl = getServerUrl(url);
-    const hostname = ghUrl.hostname.trimEnd().toUpperCase();
+    return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM';
-    const isGitHubHost = hostname === 'GITHUB.COM';
-    const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM');
-    const isLocalHost = hostname.endsWith('.LOCALHOST');
-    return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
-}
-function pruneSuffix(text, suffix) {
-    if (hasContent(suffix, WhitespaceMode.Preserve) && (text === null || text === void 0 ? void 0 : text.endsWith(suffix))) {
-        return text.substring(0, text.length - suffix.length);
-    }
-    return text;
-}
-var WhitespaceMode;
-(function (WhitespaceMode) {
-    WhitespaceMode[WhitespaceMode["Trim"] = 0] = "Trim";
-    WhitespaceMode[WhitespaceMode["Preserve"] = 1] = "Preserve";
-})(WhitespaceMode || (WhitespaceMode = {}));
-function hasContent(text, whitespaceMode) {
-    let refinedText = text !== null && text !== void 0 ? text : '';
-    if (whitespaceMode == WhitespaceMode.Trim) {
-        refinedText = refinedText.trim();
-    }
-    return refinedText.length > 0;
 }
 
 

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "checkout",
-  "version": "4.2.2",
+  "version": "4.1.7",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "checkout",
-      "version": "4.2.2",
+      "version": "4.1.7",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^1.10.1",
@@ -14,12 +14,12 @@
         "@actions/github": "^6.0.0",
         "@actions/io": "^1.1.3",
         "@actions/tool-cache": "^2.0.1",
-        "uuid": "^9.0.1"
+        "uuid": "^10.0.0"
       },
       "devDependencies": {
         "@types/jest": "^29.5.12",
         "@types/node": "^20.12.12",
-        "@types/uuid": "^9.0.8",
+        "@types/uuid": "^10.0.0",
         "@typescript-eslint/eslint-plugin": "^7.9.0",
         "@typescript-eslint/parser": "^7.9.0",
         "@vercel/ncc": "^0.38.1",
@@ -1603,9 +1603,9 @@
       "dev": true
     },
     "node_modules/@types/uuid": {
-      "version": "9.0.8",
+      "version": "10.0.0",
-      "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-9.0.8.tgz",
+      "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-10.0.0.tgz",
-      "integrity": "sha512-jg+97EGIcY9AGHJJRaaPVgetKDsrTgbRjQ5Msgjh/DQKEFl0DtyRr/VCOyD1T2R1MNeWPK/u7JoGhlDZnKBAfA==",
+      "integrity": "sha512-7gqG38EyHgyP1S+7+xomFtL+ZNHcKv6DwNaCZmJmo1vgMugyF3TCnXVg4t1uk89mLNwnLtnY3TpOpCOyp1/xHQ==",
       "dev": true
     },
     "node_modules/@types/yargs": {
@@ -6991,9 +6991,9 @@
       }
     },
     "node_modules/uuid": {
-      "version": "9.0.1",
+      "version": "10.0.0",
-      "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz",
+      "resolved": "https://registry.npmjs.org/uuid/-/uuid-10.0.0.tgz",
-      "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==",
+      "integrity": "sha512-8XkAphELsDnEGrDxUOHB3RGvXz6TeuYSGEZBOjtTtPm2lwhGBjLgOzLHB63IUWfBpNucQjND6d3AOudO+H3RWQ==",
       "funding": [
         "https://github.com/sponsors/broofa",
         "https://github.com/sponsors/ctavan"

package.json

@@ -1,6 +1,6 @@
 {
   "name": "checkout",
-  "version": "4.2.2",
+  "version": "4.1.7",
   "description": "checkout action",
   "main": "lib/main.js",
   "scripts": {
@@ -33,12 +33,12 @@
     "@actions/github": "^6.0.0",
     "@actions/io": "^1.1.3",
     "@actions/tool-cache": "^2.0.1",
-    "uuid": "^9.0.1"
+    "uuid": "^10.0.0"
   },
   "devDependencies": {
     "@types/jest": "^29.5.12",
     "@types/node": "^20.12.12",
-    "@types/uuid": "^9.0.8",
+    "@types/uuid": "^10.0.0",
     "@typescript-eslint/eslint-plugin": "^7.9.0",
     "@typescript-eslint/parser": "^7.9.0",
     "@vercel/ncc": "^0.38.1",

src/ref-helper.ts

@@ -46,8 +46,8 @@ export async function getCheckoutInfo(
     result.ref = ref
   }
   // refs/
-  else if (upperRef.startsWith('REFS/')) {
+  else if (upperRef.startsWith('REFS/') && commit) {
-    result.ref = commit ? commit : ref
+    result.ref = commit
   }
   // Unqualified ref, check for a matching branch or tag
   else {

src/url-helper.ts

@@ -21,61 +21,26 @@ export function getFetchUrl(settings: IGitSourceSettings): string {
 }
 
 export function getServerUrl(url?: string): URL {
-  let resolvedUrl = process.env['GITHUB_SERVER_URL'] || 'https://github.com'
+  let urlValue =
-  if (hasContent(url, WhitespaceMode.Trim)) {
+    url && url.trim().length > 0
-    resolvedUrl = url!
+      ? url
-  }
+      : process.env['GITHUB_SERVER_URL'] || 'https://github.com'
-
+  return new URL(urlValue)
-  return new URL(resolvedUrl)
 }
 
 export function getServerApiUrl(url?: string): string {
-  if (hasContent(url, WhitespaceMode.Trim)) {
+  let apiUrl = 'https://api.github.com'
-    let serverUrl = getServerUrl(url)
-    if (isGhes(url)) {
-      serverUrl.pathname = 'api/v3'
-    } else {
-      serverUrl.hostname = 'api.' + serverUrl.hostname
-    }
 
-    return pruneSuffix(serverUrl.toString(), '/')
+  if (isGhes(url)) {
+    const serverUrl = getServerUrl(url)
+    apiUrl = new URL(`${serverUrl.origin}/api/v3`).toString()
   }
 
-  return process.env['GITHUB_API_URL'] || 'https://api.github.com'
+  return apiUrl
 }
 
 export function isGhes(url?: string): boolean {
-  const ghUrl = new URL(
+  const ghUrl = getServerUrl(url)
-    url || process.env['GITHUB_SERVER_URL'] || 'https://github.com'
-  )
 
-  const hostname = ghUrl.hostname.trimEnd().toUpperCase()
+  return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM'
-  const isGitHubHost = hostname === 'GITHUB.COM'
-  const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM')
-  const isLocalHost = hostname.endsWith('.LOCALHOST')
-
-  return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost
-}
-
-function pruneSuffix(text: string, suffix: string) {
-  if (hasContent(suffix, WhitespaceMode.Preserve) && text?.endsWith(suffix)) {
-    return text.substring(0, text.length - suffix.length)
-  }
-  return text
-}
-
-enum WhitespaceMode {
-  Trim,
-  Preserve
-}
-
-function hasContent(
-  text: string | undefined,
-  whitespaceMode: WhitespaceMode
-): boolean {
-  let refinedText = text ?? ''
-  if (whitespaceMode == WhitespaceMode.Trim) {
-    refinedText = refinedText.trim()
-  }
-  return refinedText.length > 0
 }