Merge 79a832ff0dbbdeecb9ada41e36ef46a5f934284c into 11bd71901bbe5b1630ceea73d27597364c9af683

* Prepare 4.2.2 Release

---------

Co-authored-by: Josh Gross <joshmgross@github.com>

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Changelog
 
+## v4.2.2
+* `url-helper.ts` now leverages well-known environment variables by @jww3 in https://github.com/actions/checkout/pull/1941
+* Expand unit test coverage for `isGhes` by @jww3 in https://github.com/actions/checkout/pull/1946
+
 ## v4.2.1
 * Check out other refs/* by commit if provided, fall back to ref by @orhantoy in https://github.com/actions/checkout/pull/1924
 

README.md

@@ -35,6 +35,10 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
     #
     # We recommend using a service account with the least permissions necessary. Also
     # when generating a new PAT, select the least scopes necessary.
+    # For a basic restricted reference, you can use the same permissions as the
+    # [`GITHUB_TOKEN` gives.](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)
+    # This means creating a "Fine-grained personal access token" with the
+    # `content` and `metadata` permissions.
     #
     # [Learn more about creating and using encrypted secrets](https://help.github.com/en/actions/automating-your-workflow-with-github-actions/creating-and-using-encrypted-secrets)
     #

__test__/url-helper.test.ts

@@ -24,13 +24,50 @@ describe('getServerUrl tests', () => {
 })
 
 describe('isGhes tests', () => {
+  const pristineEnv = process.env
+
+  beforeEach(() => {
+    jest.resetModules()
+    process.env = {...pristineEnv}
+  })
+
+  afterAll(() => {
+    process.env = pristineEnv
+  })
+
   it('basics', async () => {
+    delete process.env['GITHUB_SERVER_URL']
     expect(urlHelper.isGhes()).toBeFalsy()
     expect(urlHelper.isGhes('https://github.com')).toBeFalsy()
     expect(urlHelper.isGhes('https://contoso.ghe.com')).toBeFalsy()
     expect(urlHelper.isGhes('https://test.github.localhost')).toBeFalsy()
     expect(urlHelper.isGhes('https://src.onpremise.fabrikam.com')).toBeTruthy()
   })
+
+  it('returns false when the GITHUB_SERVER_URL environment variable is not defined', async () => {
+    delete process.env['GITHUB_SERVER_URL']
+    expect(urlHelper.isGhes()).toBeFalsy()
+  })
+
+  it('returns false when the GITHUB_SERVER_URL environment variable is set to github.com', async () => {
+    process.env['GITHUB_SERVER_URL'] = 'https://github.com'
+    expect(urlHelper.isGhes()).toBeFalsy()
+  })
+
+  it('returns false when the GITHUB_SERVER_URL environment variable is set to a GitHub Enterprise Cloud-style URL', async () => {
+    process.env['GITHUB_SERVER_URL'] = 'https://contoso.ghe.com'
+    expect(urlHelper.isGhes()).toBeFalsy()
+  })
+
+  it('returns false when the GITHUB_SERVER_URL environment variable has a .localhost suffix', async () => {
+    process.env['GITHUB_SERVER_URL'] = 'https://mock-github.localhost'
+    expect(urlHelper.isGhes()).toBeFalsy()
+  })
+
+  it('returns true when the GITHUB_SERVER_URL environment variable is set to some other URL', async () => {
+    process.env['GITHUB_SERVER_URL'] = 'https://src.onpremise.fabrikam.com'
+    expect(urlHelper.isGhes()).toBeTruthy()
+  })
 })
 
 describe('getServerApiUrl tests', () => {

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "checkout",
-  "version": "4.2.1",
+  "version": "4.2.2",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "checkout",
-      "version": "4.2.1",
+      "version": "4.2.2",
       "license": "MIT",
       "dependencies": {
         "@actions/core": "^1.10.1",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "checkout",
-  "version": "4.2.1",
+  "version": "4.2.2",
   "description": "checkout action",
   "main": "lib/main.js",
   "scripts": {