Snyk has created this PR to upgrade @actions/core from 1.6.0 to 1.7.0.
See this package in npm:
https://www.npmjs.com/package/@actions/core
See this project in Snyk:
34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade @actions/github from 5.0.0 to 5.0.1.
See this package in npm:
https://www.npmjs.com/package/@actions/github
See this project in Snyk:
34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade @actions/github from 2.2.0 to 5.0.0.
See this package in npm:
https://www.npmjs.com/package/@actions/github
See this project in Snyk:
34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade uuid from 3.4.0 to 8.3.2.
See this package in npm:
https://www.npmjs.com/package/uuid
See this project in Snyk:
34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade uuid from 3.3.3 to 3.4.0.
See this package in npm:
https://www.npmjs.com/package/uuid
See this project in Snyk:
34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
Snyk has created this PR to upgrade @actions/core from 1.2.6 to 1.6.0.
See this package in npm:
https://www.npmjs.com/package/@actions/core
See this project in Snyk:
34c7da3b-bd8a-469a-bbc4-db9b5aa7b90e?utm_source=github&utm_medium=referral&page=upgrade-pr
* auth-helper: properly await replacement of the token value in the config
After writing the `.extraheader` config, we manually replace the token
with the actual value. This is done in an `async` function, but we were
not `await`ing the result.
In our tests, this commit fixes a flakiness we observed where
`remote.origin.url` sometimes (very rarely, actually) is not set for
submodules. Our interpretation is that the configs are in the process of
being rewritten with the correct token value _while_ another `git
config` that wants to set the `insteadOf` value is reading the config,
which is currently empty.
A more idiomatic way to fix this in Typescript would use
`Promise.all()`, like this:
await Promise.all(
configPaths.map(async configPath => {
core.debug(`Replacing token placeholder in '${configPath}'`)
await this.replaceTokenPlaceholder(configPath)
})
)
However, during review of https://github.com/actions/checkout/pull/379
it was decided to keep the `for` loop in the interest of simplicity.
Reported by Ian Lynagh.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
* downloadRepository(): await the result of recursive deletions
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
* Ask ESLint to report floating Promises
This rule is quite helpful in avoiding hard-to-debug missing `await`s.
Note: there are two locations in `src/main.ts` that trigger warnings:
the `run()` and the `cleanup()` function are called without `await` and
without any `.catch()` clause.
In the initial version of https://github.com/actions/checkout/pull/379,
this was addressed by adding `.catch()` clauses. However, it was
determined that this is boilerplate code that will need to be fixed in a
broader way.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
* Rebuild
This trick was brought to you by `npm ci && npm run build`. Needed to
get the PR build to pass.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
