.

.github/workflows/codeql-analysis.yml

@@ -42,7 +42,7 @@ jobs:
       uses: actions/checkout@v3
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v1
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -55,4 +55,4 @@ jobs:
     - run: rm -rf dist # We want code scanning to analyze lib instead (individual .js files)
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v1

.github/workflows/test.yml

@@ -72,33 +72,6 @@ jobs:
         shell: bash
         run: __test__/verify-side-by-side.sh
 
-      # Sparse checkout
-      - name: Sparse checkout
-        uses: ./
-        with:
-          sparse-checkout: |
-            __test__
-            .github
-            dist
-          path: sparse-checkout
-
-      - name: Verify sparse checkout
-        run: __test__/verify-sparse-checkout.sh
-
-      # Sparse checkout (non-cone mode)
-      - name: Sparse checkout (non-cone mode)
-        uses: ./
-        with:
-          sparse-checkout: |
-            /__test__/
-            /.github/
-            /dist/
-          sparse-checkout-cone-mode: false
-          path: sparse-checkout-non-cone-mode
-
-      - name: Verify sparse checkout (non-cone mode)
-        run: __test__/verify-sparse-checkout-non-cone-mode.sh
-
       # LFS
       - name: Checkout LFS
         uses: ./

.github/workflows/update-main-version.yml

@@ -1,5 +1,5 @@
 name: Update Main Version
-run-name: Move ${{ github.event.inputs.major_version }} to ${{ github.event.inputs.target }}
+run-name: Move ${{ github.event.inputs.main_version }} to ${{ github.event.inputs.target }}
 
 on:
   workflow_dispatch:
@@ -7,12 +7,11 @@ on:
       target:
         description: The tag or reference to use
         required: true
-      major_version:
+      main_version:
         type: choice
-        description: The major version to update
+        description: The main version to update
         options:
           - v3
-          - v2
 
 jobs:
   tag:
@@ -26,6 +25,6 @@ jobs:
         git config user.name github-actions
         git config user.email github-actions@github.com
     - name: Tag new target
-      run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }}
+      run: git tag -f ${{ github.event.inputs.main_version }} ${{ github.event.inputs.target }}
     - name: Push new tag
-      run: git push origin ${{ github.event.inputs.major_version }} --force
+      run: git push origin ${{ github.event.inputs.main_version }} --force

CHANGELOG.md

@@ -1,37 +1,5 @@
 # Changelog
 
-## v3.5.3
-- [Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in](https://github.com/actions/checkout/pull/1196)
-- [Fix typos found by codespell](https://github.com/actions/checkout/pull/1287)
-- [Add support for sparse checkouts](https://github.com/actions/checkout/pull/1369)
-
-## v3.5.2
-- [Fix api endpoint for GHES](https://github.com/actions/checkout/pull/1289)
-
-## v3.5.1
-- [Fix slow checkout on Windows](https://github.com/actions/checkout/pull/1246)
-
-## v3.5.0
-* [Add new public key for known_hosts](https://github.com/actions/checkout/pull/1237)
-
-## v3.4.0
-- [Upgrade codeql actions to v2](https://github.com/actions/checkout/pull/1209)
-- [Upgrade dependencies](https://github.com/actions/checkout/pull/1210)
-- [Upgrade @actions/io](https://github.com/actions/checkout/pull/1225)
-
-## v3.3.0
-- [Implement branch list using callbacks from exec function](https://github.com/actions/checkout/pull/1045)
-- [Add in explicit reference to private checkout options](https://github.com/actions/checkout/pull/1050)
-- [Fix comment typos (that got added in #770)](https://github.com/actions/checkout/pull/1057)
-
-## v3.2.0
-- [Add GitHub Action to perform release](https://github.com/actions/checkout/pull/942)
-- [Fix status badge](https://github.com/actions/checkout/pull/967)
-- [Replace datadog/squid with ubuntu/squid Docker image](https://github.com/actions/checkout/pull/1002)
-- [Wrap pipeline commands for submoduleForeach in quotes](https://github.com/actions/checkout/pull/964)
-- [Update @actions/io to 1.1.2](https://github.com/actions/checkout/pull/1029)
-- [Upgrading version to 3.2.0](https://github.com/actions/checkout/pull/1039)
-
 ## v3.1.0
 - [Use @actions/core `saveState` and `getState`](https://github.com/actions/checkout/pull/939)
 - [Add `github-server-url` input](https://github.com/actions/checkout/pull/922)

README.md

@@ -74,15 +74,6 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl
     # Default: true
     clean: ''
 
-    # Do a sparse checkout on given patterns. Each pattern should be separated with
-    # new lines
-    # Default: null
-    sparse-checkout: ''
-
-    # Specifies whether to use cone-mode when doing a sparse checkout.
-    # Default: true
-    sparse-checkout-cone-mode: ''
-
     # Number of commits to fetch. 0 indicates all history for all branches and tags.
     # Default: 1
     fetch-depth: ''
@@ -115,9 +106,6 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl
 
 # Scenarios
 
-- [Fetch only the root files](#Fetch-only-the-root-files)
-- [Fetch only the root files and `.github` and `src` folder](#Fetch-only-the-root-files-and-github-and-src-folder)
-- [Fetch only a single file](#Fetch-only-a-single-file)
 - [Fetch all history for all tags and branches](#Fetch-all-history-for-all-tags-and-branches)
 - [Checkout a different branch](#Checkout-a-different-branch)
 - [Checkout HEAD^](#Checkout-HEAD)
@@ -128,34 +116,6 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl
 - [Checkout pull request on closed event](#Checkout-pull-request-on-closed-event)
 - [Push a commit using the built-in token](#Push-a-commit-using-the-built-in-token)
 
-## Fetch only the root files
-
-```yaml
-- uses: actions/checkout@v3
-  with:
-    sparse-checkout: .
-```
-
-## Fetch only the root files and `.github` and `src` folder
-
-```yaml
-- uses: actions/checkout@v3
-  with:
-    sparse-checkout: |
-      .github
-      src
-```
-
-## Fetch only a single file
-
-```yaml
-- uses: actions/checkout@v3
-  with:
-    sparse-checkout: |
-      README.md
-    sparse-checkout-cone-mode: false
-```
-
 ## Fetch all history for all tags and branches
 
 ```yaml
@@ -195,7 +155,6 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl
     repository: my-org/my-tools
     path: my-tools
 ```
-> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
 
 ## Checkout multiple repos (nested)
 
@@ -209,7 +168,6 @@ When Git 2.18 or higher is not in your PATH, falls back to the REST API to downl
     repository: my-org/my-tools
     path: my-tools
 ```
-> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
 
 ## Checkout multiple repos (private)
 

__test__/git-auth-helper.test.ts

@@ -94,11 +94,11 @@ describe('git-auth-helper tests', () => {
       `x-access-token:${settings.authToken}`,
       'utf8'
     ).toString('base64')
-    // expect(
-    //   configContent.indexOf(
-    //     `http.${expectedServerUrl}/.extraheader AUTHORIZATION: basic ${basicCredential}`
-    //   )
-    // ).toBeGreaterThanOrEqual(0)
+    expect(
+      configContent.indexOf(
+        `http.${expectedServerUrl}/.extraheader AUTHORIZATION: basic ${basicCredential}`
+      )
+    ).toBeGreaterThanOrEqual(0)
   }
 
   const configureAuth_configuresAuthHeader =
@@ -145,11 +145,11 @@ describe('git-auth-helper tests', () => {
       const configContent = (
         await fs.promises.readFile(localGitConfigPath)
       ).toString()
-      // expect(
-      //   configContent.indexOf(
-      //     `http.https://github.com/.extraheader AUTHORIZATION`
-      //   )
-      // ).toBeGreaterThanOrEqual(0)
+      expect(
+        configContent.indexOf(
+          `http.https://github.com/.extraheader AUTHORIZATION`
+        )
+      ).toBeGreaterThanOrEqual(0)
     }
   )
 
@@ -419,11 +419,11 @@ describe('git-auth-helper tests', () => {
     expect(
       configContent.indexOf('value-from-global-config')
     ).toBeGreaterThanOrEqual(0)
-    // expect(
-    //   configContent.indexOf(
-    //     `http.https://github.com/.extraheader AUTHORIZATION: basic ${basicCredential}`
-    //   )
-    // ).toBeGreaterThanOrEqual(0)
+    expect(
+      configContent.indexOf(
+        `http.https://github.com/.extraheader AUTHORIZATION: basic ${basicCredential}`
+      )
+    ).toBeGreaterThanOrEqual(0)
   })
 
   const configureGlobalAuth_createsNewGlobalGitConfigWhenGlobalDoesNotExist =
@@ -463,11 +463,11 @@ describe('git-auth-helper tests', () => {
       const configContent = (
         await fs.promises.readFile(path.join(git.env['HOME'], '.gitconfig'))
       ).toString()
-      // expect(
-      //   configContent.indexOf(
-      //     `http.https://github.com/.extraheader AUTHORIZATION: basic ${basicCredential}`
-      //   )
-      // ).toBeGreaterThanOrEqual(0)
+      expect(
+        configContent.indexOf(
+          `http.https://github.com/.extraheader AUTHORIZATION: basic ${basicCredential}`
+        )
+      ).toBeGreaterThanOrEqual(0)
     }
   )
 
@@ -554,7 +554,7 @@ describe('git-auth-helper tests', () => {
       expect(mockSubmoduleForeach.mock.calls[0][0]).toMatch(
         /unset-all.*insteadOf/
       )
-      // expect(mockSubmoduleForeach.mock.calls[1][0]).toMatch(/http.*extraheader/)
+      expect(mockSubmoduleForeach.mock.calls[1][0]).toMatch(/http.*extraheader/)
       expect(mockSubmoduleForeach.mock.calls[2][0]).toMatch(
         /url.*insteadOf.*git@github.com:/
       )
@@ -593,7 +593,7 @@ describe('git-auth-helper tests', () => {
       expect(mockSubmoduleForeach.mock.calls[0][0]).toMatch(
         /unset-all.*insteadOf/
       )
-      // expect(mockSubmoduleForeach.mock.calls[1][0]).toMatch(/http.*extraheader/)
+      expect(mockSubmoduleForeach.mock.calls[1][0]).toMatch(/http.*extraheader/)
       expect(mockSubmoduleForeach.mock.calls[2][0]).toMatch(/core\.sshCommand/)
     }
   )
@@ -727,8 +727,6 @@ async function setup(testName: string): Promise<void> {
     branchDelete: jest.fn(),
     branchExists: jest.fn(),
     branchList: jest.fn(),
-    sparseCheckout: jest.fn(),
-    sparseCheckoutNonConeMode: jest.fn(),
     checkout: jest.fn(),
     checkoutDetach: jest.fn(),
     config: jest.fn(
@@ -772,9 +770,6 @@ async function setup(testName: string): Promise<void> {
       return ''
     }),
     submoduleSync: jest.fn(),
-    submoduleStatus: jest.fn(async () => {
-      return true
-    }),
     submoduleUpdate: jest.fn(),
     tagExists: jest.fn(),
     tryClean: jest.fn(),
@@ -802,8 +797,6 @@ async function setup(testName: string): Promise<void> {
     authToken: 'some auth token',
     clean: true,
     commit: '',
-    sparseCheckout: [],
-    sparseCheckoutConeMode: true,
     fetchDepth: 1,
     lfs: false,
     submodules: false,

__test__/git-command-manager.test.ts

@@ -1,90 +0,0 @@
-import * as exec from '@actions/exec'
-import * as fshelper from '../lib/fs-helper'
-import * as commandManager from '../lib/git-command-manager'
-
-let git: commandManager.IGitCommandManager
-let mockExec = jest.fn()
-
-describe('git-auth-helper tests', () => {
-  beforeAll(async () => {})
-
-  beforeEach(async () => {
-    jest.spyOn(fshelper, 'fileExistsSync').mockImplementation(jest.fn())
-    jest.spyOn(fshelper, 'directoryExistsSync').mockImplementation(jest.fn())
-  })
-
-  afterEach(() => {
-    jest.restoreAllMocks()
-  })
-
-  afterAll(() => {})
-
-  it('branch list matches', async () => {
-    mockExec.mockImplementation((path, args, options) => {
-      console.log(args, options.listeners.stdout)
-
-      if (args.includes('version')) {
-        options.listeners.stdout(Buffer.from('2.18'))
-        return 0
-      }
-
-      if (args.includes('rev-parse')) {
-        options.listeners.stdline(Buffer.from('refs/heads/foo'))
-        options.listeners.stdline(Buffer.from('refs/heads/bar'))
-        return 0
-      }
-
-      return 1
-    })
-    jest.spyOn(exec, 'exec').mockImplementation(mockExec)
-    const workingDirectory = 'test'
-    const lfs = false
-    const doSparseCheckout = false
-    git = await commandManager.createCommandManager(
-      workingDirectory,
-      lfs,
-      doSparseCheckout
-    )
-
-    let branches = await git.branchList(false)
-
-    expect(branches).toHaveLength(2)
-    expect(branches.sort()).toEqual(['foo', 'bar'].sort())
-  })
-
-  it('ambiguous ref name output is captured', async () => {
-    mockExec.mockImplementation((path, args, options) => {
-      console.log(args, options.listeners.stdout)
-
-      if (args.includes('version')) {
-        options.listeners.stdout(Buffer.from('2.18'))
-        return 0
-      }
-
-      if (args.includes('rev-parse')) {
-        options.listeners.stdline(Buffer.from('refs/heads/foo'))
-        // If refs/tags/v1 and refs/heads/tags/v1 existed on this repository
-        options.listeners.errline(
-          Buffer.from("error: refname 'tags/v1' is ambiguous")
-        )
-        return 0
-      }
-
-      return 1
-    })
-    jest.spyOn(exec, 'exec').mockImplementation(mockExec)
-    const workingDirectory = 'test'
-    const lfs = false
-    const doSparseCheckout = false
-    git = await commandManager.createCommandManager(
-      workingDirectory,
-      lfs,
-      doSparseCheckout
-    )
-
-    let branches = await git.branchList(false)
-
-    expect(branches).toHaveLength(1)
-    expect(branches.sort()).toEqual(['foo'].sort())
-  })
-})

__test__/git-directory-helper.test.ts

@@ -281,65 +281,6 @@ describe('git-directory-helper tests', () => {
     expect(git.branchDelete).toHaveBeenCalledWith(false, 'local-branch-2')
   })
 
-  const cleanWhenSubmoduleStatusIsFalse =
-    'cleans when submodule status is false'
-
-  it(cleanWhenSubmoduleStatusIsFalse, async () => {
-    // Arrange
-    await setup(cleanWhenSubmoduleStatusIsFalse)
-    await fs.promises.writeFile(path.join(repositoryPath, 'my-file'), '')
-
-    //mock bad submodule
-
-    const submoduleStatus = git.submoduleStatus as jest.Mock<any, any>
-    submoduleStatus.mockImplementation(async (remote: boolean) => {
-      return false
-    })
-
-    // Act
-    await gitDirectoryHelper.prepareExistingDirectory(
-      git,
-      repositoryPath,
-      repositoryUrl,
-      clean,
-      ref
-    )
-
-    // Assert
-    const files = await fs.promises.readdir(repositoryPath)
-    expect(files).toHaveLength(0)
-    expect(git.tryClean).toHaveBeenCalled()
-  })
-
-  const doesNotCleanWhenSubmoduleStatusIsTrue =
-    'does not clean when submodule status is true'
-
-  it(doesNotCleanWhenSubmoduleStatusIsTrue, async () => {
-    // Arrange
-    await setup(doesNotCleanWhenSubmoduleStatusIsTrue)
-    await fs.promises.writeFile(path.join(repositoryPath, 'my-file'), '')
-
-    const submoduleStatus = git.submoduleStatus as jest.Mock<any, any>
-    submoduleStatus.mockImplementation(async (remote: boolean) => {
-      return true
-    })
-
-    // Act
-    await gitDirectoryHelper.prepareExistingDirectory(
-      git,
-      repositoryPath,
-      repositoryUrl,
-      clean,
-      ref
-    )
-
-    // Assert
-
-    const files = await fs.promises.readdir(repositoryPath)
-    expect(files.sort()).toEqual(['.git', 'my-file'])
-    expect(git.tryClean).toHaveBeenCalled()
-  })
-
   const removesLockFiles = 'removes lock files'
   it(removesLockFiles, async () => {
     // Arrange
@@ -462,8 +403,6 @@ async function setup(testName: string): Promise<void> {
     branchList: jest.fn(async () => {
       return []
     }),
-    sparseCheckout: jest.fn(),
-    sparseCheckoutNonConeMode: jest.fn(),
     checkout: jest.fn(),
     checkoutDetach: jest.fn(),
     config: jest.fn(),
@@ -484,9 +423,6 @@ async function setup(testName: string): Promise<void> {
     submoduleForeach: jest.fn(),
     submoduleSync: jest.fn(),
     submoduleUpdate: jest.fn(),
-    submoduleStatus: jest.fn(async () => {
-      return true
-    }),
     tagExists: jest.fn(),
     tryClean: jest.fn(async () => {
       return true

__test__/input-helper.test.ts

@@ -79,8 +79,6 @@ describe('input-helper tests', () => {
     expect(settings.clean).toBe(true)
     expect(settings.commit).toBeTruthy()
     expect(settings.commit).toBe('1234567890123456789012345678901234567890')
-    expect(settings.sparseCheckout).toBe(undefined)
-    expect(settings.sparseCheckoutConeMode).toBe(true)
     expect(settings.fetchDepth).toBe(1)
     expect(settings.lfs).toBe(false)
     expect(settings.ref).toBe('refs/heads/some-ref')

__test__/verify-sparse-checkout-non-cone-mode.sh

@@ -1,51 +0,0 @@
-#!/bin/bash
-
-# Verify .git folder
-if [ ! -d "./sparse-checkout-non-cone-mode/.git" ]; then
-  echo "Expected ./sparse-checkout-non-cone-mode/.git folder to exist"
-  exit 1
-fi
-
-# Verify sparse-checkout (non-cone-mode)
-cd sparse-checkout-non-cone-mode
-
-ENABLED=$(git config --local --get-all core.sparseCheckout)
-
-if [ "$?" != "0" ]; then
-    echo "Failed to verify that sparse-checkout is enabled"
-    exit 1
-fi
-
-# Check that sparse-checkout is enabled
-if [ "$ENABLED" != "true" ]; then
-  echo "Expected sparse-checkout to be enabled (is: $ENABLED)"
-  exit 1
-fi
-
-SPARSE_CHECKOUT_FILE=$(git rev-parse --git-path info/sparse-checkout)
-
-if [ "$?" != "0" ]; then
-    echo "Failed to validate sparse-checkout"
-    exit 1
-fi
-
-# Check that sparse-checkout list is not empty
-if [ ! -f "$SPARSE_CHECKOUT_FILE" ]; then
-  echo "Expected sparse-checkout file to exist"
-  exit 1
-fi
-
-# Check that all folders from sparse-checkout exists
-for pattern in $(cat "$SPARSE_CHECKOUT_FILE")
-do
-  if [ ! -d "${pattern#/}" ]; then
-    echo "Expected directory '${pattern#/}' to exist"
-    exit 1
-  fi
-done
-
-# Verify that the root directory is not checked out
-if [ -f README.md ]; then
-  echo "Expected top-level files not to exist"
-  exit 1
-fi

__test__/verify-sparse-checkout.sh

@@ -1,63 +0,0 @@
-#!/bin/bash
-
-# Verify .git folder
-if [ ! -d "./sparse-checkout/.git" ]; then
-  echo "Expected ./sparse-checkout/.git folder to exist"
-  exit 1
-fi
-
-# Verify sparse-checkout
-cd sparse-checkout
-
-SPARSE=$(git sparse-checkout list)
-
-if [ "$?" != "0" ]; then
-    echo "Failed to validate sparse-checkout"
-    exit 1
-fi
-
-# Check that sparse-checkout list is not empty
-if [ -z "$SPARSE" ]; then
-  echo "Expected sparse-checkout list to not be empty"
-  exit 1
-fi
-
-# Check that all folders of the sparse checkout exist
-for pattern in $SPARSE
-do
-  if [ ! -d "$pattern" ]; then
-    echo "Expected directory '$pattern' to exist"
-    exit 1
-  fi
-done
-
-checkSparse () {
-  if [ ! -d "./$1" ]; then
-    echo "Expected directory '$1' to exist"
-    exit 1
-  fi
-
-  for file in $(git ls-tree -r --name-only HEAD $1)
-  do
-    if [ ! -f "$file" ]; then
-      echo "Expected file '$file' to exist"
-      exit 1
-    fi
-  done
-}
-
-# Check that all folders and their children have been checked out
-checkSparse __test__
-checkSparse .github
-checkSparse dist
-
-# Check that only sparse-checkout folders have been checked out
-for pattern in $(git ls-tree --name-only HEAD)
-do
-  if [ -d "$pattern" ]; then
-    if [[ "$pattern" != "__test__" && "$pattern" != ".github" && "$pattern" != "dist" ]]; then
-      echo "Expected directory '$pattern' to not exist"
-      exit 1
-    fi
-  fi
-done

action.yml

@@ -53,15 +53,6 @@ inputs:
   clean:
     description: 'Whether to execute `git clean -ffdx && git reset --hard HEAD` before fetching'
     default: true
-  sparse-checkout:
-    description: >
-      Do a sparse checkout on given patterns.
-      Each pattern should be separated with new lines
-    default: null
-  sparse-checkout-cone-mode:
-    description: >
-      Specifies whether to use cone-mode when doing a sparse checkout.
-    default: true
   fetch-depth:
     description: 'Number of commits to fetch. 0 indicates all history for all branches and tags.'
     default: 1

adrs/0153-checkout-v2.md

@@ -181,7 +181,7 @@ GITHUB_WORKSPACE=/home/runner/work/foo/foo
 RUNNER_WORKSPACE=/home/runner/work/foo
 ```
 
-V2 introduces a new constraint on the checkout path. The location must now be under `github.workspace`. Whereas the checkout@v1 constraint was one level up, under `runner.workspace`.
+V2 introduces a new contraint on the checkout path. The location must now be under `github.workspace`. Whereas the checkout@v1 constraint was one level up, under `runner.workspace`.
 
 V2 no longer changes `github.workspace` to follow wherever the self repo is checked-out.
 
@@ -287,4 +287,4 @@ Note:
 - Update samples to consume `actions/checkout@v2`
 - Job containers now require git in the PATH for checkout, otherwise fallback to REST API
 - Minimum git version 2.18
-- Update problem matcher logic regarding source file verification (runner)
+- Update problem matcher logic regarding source file verification (runner)

package.json

@@ -1,6 +1,6 @@
 {
   "name": "checkout",
-  "version": "3.5.3",
+  "version": "3.1.0",
   "description": "checkout action",
   "main": "lib/main.js",
   "scripts": {
@@ -30,21 +30,21 @@
   "dependencies": {
     "@actions/core": "^1.10.0",
     "@actions/exec": "^1.0.1",
-    "@actions/github": "^5.0.0",
-    "@actions/io": "^1.1.3",
+    "@actions/github": "^2.2.0",
+    "@actions/io": "^1.0.1",
     "@actions/tool-cache": "^1.1.2",
+    "stream": "0.0.2",
     "uuid": "^3.3.3"
   },
   "devDependencies": {
     "@types/jest": "^27.0.2",
     "@types/node": "^12.7.12",
     "@types/uuid": "^3.4.6",
-    "@typescript-eslint/eslint-plugin": "^5.45.0",
-    "@typescript-eslint/parser": "^5.45.0",
-    "@vercel/ncc": "^0.36.1",
+    "@typescript-eslint/parser": "^5.1.0",
+    "@zeit/ncc": "^0.20.5",
     "eslint": "^7.32.0",
     "eslint-plugin-github": "^4.3.2",
-    "eslint-plugin-jest": "^25.7.0",
+    "eslint-plugin-jest": "^25.2.2",
     "jest": "^27.3.0",
     "jest-circus": "^27.3.0",
     "js-yaml": "^3.13.1",

src/git-auth-helper.ts

@@ -20,7 +20,6 @@ export interface IGitAuthHelper {
   configureGlobalAuth(): Promise<void>
   configureSubmoduleAuth(): Promise<void>
   configureTempGlobalConfig(): Promise<string>
-  configureCredentialsHelper(): Promise<void>
   removeAuth(): Promise<void>
   removeGlobalConfig(): Promise<void>
 }
@@ -35,6 +34,7 @@ export function createAuthHelper(
 class GitAuthHelper {
   private readonly git: IGitCommandManager
   private readonly settings: IGitSourceSettings
+  private readonly tokenConfigKey: string
   private readonly tokenConfigValue: string
   private readonly tokenPlaceholderConfigValue: string
   private readonly insteadOfKey: string
@@ -43,7 +43,6 @@ class GitAuthHelper {
   private sshKeyPath = ''
   private sshKnownHostsPath = ''
   private temporaryHomePath = ''
-  private gitConfigPath = ''
 
   constructor(
     gitCommandManager: IGitCommandManager,
@@ -54,6 +53,7 @@ class GitAuthHelper {
 
     // Token auth header
     const serverUrl = urlHelper.getServerUrl(this.settings.githubServerUrl)
+    this.tokenConfigKey = `http.${serverUrl.origin}/.extraheader` // "origin" is SCHEME://HOSTNAME[:PORT]
     const basicCredential = Buffer.from(
       `x-access-token:${this.settings.authToken}`,
       'utf8'
@@ -78,13 +78,10 @@ class GitAuthHelper {
 
     // Configure new values
     await this.configureSsh()
-    await this.configureCredentialsHelper()
+    await this.configureToken()
   }
 
   async configureTempGlobalConfig(): Promise<string> {
-    if (!!this.gitConfigPath) {
-      return this.gitConfigPath
-    }
     // Already setup global config
     if (this.temporaryHomePath?.length > 0) {
       return path.join(this.temporaryHomePath, '.gitconfig')
@@ -101,7 +98,7 @@ class GitAuthHelper {
       process.env['HOME'] || os.homedir(),
       '.gitconfig'
     )
-    this.gitConfigPath = path.join(this.temporaryHomePath, '.gitconfig')
+    const newGitConfigPath = path.join(this.temporaryHomePath, '.gitconfig')
     let configExists = false
     try {
       await fs.promises.stat(gitConfigPath)
@@ -112,10 +109,10 @@ class GitAuthHelper {
       }
     }
     if (configExists) {
-      core.info(`Copying '${gitConfigPath}' to '${this.gitConfigPath}'`)
-      await io.cp(gitConfigPath, this.gitConfigPath)
+      core.info(`Copying '${gitConfigPath}' to '${newGitConfigPath}'`)
+      await io.cp(gitConfigPath, newGitConfigPath)
     } else {
-      await fs.promises.writeFile(this.gitConfigPath, '')
+      await fs.promises.writeFile(newGitConfigPath, '')
     }
 
     // Override HOME
@@ -124,25 +121,7 @@ class GitAuthHelper {
     )
     this.git.setEnvironmentVariable('HOME', this.temporaryHomePath)
 
-    return this.gitConfigPath
-  }
-
-  async configureCredentialsHelper(): Promise<void> {
-    if (this.settings.lfs) {
-      core.info(`lfs disabled, skipping custom credentials helper`)
-      return
-    }
-    const newGitConfigPath = await this.configureTempGlobalConfig()
-
-    const credentialHelper = `
-    [credential]
-      helper = "!f() { echo username=x-access-token; echo password=${this.tokenConfigValue}; };f"
-    `
-
-    core.info(
-      `Configuring git to use a custom credential helper for aut to handle git lfs`
-    )
-    await fs.promises.appendFile(newGitConfigPath, credentialHelper)
+    return newGitConfigPath
   }
 
   async configureGlobalAuth(): Promise<void> {
@@ -150,6 +129,8 @@ class GitAuthHelper {
     const newGitConfigPath = await this.configureTempGlobalConfig()
     try {
       // Configure the token
+      await this.configureToken(newGitConfigPath, true)
+
       // Configure HTTPS instead of SSH
       await this.git.tryConfigUnset(this.insteadOfKey, true)
       if (!this.settings.sshKey) {
@@ -162,6 +143,7 @@ class GitAuthHelper {
       core.info(
         'Encountered an error when attempting to configure token. Attempting unconfigure.'
       )
+      await this.git.tryConfigUnset(this.tokenConfigKey, true)
       throw err
     }
   }
@@ -176,7 +158,7 @@ class GitAuthHelper {
       // refer to https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing
       const output = await this.git.submoduleForeach(
         // wrap the pipeline in quotes to make sure it's handled properly by submoduleForeach, rather than just the first part of the pipeline
-        `sh -c "git config --local --show-origin --name-only --get-regexp remote.origin.url"`,
+        `sh -c "git config --local '${this.tokenConfigKey}' '${this.tokenPlaceholderConfigValue}' && git config --local --show-origin --name-only --get-regexp remote.origin.url"`,
         this.settings.nestedSubmodules
       )
 
@@ -208,6 +190,7 @@ class GitAuthHelper {
 
   async removeAuth(): Promise<void> {
     await this.removeSsh()
+    await this.removeToken()
   }
 
   async removeGlobalConfig(): Promise<void> {
@@ -264,7 +247,7 @@ class GitAuthHelper {
     if (this.settings.sshKnownHosts) {
       knownHosts += `# Begin from input known hosts\n${this.settings.sshKnownHosts}\n# end from input known hosts\n`
     }
-    knownHosts += `# Begin implicitly added github.com\ngithub.com ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCj7ndNxQowgcQnjshcLrqPEiiphnt+VTTvDP6mHBL9j1aNUkY4Ue1gvwnGLVlOhGeYrnZaMgRK6+PKCUXaDbC7qtbW8gIkhL7aGCsOr/C56SJMy/BCZfxd1nWzAOxSDPgVsmerOBYfNqltV9/hWCqBywINIR+5dIg6JTJ72pcEpEjcYgXkE2YEFXV1JHnsKgbLWNlhScqb2UmyRkQyytRLtL+38TGxkxCflmO+5Z8CSSNY7GidjMIZ7Q4zMjA2n1nGrlTDkzwDCsw+wqFPGQA179cnfGWOWRVruj16z6XyvxvjJwbz0wQZ75XK5tKSb7FNyeIEs4TT4jk+S4dhPeAUC5y+bDYirYgM4GC7uEnztnZyaVWQ7B381AK4Qdrwt51ZqExKbQpTUNn+EjqoTwvqNj4kqx5QUCI0ThS/YkOxJCXmPUWZbhjpCg56i+2aB6CmK2JGhn57K5mj0MNdBXA4/WnwH6XoPWJzK5Nyu2zB3nAZp+S5hpQs+p1vN1/wsjk=\n# End implicitly added github.com\n`
+    knownHosts += `# Begin implicitly added github.com\ngithub.com ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==\n# End implicitly added github.com\n`
     this.sshKnownHostsPath = path.join(runnerTemp, `${uniqueId}_known_hosts`)
     stateHelper.setSshKnownHostsPath(this.sshKnownHostsPath)
     await fs.promises.writeFile(this.sshKnownHostsPath, knownHosts)
@@ -289,6 +272,34 @@ class GitAuthHelper {
     }
   }
 
+  private async configureToken(
+    configPath?: string,
+    globalConfig?: boolean
+  ): Promise<void> {
+    // Validate args
+    assert.ok(
+      (configPath && globalConfig) || (!configPath && !globalConfig),
+      'Unexpected configureToken parameter combinations'
+    )
+
+    // Default config path
+    if (!configPath && !globalConfig) {
+      configPath = path.join(this.git.getWorkingDirectory(), '.git', 'config')
+    }
+
+    // Configure a placeholder value. This approach avoids the credential being captured
+    // by process creation audit events, which are commonly logged. For more information,
+    // refer to https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing
+    await this.git.config(
+      this.tokenConfigKey,
+      this.tokenPlaceholderConfigValue,
+      globalConfig
+    )
+
+    // Replace the placeholder
+    await this.replaceTokenPlaceholder(configPath || '')
+  }
+
   private async replaceTokenPlaceholder(configPath: string): Promise<void> {
     assert.ok(configPath, 'configPath is not defined')
     let content = (await fs.promises.readFile(configPath)).toString()
@@ -334,6 +345,11 @@ class GitAuthHelper {
     await this.removeGitConfig(SSH_COMMAND_KEY)
   }
 
+  private async removeToken(): Promise<void> {
+    // HTTP extra header
+    await this.removeGitConfig(this.tokenConfigKey)
+  }
+
   private async removeGitConfig(
     configKey: string,
     submoduleOnly: boolean = false

src/git-command-manager.ts

@@ -1,6 +1,5 @@
 import * as core from '@actions/core'
 import * as exec from '@actions/exec'
-import * as fs from 'fs'
 import * as fshelper from './fs-helper'
 import * as io from '@actions/io'
 import * as path from 'path'
@@ -8,6 +7,7 @@ import * as refHelper from './ref-helper'
 import * as regexpHelper from './regexp-helper'
 import * as retryHelper from './retry-helper'
 import {GitVersion} from './git-version'
+import stream, {Writable} from 'stream'
 
 // Auth header not supported before 2.9
 // Wire protocol v2 not supported before 2.18
@@ -17,8 +17,6 @@ export interface IGitCommandManager {
   branchDelete(remote: boolean, branch: string): Promise<void>
   branchExists(remote: boolean, pattern: string): Promise<boolean>
   branchList(remote: boolean): Promise<string[]>
-  sparseCheckout(sparseCheckout: string[]): Promise<void>
-  sparseCheckoutNonConeMode(sparseCheckout: string[]): Promise<void>
   checkout(ref: string, startPoint: string): Promise<void>
   checkoutDetach(): Promise<void>
   config(
@@ -28,13 +26,7 @@ export interface IGitCommandManager {
     add?: boolean
   ): Promise<void>
   configExists(configKey: string, globalConfig?: boolean): Promise<boolean>
-  fetch(
-    refSpec: string[],
-    options: {
-      filter?: string
-      fetchDepth?: number
-    }
-  ): Promise<void>
+  fetch(refSpec: string[], fetchDepth?: number): Promise<void>
   getDefaultBranch(repositoryUrl: string): Promise<string>
   getWorkingDirectory(): string
   init(): Promise<void>
@@ -50,7 +42,6 @@ export interface IGitCommandManager {
   submoduleForeach(command: string, recursive: boolean): Promise<string>
   submoduleSync(recursive: boolean): Promise<void>
   submoduleUpdate(fetchDepth: number, recursive: boolean): Promise<void>
-  submoduleStatus(): Promise<boolean>
   tagExists(pattern: string): Promise<boolean>
   tryClean(): Promise<boolean>
   tryConfigUnset(configKey: string, globalConfig?: boolean): Promise<boolean>
@@ -61,14 +52,9 @@ export interface IGitCommandManager {
 
 export async function createCommandManager(
   workingDirectory: string,
-  lfs: boolean,
-  doSparseCheckout: boolean
+  lfs: boolean
 ): Promise<IGitCommandManager> {
-  return await GitCommandManager.createCommandManager(
-    workingDirectory,
-    lfs,
-    doSparseCheckout
-  )
+  return await GitCommandManager.createCommandManager(workingDirectory, lfs)
 }
 
 class GitCommandManager {
@@ -78,7 +64,6 @@ class GitCommandManager {
   }
   private gitPath = ''
   private lfs = false
-  private doSparseCheckout = false
   private workingDirectory = ''
 
   // Private constructor; use createCommandManager()
@@ -107,14 +92,12 @@ class GitCommandManager {
 
   async branchList(remote: boolean): Promise<string[]> {
     const result: string[] = []
+    const stderr: string[] = []
 
     // Note, this implementation uses "rev-parse --symbolic-full-name" because the output from
     // "branch --list" is more difficult when in a detached HEAD state.
-
-    // TODO(https://github.com/actions/checkout/issues/786): this implementation uses
-    // "rev-parse --symbolic-full-name" because there is a bug
-    // in Git 2.18 that causes "rev-parse --symbolic" to output symbolic full names. When
-    // 2.18 is no longer supported, we can switch back to --symbolic.
+    // Note, this implementation uses "rev-parse --symbolic-full-name" because there is a bug
+    // in Git 2.18 that causes "rev-parse --symbolic" to output symbolic full names.
 
     const args = ['rev-parse', '--symbolic-full-name']
     if (remote) {
@@ -123,73 +106,32 @@ class GitCommandManager {
       args.push('--branches')
     }
 
-    const stderr: string[] = []
-    const errline: string[] = []
-    const stdout: string[] = []
-    const stdline: string[] = []
-
     const listeners = {
       stderr: (data: Buffer) => {
         stderr.push(data.toString())
       },
-      errline: (data: Buffer) => {
-        errline.push(data.toString())
-      },
-      stdout: (data: Buffer) => {
-        stdout.push(data.toString())
-      },
-      stdline: (data: Buffer) => {
-        stdline.push(data.toString())
+      errline: (line: string) => {
+        stderr.push(line)
       }
     }
+    const output = await this.execGit(args, false, false, listeners)
 
-    // Suppress the output in order to avoid flooding annotations with innocuous errors.
-    await this.execGit(args, false, true, listeners)
-
-    core.debug(`stderr callback is: ${stderr}`)
-    core.debug(`errline callback is: ${errline}`)
-    core.debug(`stdout callback is: ${stdout}`)
-    core.debug(`stdline callback is: ${stdline}`)
-
-    for (let branch of stdline) {
+    for (let branch of output.stdout.trim().split('\n')) {
       branch = branch.trim()
-      if (!branch) {
-        continue
-      }
+      if (branch) {
+        if (branch.startsWith('refs/heads/')) {
+          branch = branch.substr('refs/heads/'.length)
+        } else if (branch.startsWith('refs/remotes/')) {
+          branch = branch.substr('refs/remotes/'.length)
+        }
 
-      if (branch.startsWith('refs/heads/')) {
-        branch = branch.substring('refs/heads/'.length)
-      } else if (branch.startsWith('refs/remotes/')) {
-        branch = branch.substring('refs/remotes/'.length)
+        result.push(branch)
       }
-
-      result.push(branch)
     }
-
+    core.info(stderr.join('\n'))
     return result
   }
 
-  async sparseCheckout(sparseCheckout: string[]): Promise<void> {
-    await this.execGit(['sparse-checkout', 'set', ...sparseCheckout])
-  }
-
-  async sparseCheckoutNonConeMode(sparseCheckout: string[]): Promise<void> {
-    await this.execGit(['config', 'core.sparseCheckout', 'true'])
-    const output = await this.execGit([
-      'rev-parse',
-      '--git-path',
-      'info/sparse-checkout'
-    ])
-    const sparseCheckoutPath = path.join(
-      this.workingDirectory,
-      output.stdout.trimRight()
-    )
-    await fs.promises.appendFile(
-      sparseCheckoutPath,
-      `\n${sparseCheckout.join('\n')}\n`
-    )
-  }
-
   async checkout(ref: string, startPoint: string): Promise<void> {
     const args = ['checkout', '--progress', '--force']
     if (startPoint) {
@@ -238,23 +180,15 @@ class GitCommandManager {
     return output.exitCode === 0
   }
 
-  async fetch(
-    refSpec: string[],
-    options: {filter?: string; fetchDepth?: number}
-  ): Promise<void> {
+  async fetch(refSpec: string[], fetchDepth?: number): Promise<void> {
     const args = ['-c', 'protocol.version=2', 'fetch']
     if (!refSpec.some(x => x === refHelper.tagsRefSpec)) {
       args.push('--no-tags')
     }
 
     args.push('--prune', '--progress', '--no-recurse-submodules')
-
-    if (options.filter) {
-      args.push(`--filter=${options.filter}`)
-    }
-
-    if (options.fetchDepth && options.fetchDepth > 0) {
-      args.push(`--depth=${options.fetchDepth}`)
+    if (fetchDepth && fetchDepth > 0) {
+      args.push(`--depth=${fetchDepth}`)
     } else if (
       fshelper.fileExistsSync(
         path.join(this.workingDirectory, '.git', 'shallow')
@@ -402,12 +336,6 @@ class GitCommandManager {
     await this.execGit(args)
   }
 
-  async submoduleStatus(): Promise<boolean> {
-    const output = await this.execGit(['submodule', 'status'], true)
-    core.debug(output.stdout)
-    return output.exitCode === 0
-  }
-
   async tagExists(pattern: string): Promise<boolean> {
     const output = await this.execGit(['tag', '--list', pattern])
     return !!output.stdout.trim()
@@ -467,15 +395,10 @@ class GitCommandManager {
 
   static async createCommandManager(
     workingDirectory: string,
-    lfs: boolean,
-    doSparseCheckout: boolean
+    lfs: boolean
   ): Promise<GitCommandManager> {
     const result = new GitCommandManager()
-    await result.initializeCommandManager(
-      workingDirectory,
-      lfs,
-      doSparseCheckout
-    )
+    await result.initializeCommandManager(workingDirectory, lfs)
     return result
   }
 
@@ -496,37 +419,51 @@ class GitCommandManager {
     for (const key of Object.keys(this.gitEnv)) {
       env[key] = this.gitEnv[key]
     }
-
     const defaultListener = {
       stdout: (data: Buffer) => {
         stdout.push(data.toString())
       }
     }
-
-    const mergedListeners = {...defaultListener, ...customListeners}
-
+    // const listeners = Object.keys(customListeners) < 0 ? customListeners : {stdout: (data: Buffer) => {
+    //   stdout.push(data.toString())
+    // }}
+    const listenersD = {...customListeners, ...defaultListener}
     const stdout: string[] = []
+    // let temp = ''
+    // let temp2 = ''
     const options = {
       cwd: this.workingDirectory,
       env,
       silent,
       ignoreReturnCode: allowAllExitCodes,
-      listeners: mergedListeners
+      listeners: listenersD
+      // ,
+      // errStream: new stream.Writable({
+      //   write(chunk, _, next) {
+      //     temp += chunk.toString()
+      //     next()
+      //   }
+      // }),
+
+      // outStream: new stream.Writable({
+      //   write(chunk, _, next) {
+      //     temp2 += chunk.toString()
+      //     next()
+      //   }
+      // })
     }
 
     result.exitCode = await exec.exec(`"${this.gitPath}"`, args, options)
     result.stdout = stdout.join('')
-
-    core.debug(result.exitCode.toString())
-    core.debug(result.stdout)
-
+    // core.info(temp.length.toString())
+    // core.info(temp2.length.toString())
+    core.info(result.stdout)
     return result
   }
 
   private async initializeCommandManager(
     workingDirectory: string,
-    lfs: boolean,
-    doSparseCheckout: boolean
+    lfs: boolean
   ): Promise<void> {
     this.workingDirectory = workingDirectory
 
@@ -589,16 +526,6 @@ class GitCommandManager {
       }
     }
 
-    this.doSparseCheckout = doSparseCheckout
-    if (this.doSparseCheckout) {
-      // The `git sparse-checkout` command was introduced in Git v2.25.0
-      const minimumGitSparseCheckoutVersion = new GitVersion('2.25')
-      if (!gitVersion.checkMinimum(minimumGitSparseCheckoutVersion)) {
-        throw new Error(
-          `Minimum Git version required for sparse checkout is ${minimumGitSparseCheckoutVersion}. Your git ('${this.gitPath}') is ${gitVersion}`
-        )
-      }
-    }
     // Set the user agent
     const gitHttpUserAgent = `git/${gitVersion} (github-actions-checkout)`
     core.debug(`Set git useragent to: ${gitHttpUserAgent}`)

src/git-directory-helper.ts

@@ -81,18 +81,12 @@ export async function prepareExistingDirectory(
       }
       core.endGroup()
 
-      // Check for submodules and delete any existing files if submodules are present
-      if (!(await git.submoduleStatus())) {
-        remove = true
-        core.info('Bad Submodules found, removing existing files')
-      }
-
       // Clean
       if (clean) {
         core.startGroup('Cleaning the repository')
         if (!(await git.tryClean())) {
           core.debug(
-            `The clean command failed. This might be caused by: 1) path too long, 2) permission issue, or 3) file in use. For further investigation, manually run 'git clean -ffdx' on the directory '${repositoryPath}'.`
+            `The clean command failed. This might be caused by: 1) path too long, 2) permission issue, or 3) file in use. For futher investigation, manually run 'git clean -ffdx' on the directory '${repositoryPath}'.`
           )
           remove = true
         } else if (!(await git.tryReset())) {

src/git-source-provider.ts

@@ -153,26 +153,23 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
 
     // Fetch
     core.startGroup('Fetching the repository')
-    const fetchOptions: {filter?: string; fetchDepth?: number} = {}
-    if (settings.sparseCheckout) fetchOptions.filter = 'blob:none'
     if (settings.fetchDepth <= 0) {
       // Fetch all branches and tags
       let refSpec = refHelper.getRefSpecForAllHistory(
         settings.ref,
         settings.commit
       )
-      await git.fetch(refSpec, fetchOptions)
+      await git.fetch(refSpec)
 
       // When all history is fetched, the ref we're interested in may have moved to a different
       // commit (push or force push). If so, fetch again with a targeted refspec.
       if (!(await refHelper.testRef(git, settings.ref, settings.commit))) {
         refSpec = refHelper.getRefSpec(settings.ref, settings.commit)
-        await git.fetch(refSpec, fetchOptions)
+        await git.fetch(refSpec)
       }
     } else {
-      fetchOptions.fetchDepth = settings.fetchDepth
       const refSpec = refHelper.getRefSpec(settings.ref, settings.commit)
-      await git.fetch(refSpec, fetchOptions)
+      await git.fetch(refSpec, settings.fetchDepth)
     }
     core.endGroup()
 
@@ -188,24 +185,12 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
     // LFS fetch
     // Explicit lfs-fetch to avoid slow checkout (fetches one lfs object at a time).
     // Explicit lfs fetch will fetch lfs objects in parallel.
-    // For sparse checkouts, let `checkout` fetch the needed objects lazily.
-    if (settings.lfs && !settings.sparseCheckout) {
+    if (settings.lfs) {
       core.startGroup('Fetching LFS objects')
       await git.lfsFetch(checkoutInfo.startPoint || checkoutInfo.ref)
       core.endGroup()
     }
 
-    // Sparse checkout
-    if (settings.sparseCheckout) {
-      core.startGroup('Setting up sparse checkout')
-      if (settings.sparseCheckoutConeMode) {
-        await git.sparseCheckout(settings.sparseCheckout)
-      } else {
-        await git.sparseCheckoutNonConeMode(settings.sparseCheckout)
-      }
-      core.endGroup()
-    }
-
     // Checkout
     core.startGroup('Checking out the ref')
     await git.checkout(checkoutInfo.ref, checkoutInfo.startPoint)
@@ -276,11 +261,7 @@ export async function cleanup(repositoryPath: string): Promise<void> {
 
   let git: IGitCommandManager
   try {
-    git = await gitCommandManager.createCommandManager(
-      repositoryPath,
-      false,
-      false
-    )
+    git = await gitCommandManager.createCommandManager(repositoryPath, false)
   } catch {
     return
   }
@@ -316,8 +297,7 @@ async function getGitCommandManager(
   try {
     return await gitCommandManager.createCommandManager(
       settings.repositoryPath,
-      settings.lfs,
-      settings.sparseCheckout != null
+      settings.lfs
     )
   } catch (err) {
     // Git is required for LFS

src/git-source-settings.ts

@@ -29,16 +29,6 @@ export interface IGitSourceSettings {
    */
   clean: boolean
 
-  /**
-   * The array of folders to make the sparse checkout
-   */
-  sparseCheckout: string[]
-
-  /**
-   * Indicates whether to use cone mode in the sparse checkout (if any)
-   */
-  sparseCheckoutConeMode: boolean
-
   /**
    * The depth when fetching
    */

src/github-api-helper.ts

@@ -1,13 +1,12 @@
 import * as assert from 'assert'
 import * as core from '@actions/core'
 import * as fs from 'fs'
-import * as github from '@actions/github'
 import * as io from '@actions/io'
 import * as path from 'path'
 import * as retryHelper from './retry-helper'
 import * as toolCache from '@actions/tool-cache'
 import {default as uuid} from 'uuid/v4'
-import {getServerApiUrl} from './url-helper'
+import {getOctokit, Octokit} from './octokit-provider'
 
 const IS_WINDOWS = process.platform === 'win32'
 
@@ -85,13 +84,11 @@ export async function getDefaultBranch(
 ): Promise<string> {
   return await retryHelper.execute(async () => {
     core.info('Retrieving the default branch name')
-    const octokit = github.getOctokit(authToken, {
-      baseUrl: getServerApiUrl(baseUrl)
-    })
+    const octokit = getOctokit(authToken, {baseUrl: baseUrl})
     let result: string
     try {
       // Get the default branch from the repo info
-      const response = await octokit.rest.repos.get({owner, repo})
+      const response = await octokit.repos.get({owner, repo})
       result = response.data.default_branch
       assert.ok(result, 'default_branch cannot be empty')
     } catch (err) {
@@ -128,16 +125,19 @@ async function downloadArchive(
   commit: string,
   baseUrl?: string
 ): Promise<Buffer> {
-  const octokit = github.getOctokit(authToken, {
-    baseUrl: getServerApiUrl(baseUrl)
-  })
-  const download = IS_WINDOWS
-    ? octokit.rest.repos.downloadZipballArchive
-    : octokit.rest.repos.downloadTarballArchive
-  const response = await download({
+  const octokit = getOctokit(authToken, {baseUrl: baseUrl})
+  const params: Octokit.ReposGetArchiveLinkParams = {
     owner: owner,
     repo: repo,
+    archive_format: IS_WINDOWS ? 'zipball' : 'tarball',
     ref: commit || ref
-  })
-  return Buffer.from(response.data as ArrayBuffer) // response.data is ArrayBuffer
+  }
+  const response = await octokit.repos.getArchiveLink(params)
+  if (response.status != 200) {
+    throw new Error(
+      `Unexpected response from GitHub API. Status: ${response.status}, Data: ${response.data}`
+    )
+  }
+
+  return Buffer.from(response.data) // response.data is ArrayBuffer
 }

src/input-helper.ts

@@ -82,17 +82,6 @@ export async function getInputs(): Promise<IGitSourceSettings> {
   result.clean = (core.getInput('clean') || 'true').toUpperCase() === 'TRUE'
   core.debug(`clean = ${result.clean}`)
 
-  // Sparse checkout
-  const sparseCheckout = core.getMultilineInput('sparse-checkout')
-  if (sparseCheckout.length) {
-    result.sparseCheckout = sparseCheckout
-    core.debug(`sparse checkout = ${result.sparseCheckout}`)
-  }
-
-  result.sparseCheckoutConeMode =
-    (core.getInput('sparse-checkout-cone-mode') || 'true').toUpperCase() ===
-    'TRUE'
-
   // Fetch depth
   result.fetchDepth = Math.floor(Number(core.getInput('fetch-depth') || '1'))
   if (isNaN(result.fetchDepth) || result.fetchDepth < 0) {

src/octokit-provider.ts

@@ -0,0 +1,23 @@
+import * as github from '@actions/github'
+import {Octokit} from '@octokit/rest'
+import {getServerApiUrl} from './url-helper'
+
+// Centralize all Octokit references by re-exporting
+export {Octokit} from '@octokit/rest'
+
+export type OctokitOptions = {
+  baseUrl?: string
+  userAgent?: string
+}
+
+export function getOctokit(authToken: string, opts: OctokitOptions) {
+  const options: Octokit.Options = {
+    baseUrl: getServerApiUrl(opts.baseUrl)
+  }
+
+  if (opts.userAgent) {
+    options.userAgent = opts.userAgent
+  }
+
+  return new github.GitHub(authToken, options)
+}

src/ref-helper.ts

@@ -1,7 +1,8 @@
 import {IGitCommandManager} from './git-command-manager'
 import * as core from '@actions/core'
 import * as github from '@actions/github'
-import {getServerApiUrl, isGhes} from './url-helper'
+import {getOctokit} from './octokit-provider'
+import {isGhes} from './url-helper'
 
 export const tagsRefSpec = '+refs/tags/*:refs/tags/*'
 
@@ -244,18 +245,15 @@ export async function checkCommitInfo(
       core.debug(
         `Expected head sha ${expectedHeadSha}; actual head sha ${actualHeadSha}`
       )
-      const octokit = github.getOctokit(token, {
-        baseUrl: getServerApiUrl(baseUrl),
+      const octokit = getOctokit(token, {
+        baseUrl: baseUrl,
         userAgent: `actions-checkout-tracepoint/1.0 (code=STALE_MERGE;owner=${repositoryOwner};repo=${repositoryName};pr=${fromPayload(
           'number'
         )};run_id=${
           process.env['GITHUB_RUN_ID']
         };expected_head_sha=${expectedHeadSha};actual_head_sha=${actualHeadSha})`
       })
-      await octokit.rest.repos.get({
-        owner: repositoryOwner,
-        repo: repositoryName
-      })
+      await octokit.repos.get({owner: repositoryOwner, repo: repositoryName})
     }
   } catch (err) {
     core.debug(

src/state-helper.ts

@@ -47,7 +47,7 @@ export function setSshKnownHostsPath(sshKnownHostsPath: string) {
 }
 
 /**
- * Save the set-safe-directory input so the POST action can retrieve the value.
+ * Save the sef-safe-directory input so the POST action can retrieve the value.
  */
 export function setSafeDirectory() {
   core.saveState('setSafeDirectory', 'true')