Bump uuid and @types/uuid

Bumps [uuid](https://github.com/uuidjs/uuid) and [@types/uuid](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/uuid). These dependencies needed to be updated together. Updates `uuid` from 9.0.1 to 10.0.0 - [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md) - [Commits](https://github.com/uuidjs/uuid/compare/v9.0.1...v10.0.0) Updates `@types/uuid` from 9.0.8 to 10.0.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/uuid) --- updated-dependencies: - dependency-name: uuid dependency-type: direct:production update-type: version-update:semver-major - dependency-name: "@types/uuid" dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2025-09-15 04:02:20 +08:00 · 2024-09-09 13:59:00 +00:00
13 changed files with 152 additions and 433 deletions
--- a/.github/workflows/publish-immutable-actions.yml
+++ b/.github/workflows/publish-immutable-actions.yml
@@ -1,20 +0,0 @@
-name: 'Publish Immutable Action Version'
-
-on:
-  release:
-    types: [published]
-
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
-      packages: write
-
-    steps:
-      - name: Checking out
-        uses: actions/checkout@v4
-      - name: Publish
-        id: publish
-        uses: actions/publish-immutable-action@0.0.3
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,17 +1,5 @@
 # Changelog

-## v4.2.2
-* `url-helper.ts` now leverages well-known environment variables by @jww3 in https://github.com/actions/checkout/pull/1941
-* Expand unit test coverage for `isGhes` by @jww3 in https://github.com/actions/checkout/pull/1946
-
-## v4.2.1
-* Check out other refs/* by commit if provided, fall back to ref by @orhantoy in https://github.com/actions/checkout/pull/1924
-
-## v4.2.0
-
-* Add Ref and Commit outputs by @lucacome in https://github.com/actions/checkout/pull/1180
-* Dependency updates by @dependabot- https://github.com/actions/checkout/pull/1777, https://github.com/actions/checkout/pull/1872
-
 ## v4.1.7
 * Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in https://github.com/actions/checkout/pull/1739
 * Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/actions/checkout/pull/1697
--- a/README.md
+++ b/README.md
@@ -126,10 +126,6 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
    # running from unless specified. Example URLs are https://github.com or
    # https://my-ghes-server.example.com
    github-server-url: ''
-
-    # Whether to clone the repository as a bare repository
-    # Default: false
-    bare: ''
 ```
 <!-- end usage -->

@@ -147,7 +143,6 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 - [Checkout pull request HEAD commit instead of merge commit](#Checkout-pull-request-HEAD-commit-instead-of-merge-commit)
 - [Checkout pull request on closed event](#Checkout-pull-request-on-closed-event)
 - [Push a commit using the built-in token](#Push-a-commit-using-the-built-in-token)
- [Push a commit to a PR using the built-in token](#Push-a-commit-to-a-PR-using-the-built-in-token)

 ## Fetch only the root files

@@ -216,7 +211,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
    repository: my-org/my-tools
    path: my-tools
 ```
-> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
+> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)

 ## Checkout multiple repos (nested)

@@ -230,7 +225,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
    repository: my-org/my-tools
    path: my-tools
 ```
-> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
+> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)

 ## Checkout multiple repos (private)

@@ -293,40 +288,6 @@ jobs:
 ```
 *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D

-## Push a commit to a PR using the built-in token
-
-In a pull request trigger, `ref` is required as GitHub Actions checks out in detached HEAD mode, meaning it doesn’t check out your branch by default.
-
-```yaml
-on: pull_request
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          ref: ${{ github.head_ref }}
-      - run: |
-          date > generated.txt
-          # Note: the following account information will not work on GHES
-          git config user.name "github-actions[bot]"
-          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-          git add .
-          git commit -m "generated"
-          git push
-```
-
-*NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
-
-# Recommended permissions
-
-When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
-
-```yaml
-permissions:
-  contents: read
-```
-
 # License

 The scripts and documentation in this project are released under the [MIT License](LICENSE)
--- a/test/git-command-manager.test.ts
+++ b/test/git-command-manager.test.ts
@@ -375,42 +375,4 @@ describe('Test fetchDepth and fetchTags options', () => {
      expect.any(Object)
    )
  })
-
-  it('should call execGit with the correct arguments when bare is true', async () => {
-    jest.spyOn(exec, 'exec').mockImplementation(mockExec)
-
-    const workingDirectory = 'test'
-    const lfs = false
-    const doSparseCheckout = false
-    git = await commandManager.createCommandManager(
-      workingDirectory,
-      lfs,
-      doSparseCheckout
-    )
-    const refSpec = ['refspec1', 'refspec2']
-    const options = {
-      filter: 'filterValue',
-      bare: true
-    }
-
-    await git.fetch(refSpec, options)
-
-    expect(mockExec).toHaveBeenCalledWith(
-      expect.any(String),
-      [
-        '-c',
-        'protocol.version=2',
-        'fetch',
-        '--bare',
-        '--no-tags',
-        '--prune',
-        '--no-recurse-submodules',
-        '--filter=filterValue',
-        'origin',
-        'refspec1',
-        'refspec2'
-      ],
-      expect.any(Object)
-    )
-  })
 })
--- a/test/ref-helper.test.ts
+++ b/test/ref-helper.test.ts
@@ -77,16 +77,6 @@ describe('ref-helper tests', () => {
    expect(checkoutInfo.startPoint).toBeFalsy()
  })

-  it('getCheckoutInfo refs/ without commit', async () => {
-    const checkoutInfo = await refHelper.getCheckoutInfo(
-      git,
-      'refs/non-standard-ref',
-      ''
-    )
-    expect(checkoutInfo.ref).toBe('refs/non-standard-ref')
-    expect(checkoutInfo.startPoint).toBeFalsy()
-  })
-
  it('getCheckoutInfo unqualified branch only', async () => {
    git.branchExists = jest.fn(async (remote: boolean, pattern: string) => {
      return true
--- a/test/url-helper.test.ts
+++ b/test/url-helper.test.ts
@@ -1,92 +0,0 @@
-import * as urlHelper from '../src/url-helper'
-
-describe('getServerUrl tests', () => {
-  it('basics', async () => {
-    // Note that URL::toString will append a trailing / when passed just a domain name ...
-    expect(urlHelper.getServerUrl().toString()).toBe('https://github.com/')
-    expect(urlHelper.getServerUrl(' ').toString()).toBe('https://github.com/')
-    expect(urlHelper.getServerUrl('   ').toString()).toBe('https://github.com/')
-    expect(urlHelper.getServerUrl('http://contoso.com').toString()).toBe(
-      'http://contoso.com/'
-    )
-    expect(urlHelper.getServerUrl('https://contoso.com').toString()).toBe(
-      'https://contoso.com/'
-    )
-    expect(urlHelper.getServerUrl('https://contoso.com/').toString()).toBe(
-      'https://contoso.com/'
-    )
-
-    // ... but can't make that same assumption when passed an URL that includes some deeper path.
-    expect(urlHelper.getServerUrl('https://contoso.com/a/b').toString()).toBe(
-      'https://contoso.com/a/b'
-    )
-  })
-})
-
-describe('isGhes tests', () => {
-  const pristineEnv = process.env
-
-  beforeEach(() => {
-    jest.resetModules()
-    process.env = {...pristineEnv}
-  })
-
-  afterAll(() => {
-    process.env = pristineEnv
-  })
-
-  it('basics', async () => {
-    delete process.env['GITHUB_SERVER_URL']
-    expect(urlHelper.isGhes()).toBeFalsy()
-    expect(urlHelper.isGhes('https://github.com')).toBeFalsy()
-    expect(urlHelper.isGhes('https://contoso.ghe.com')).toBeFalsy()
-    expect(urlHelper.isGhes('https://test.github.localhost')).toBeFalsy()
-    expect(urlHelper.isGhes('https://src.onpremise.fabrikam.com')).toBeTruthy()
-  })
-
-  it('returns false when the GITHUB_SERVER_URL environment variable is not defined', async () => {
-    delete process.env['GITHUB_SERVER_URL']
-    expect(urlHelper.isGhes()).toBeFalsy()
-  })
-
-  it('returns false when the GITHUB_SERVER_URL environment variable is set to github.com', async () => {
-    process.env['GITHUB_SERVER_URL'] = 'https://github.com'
-    expect(urlHelper.isGhes()).toBeFalsy()
-  })
-
-  it('returns false when the GITHUB_SERVER_URL environment variable is set to a GitHub Enterprise Cloud-style URL', async () => {
-    process.env['GITHUB_SERVER_URL'] = 'https://contoso.ghe.com'
-    expect(urlHelper.isGhes()).toBeFalsy()
-  })
-
-  it('returns false when the GITHUB_SERVER_URL environment variable has a .localhost suffix', async () => {
-    process.env['GITHUB_SERVER_URL'] = 'https://mock-github.localhost'
-    expect(urlHelper.isGhes()).toBeFalsy()
-  })
-
-  it('returns true when the GITHUB_SERVER_URL environment variable is set to some other URL', async () => {
-    process.env['GITHUB_SERVER_URL'] = 'https://src.onpremise.fabrikam.com'
-    expect(urlHelper.isGhes()).toBeTruthy()
-  })
-})
-
-describe('getServerApiUrl tests', () => {
-  it('basics', async () => {
-    expect(urlHelper.getServerApiUrl()).toBe('https://api.github.com')
-    expect(urlHelper.getServerApiUrl('https://github.com')).toBe(
-      'https://api.github.com'
-    )
-    expect(urlHelper.getServerApiUrl('https://GitHub.com')).toBe(
-      'https://api.github.com'
-    )
-    expect(urlHelper.getServerApiUrl('https://contoso.ghe.com')).toBe(
-      'https://api.contoso.ghe.com'
-    )
-    expect(urlHelper.getServerApiUrl('https://fabrikam.GHE.COM')).toBe(
-      'https://api.fabrikam.ghe.com'
-    )
-    expect(
-      urlHelper.getServerApiUrl('https://src.onpremise.fabrikam.com')
-    ).toBe('https://src.onpremise.fabrikam.com/api/v3')
-  })
-})
--- a/action.yml
+++ b/action.yml
@@ -1,112 +1,109 @@
-name: 'Checkout'
-description: 'Checkout a Git repository at a particular version'
-inputs:
-  repository:
-    description: 'Repository name with owner. For example, actions/checkout'
-    default: ${{ github.repository }}
-  ref:
-    description: >
-      The branch, tag or SHA to checkout. When checking out the repository that
-      triggered a workflow, this defaults to the reference or SHA for that
-      event.  Otherwise, uses the default branch.
-  token:
-    description: >
-      Personal access token (PAT) used to fetch the repository. The PAT is configured
-      with the local git config, which enables your scripts to run authenticated git
-      commands. The post-job step removes the PAT.
-
-
-      We recommend using a service account with the least permissions necessary.
-      Also when generating a new PAT, select the least scopes necessary.
-
-
-      [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
-    default: ${{ github.token }}
-  ssh-key:
-    description: >
-      SSH key used to fetch the repository. The SSH key is configured with the local
-      git config, which enables your scripts to run authenticated git commands.
-      The post-job step removes the SSH key.
-
-
-      We recommend using a service account with the least permissions necessary.
-
-
-      [Learn more about creating and using
-      encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
-  ssh-known-hosts:
-    description: >
-      Known hosts in addition to the user and global host key database. The public
-      SSH keys for a host may be obtained using the utility `ssh-keyscan`. For example,
-      `ssh-keyscan github.com`. The public key for github.com is always implicitly added.
-  ssh-strict:
-    description: >
-      Whether to perform strict host key checking. When true, adds the options `StrictHostKeyChecking=yes`
-      and `CheckHostIP=no` to the SSH command line. Use the input `ssh-known-hosts` to
-      configure additional hosts.
-    default: true
-  ssh-user:
-    description: >
-      The user to use when connecting to the remote SSH host. By default 'git' is used.
-    default: git
-  persist-credentials:
-    description: 'Whether to configure the token or SSH key with the local git config'
-    default: true
-  path:
-    description: 'Relative path under $GITHUB_WORKSPACE to place the repository'
-  clean:
-    description: 'Whether to execute `git clean -ffdx && git reset --hard HEAD` before fetching'
-    default: true
-  filter:
-    description: >
-      Partially clone against a given filter.
-      Overrides sparse-checkout if set.
-    default: null
-  sparse-checkout:
-    description: >
-      Do a sparse checkout on given patterns.
-      Each pattern should be separated with new lines.
-    default: null
-  sparse-checkout-cone-mode:
-    description: >
-      Specifies whether to use cone-mode when doing a sparse checkout.
-    default: true
-  fetch-depth:
-    description: 'Number of commits to fetch. 0 indicates all history for all branches and tags.'
-    default: 1
-  fetch-tags:
-    description: 'Whether to fetch tags, even if fetch-depth > 0.'
-    default: false
-  show-progress:
-    description: 'Whether to show progress status output when fetching.'
-    default: true
-  lfs:
-    description: 'Whether to download Git-LFS files'
-    default: false
-  submodules:
-    description: >
-      Whether to checkout submodules: `true` to checkout submodules or `recursive` to
-      recursively checkout submodules.
-
-
-      When the `ssh-key` input is not provided, SSH URLs beginning with `git@github.com:` are
-      converted to HTTPS.
-    default: false
-  set-safe-directory:
-    description: Add repository path as safe.directory for Git global config by running `git config --global --add safe.directory <path>`
-    default: true
-  github-server-url:
-    description: The base URL for the GitHub instance that you are trying to clone from, will use environment defaults to fetch from the same instance that the workflow is running from unless specified. Example URLs are https://github.com or https://my-ghes-server.example.com
-    required: false
-  bare:
-    description: 'Whether to clone the repository as a bare repository'
-    default: false
-outputs:
-  ref:
-    description: 'The branch, tag or SHA that was checked out'
-  commit:
-    description: 'The commit SHA that was checked out'
-runs:
-  using: node20
-  main: dist/index.js
-  post: dist/index.js
+name: 'Checkout'
+description: 'Checkout a Git repository at a particular version'
+inputs:
+  repository:
+    description: 'Repository name with owner. For example, actions/checkout'
+    default: ${{ github.repository }}
+  ref:
+    description: >
+      The branch, tag or SHA to checkout. When checking out the repository that
+      triggered a workflow, this defaults to the reference or SHA for that
+      event.  Otherwise, uses the default branch.
+  token:
+    description: >
+      Personal access token (PAT) used to fetch the repository. The PAT is configured
+      with the local git config, which enables your scripts to run authenticated git
+      commands. The post-job step removes the PAT.
+
+
+      We recommend using a service account with the least permissions necessary.
+      Also when generating a new PAT, select the least scopes necessary.
+
+
+      [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
+    default: ${{ github.token }}
+  ssh-key:
+    description: >
+      SSH key used to fetch the repository. The SSH key is configured with the local
+      git config, which enables your scripts to run authenticated git commands.
+      The post-job step removes the SSH key.
+
+
+      We recommend using a service account with the least permissions necessary.
+
+
+      [Learn more about creating and using
+      encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
+  ssh-known-hosts:
+    description: >
+      Known hosts in addition to the user and global host key database. The public
+      SSH keys for a host may be obtained using the utility `ssh-keyscan`. For example,
+      `ssh-keyscan github.com`. The public key for github.com is always implicitly added.
+  ssh-strict:
+    description: >
+      Whether to perform strict host key checking. When true, adds the options `StrictHostKeyChecking=yes`
+      and `CheckHostIP=no` to the SSH command line. Use the input `ssh-known-hosts` to
+      configure additional hosts.
+    default: true
+  ssh-user:
+    description: >
+      The user to use when connecting to the remote SSH host. By default 'git' is used.
+    default: git
+  persist-credentials:
+    description: 'Whether to configure the token or SSH key with the local git config'
+    default: true
+  path:
+    description: 'Relative path under $GITHUB_WORKSPACE to place the repository'
+  clean:
+    description: 'Whether to execute `git clean -ffdx && git reset --hard HEAD` before fetching'
+    default: true
+  filter:
+    description: >
+      Partially clone against a given filter.
+      Overrides sparse-checkout if set.
+    default: null
+  sparse-checkout:
+    description: >
+      Do a sparse checkout on given patterns.
+      Each pattern should be separated with new lines.
+    default: null
+  sparse-checkout-cone-mode:
+    description: >
+      Specifies whether to use cone-mode when doing a sparse checkout.
+    default: true
+  fetch-depth:
+    description: 'Number of commits to fetch. 0 indicates all history for all branches and tags.'
+    default: 1
+  fetch-tags:
+    description: 'Whether to fetch tags, even if fetch-depth > 0.'
+    default: false
+  show-progress:
+    description: 'Whether to show progress status output when fetching.'
+    default: true
+  lfs:
+    description: 'Whether to download Git-LFS files'
+    default: false
+  submodules:
+    description: >
+      Whether to checkout submodules: `true` to checkout submodules or `recursive` to
+      recursively checkout submodules.
+
+
+      When the `ssh-key` input is not provided, SSH URLs beginning with `git@github.com:` are
+      converted to HTTPS.
+    default: false
+  set-safe-directory:
+    description: Add repository path as safe.directory for Git global config by running `git config --global --add safe.directory <path>`
+    default: true
+  github-server-url:
+    description: The base URL for the GitHub instance that you are trying to clone from, will use environment defaults to fetch from the same instance that the workflow is running from unless specified. Example URLs are https://github.com or https://my-ghes-server.example.com
+    required: false
+outputs:
+  ref:
+    description: 'The branch, tag or SHA that was checked out'
+  commit:
+    description: 'The commit SHA that was checked out'
+runs:
+  using: node20
+  main: dist/index.js
+  post: dist/index.js
--- a/dist/index.js
+++ b/dist/index.js
@@ -2005,8 +2005,8 @@ function getCheckoutInfo(git, ref, commit) {
            result.ref = ref;
        }
        // refs/
-        else if (upperRef.startsWith('REFS/')) {
-            result.ref = commit ? commit : ref;
+        else if (upperRef.startsWith('REFS/') && commit) {
+            result.ref = commit;
        }
        // Unqualified ref, check for a matching branch or tag
        else {
@@ -2454,50 +2454,22 @@ function getFetchUrl(settings) {
    return `${serviceUrl.origin}/${encodedOwner}/${encodedName}`;
 }
 function getServerUrl(url) {
-    let resolvedUrl = process.env['GITHUB_SERVER_URL'] || 'https://github.com';
-    if (hasContent(url, WhitespaceMode.Trim)) {
-        resolvedUrl = url;
-    }
-    return new url_1.URL(resolvedUrl);
+    let urlValue = url && url.trim().length > 0
+        ? url
+        : process.env['GITHUB_SERVER_URL'] || 'https://github.com';
+    return new url_1.URL(urlValue);
 }
 function getServerApiUrl(url) {
-    if (hasContent(url, WhitespaceMode.Trim)) {
-        let serverUrl = getServerUrl(url);
-        if (isGhes(url)) {
-            serverUrl.pathname = 'api/v3';
-        }
-        else {
-            serverUrl.hostname = 'api.' + serverUrl.hostname;
-        }
-        return pruneSuffix(serverUrl.toString(), '/');
+    let apiUrl = 'https://api.github.com';
+    if (isGhes(url)) {
+        const serverUrl = getServerUrl(url);
+        apiUrl = new url_1.URL(`${serverUrl.origin}/api/v3`).toString();
    }
-    return process.env['GITHUB_API_URL'] || 'https://api.github.com';
+    return apiUrl;
 }
 function isGhes(url) {
-    const ghUrl = new url_1.URL(url || process.env['GITHUB_SERVER_URL'] || 'https://github.com');
-    const hostname = ghUrl.hostname.trimEnd().toUpperCase();
-    const isGitHubHost = hostname === 'GITHUB.COM';
-    const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM');
-    const isLocalHost = hostname.endsWith('.LOCALHOST');
-    return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
-}
-function pruneSuffix(text, suffix) {
-    if (hasContent(suffix, WhitespaceMode.Preserve) && (text === null || text === void 0 ? void 0 : text.endsWith(suffix))) {
-        return text.substring(0, text.length - suffix.length);
-    }
-    return text;
-}
-var WhitespaceMode;
-(function (WhitespaceMode) {
-    WhitespaceMode[WhitespaceMode["Trim"] = 0] = "Trim";
-    WhitespaceMode[WhitespaceMode["Preserve"] = 1] = "Preserve";
-})(WhitespaceMode || (WhitespaceMode = {}));
-function hasContent(text, whitespaceMode) {
-    let refinedText = text !== null && text !== void 0 ? text : '';
-    if (whitespaceMode == WhitespaceMode.Trim) {
-        refinedText = refinedText.trim();
-    }
-    return refinedText.length > 0;
+    const ghUrl = getServerUrl(url);
+    return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM';
 }


--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
  "name": "checkout",
-  "version": "4.2.2",
+  "version": "4.1.7",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "checkout",
-      "version": "4.2.2",
+      "version": "4.1.7",
      "license": "MIT",
      "dependencies": {
        "@actions/core": "^1.10.1",
@@ -14,12 +14,12 @@
        "@actions/github": "^6.0.0",
        "@actions/io": "^1.1.3",
        "@actions/tool-cache": "^2.0.1",
-        "uuid": "^9.0.1"
+        "uuid": "^10.0.0"
      },
      "devDependencies": {
        "@types/jest": "^29.5.12",
        "@types/node": "^20.12.12",
-        "@types/uuid": "^9.0.8",
+        "@types/uuid": "^10.0.0",
        "@typescript-eslint/eslint-plugin": "^7.9.0",
        "@typescript-eslint/parser": "^7.9.0",
        "@vercel/ncc": "^0.38.1",
@@ -1603,9 +1603,9 @@
      "dev": true
    },
    "node_modules/@types/uuid": {
-      "version": "9.0.8",
-      "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-9.0.8.tgz",
-      "integrity": "sha512-jg+97EGIcY9AGHJJRaaPVgetKDsrTgbRjQ5Msgjh/DQKEFl0DtyRr/VCOyD1T2R1MNeWPK/u7JoGhlDZnKBAfA==",
+      "version": "10.0.0",
+      "resolved": "https://registry.npmjs.org/@types/uuid/-/uuid-10.0.0.tgz",
+      "integrity": "sha512-7gqG38EyHgyP1S+7+xomFtL+ZNHcKv6DwNaCZmJmo1vgMugyF3TCnXVg4t1uk89mLNwnLtnY3TpOpCOyp1/xHQ==",
      "dev": true
    },
    "node_modules/@types/yargs": {
@@ -6991,9 +6991,9 @@
      }
    },
    "node_modules/uuid": {
-      "version": "9.0.1",
-      "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz",
-      "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==",
+      "version": "10.0.0",
+      "resolved": "https://registry.npmjs.org/uuid/-/uuid-10.0.0.tgz",
+      "integrity": "sha512-8XkAphELsDnEGrDxUOHB3RGvXz6TeuYSGEZBOjtTtPm2lwhGBjLgOzLHB63IUWfBpNucQjND6d3AOudO+H3RWQ==",
      "funding": [
        "https://github.com/sponsors/broofa",
        "https://github.com/sponsors/ctavan"
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "checkout",
-  "version": "4.2.2",
+  "version": "4.1.7",
  "description": "checkout action",
  "main": "lib/main.js",
  "scripts": {
@@ -33,12 +33,12 @@
    "@actions/github": "^6.0.0",
    "@actions/io": "^1.1.3",
    "@actions/tool-cache": "^2.0.1",
-    "uuid": "^9.0.1"
+    "uuid": "^10.0.0"
  },
  "devDependencies": {
    "@types/jest": "^29.5.12",
    "@types/node": "^20.12.12",
-    "@types/uuid": "^9.0.8",
+    "@types/uuid": "^10.0.0",
    "@typescript-eslint/eslint-plugin": "^7.9.0",
    "@typescript-eslint/parser": "^7.9.0",
    "@vercel/ncc": "^0.38.1",
--- a/src/git-source-provider.ts
+++ b/src/git-source-provider.ts
@@ -110,11 +110,7 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
      !fsHelper.directoryExistsSync(path.join(settings.repositoryPath, '.git'))
    ) {
      core.startGroup('Initializing the repository')
-      const initArgs = ['init']
-      if (settings.bare) {
-        initArgs.push('--bare')
-      }
-      await git.execGit(initArgs)
+      await git.init()
      await git.remoteAdd('origin', repositoryUrl)
      core.endGroup()
    }
--- a/src/ref-helper.ts
+++ b/src/ref-helper.ts
@@ -46,8 +46,8 @@ export async function getCheckoutInfo(
    result.ref = ref
  }
  // refs/
-  else if (upperRef.startsWith('REFS/')) {
-    result.ref = commit ? commit : ref
+  else if (upperRef.startsWith('REFS/') && commit) {
+    result.ref = commit
  }
  // Unqualified ref, check for a matching branch or tag
  else {
--- a/src/url-helper.ts
+++ b/src/url-helper.ts
@@ -21,61 +21,26 @@ export function getFetchUrl(settings: IGitSourceSettings): string {
 }

 export function getServerUrl(url?: string): URL {
-  let resolvedUrl = process.env['GITHUB_SERVER_URL'] || 'https://github.com'
-  if (hasContent(url, WhitespaceMode.Trim)) {
-    resolvedUrl = url!
-  }
-
-  return new URL(resolvedUrl)
+  let urlValue =
+    url && url.trim().length > 0
+      ? url
+      : process.env['GITHUB_SERVER_URL'] || 'https://github.com'
+  return new URL(urlValue)
 }

 export function getServerApiUrl(url?: string): string {
-  if (hasContent(url, WhitespaceMode.Trim)) {
-    let serverUrl = getServerUrl(url)
-    if (isGhes(url)) {
-      serverUrl.pathname = 'api/v3'
-    } else {
-      serverUrl.hostname = 'api.' + serverUrl.hostname
-    }
+  let apiUrl = 'https://api.github.com'

-    return pruneSuffix(serverUrl.toString(), '/')
+  if (isGhes(url)) {
+    const serverUrl = getServerUrl(url)
+    apiUrl = new URL(`${serverUrl.origin}/api/v3`).toString()
  }

-  return process.env['GITHUB_API_URL'] || 'https://api.github.com'
+  return apiUrl
 }

 export function isGhes(url?: string): boolean {
-  const ghUrl = new URL(
-    url || process.env['GITHUB_SERVER_URL'] || 'https://github.com'
-  )
+  const ghUrl = getServerUrl(url)

-  const hostname = ghUrl.hostname.trimEnd().toUpperCase()
-  const isGitHubHost = hostname === 'GITHUB.COM'
-  const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM')
-  const isLocalHost = hostname.endsWith('.LOCALHOST')
-
-  return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost
-}
-
-function pruneSuffix(text: string, suffix: string) {
-  if (hasContent(suffix, WhitespaceMode.Preserve) && text?.endsWith(suffix)) {
-    return text.substring(0, text.length - suffix.length)
-  }
-  return text
-}
-
-enum WhitespaceMode {
-  Trim,
-  Preserve
-}
-
-function hasContent(
-  text: string | undefined,
-  whitespaceMode: WhitespaceMode
-): boolean {
-  let refinedText = text ?? ''
-  if (whitespaceMode == WhitespaceMode.Trim) {
-    refinedText = refinedText.trim()
-  }
-  return refinedText.length > 0
+  return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM'
 }