From 1ab1fa831668128f3d09a03fa41fd76cd18e9c7f Mon Sep 17 00:00:00 2001 From: Boshen Date: Fri, 24 Apr 2026 11:05:56 +0800 Subject: [PATCH 1/2] ci: replace actions/checkout with taiki-e/checkout-action --- .github/actions/clone/action.yml | 28 +++++++++++-------- .github/workflows/ci.yml | 18 ++++++------ .github/workflows/claude.yml | 10 ++++--- .github/workflows/deny.yml | 17 +++++------ .github/workflows/e2e-test.yml | 8 +++--- .github/workflows/release.yml | 12 ++++---- .github/workflows/test-standalone-install.yml | 24 ++++++++-------- .github/workflows/test-vp-create.yml | 8 +++--- .github/workflows/upgrade-deps.yml | 4 +-- .github/workflows/zizmor.yml | 11 +++++--- 10 files changed, 74 insertions(+), 66 deletions(-) diff --git a/.github/actions/clone/action.yml b/.github/actions/clone/action.yml index c10333217d..fe561d516d 100644 --- a/.github/actions/clone/action.yml +++ b/.github/actions/clone/action.yml @@ -31,17 +31,23 @@ runs: node -e "console.log('ECOSYSTEM_CI_PROJECT_REPOSITORY=' + require('./ecosystem-ci/repo.json')['${{ inputs.ecosystem-ci-project }}'].repository.replace('https://github.com/', '').replace('.git', ''))" >> $GITHUB_OUTPUT echo "ECOSYSTEM_CI_PROJECT_PATH=${{ runner.temp }}/vite-plus-ecosystem-ci/${{ inputs.ecosystem-ci-project }}" >> $GITHUB_OUTPUT - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - repository: rolldown/rolldown - path: rolldown - ref: ${{ steps.upstream-versions.outputs.ROLLDOWN_HASH }} - - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - repository: vitejs/vite - path: vite - ref: ${{ steps.upstream-versions.outputs.ROLLDOWN_VITE_HASH }} + - name: Clone rolldown + shell: bash + run: | + git init rolldown + git -C rolldown remote add origin https://github.com/rolldown/rolldown + git -C rolldown config --local gc.auto 0 + git -C rolldown fetch --no-tags --depth=1 origin "${{ steps.upstream-versions.outputs.ROLLDOWN_HASH }}" + git -C rolldown checkout --force FETCH_HEAD + + - name: Clone vite + shell: bash + run: | + git init vite + git -C vite remote add origin https://github.com/vitejs/vite + git -C vite config --local gc.auto 0 + git -C vite fetch --no-tags --depth=1 origin "${{ steps.upstream-versions.outputs.ROLLDOWN_VITE_HASH }}" + git -C vite checkout --force FETCH_HEAD # Disable autocrlf to preserve LF line endings on Windows # This prevents prettier/eslint from failing with "Delete ␍" errors diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index dabae30715..17af2ee299 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,7 +44,7 @@ jobs: outputs: code-changed: ${{ steps.filter.outputs.code }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 id: filter with: @@ -60,7 +60,7 @@ jobs: contents: read packages: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/download-rolldown-binaries with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -80,7 +80,7 @@ jobs: target: aarch64-apple-darwin runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - name: Setup Dev Drive @@ -133,7 +133,7 @@ jobs: shell: sh {0} run: apk add --no-cache bash curl git musl-dev gcc g++ python3 cmake make - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - name: Install rustup @@ -159,7 +159,7 @@ jobs: name: Lint runs-on: namespace-profile-linux-x64-default steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - uses: oxc-project/setup-rust@23f38cfb0c04af97a055f76acee94d5be71c7c82 # v1.0.16 @@ -206,7 +206,7 @@ jobs: target: x86_64-pc-windows-msvc runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - name: Setup Dev Drive @@ -640,7 +640,7 @@ jobs: shardTotal: 3 runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - name: Setup Dev Drive @@ -698,7 +698,7 @@ jobs: - download-previous-rolldown-binaries runs-on: namespace-profile-linux-x64-default steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - uses: oxc-project/setup-rust@23f38cfb0c04af97a055f76acee94d5be71c7c82 # v1.0.16 @@ -777,7 +777,7 @@ jobs: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'test: install-e2e') steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - uses: oxc-project/setup-rust@23f38cfb0c04af97a055f76acee94d5be71c7c82 # v1.0.16 diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 042c816b06..0b1ee3782d 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -14,10 +14,12 @@ jobs: id-token: write steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - fetch-depth: 100 - persist-credentials: true + uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 + + - name: Deepen history for issue analysis + if: ${{ startsWith(github.ref, 'refs/heads/') }} + shell: bash + run: git fetch --depth=100 --no-tags origin "${GITHUB_REF_NAME}" - name: Run Claude Code id: claude diff --git a/.github/workflows/deny.yml b/.github/workflows/deny.yml index cd551f041c..dd7588cb39 100644 --- a/.github/workflows/deny.yml +++ b/.github/workflows/deny.yml @@ -27,19 +27,20 @@ jobs: name: Cargo Deny runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Output rolldown hash id: upstream-versions run: node -e "console.log('ROLLDOWN_HASH=' + require('./packages/tools/.upstream-versions.json').rolldown.hash)" >> $GITHUB_OUTPUT - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - repository: rolldown/rolldown - path: rolldown - ref: ${{ steps.upstream-versions.outputs.ROLLDOWN_HASH }} + - name: Clone rolldown + shell: bash + run: | + git init rolldown + git -C rolldown remote add origin https://github.com/rolldown/rolldown + git -C rolldown config --local gc.auto 0 + git -C rolldown fetch --no-tags --depth=1 origin "${{ steps.upstream-versions.outputs.ROLLDOWN_HASH }}" + git -C rolldown checkout --force FETCH_HEAD - uses: oxc-project/setup-rust@23f38cfb0c04af97a055f76acee94d5be71c7c82 # v1.0.16 with: diff --git a/.github/workflows/e2e-test.yml b/.github/workflows/e2e-test.yml index 2d98699699..6c0fd944e3 100644 --- a/.github/workflows/e2e-test.yml +++ b/.github/workflows/e2e-test.yml @@ -32,7 +32,7 @@ jobs: outputs: related-files-changed: ${{ steps.filter.outputs.related-files }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 id: filter with: @@ -55,7 +55,7 @@ jobs: contents: read packages: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/download-rolldown-binaries with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -77,7 +77,7 @@ jobs: - os: windows-latest target: x86_64-pc-windows-msvc steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone # Disable Windows Defender real-time scanning to speed up I/O-heavy builds (~30-50% faster) @@ -350,7 +350,7 @@ jobs: name: varlet steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone with: ecosystem-ci-project: ${{ matrix.project.name }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 76eae4b687..cebb074ec5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,10 +32,10 @@ jobs: outputs: version: ${{ steps.version.outputs.version }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - fetch-depth: 0 - fetch-tags: true + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 + + - name: Fetch full history and tags + run: git fetch --force --tags --prune --unshallow origin - uses: ./.github/actions/set-snapshot-version if: ${{ inputs.version == '' }} id: computed @@ -74,7 +74,7 @@ jobs: - target: aarch64-pc-windows-msvc os: windows-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - uses: oxc-project/setup-rust@23f38cfb0c04af97a055f76acee94d5be71c7c82 # v1.0.16 with: @@ -187,7 +187,7 @@ jobs: env: VERSION: ${{ needs.prepare.outputs.version }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0 diff --git a/.github/workflows/test-standalone-install.yml b/.github/workflows/test-standalone-install.yml index c8bf0b4bbd..4f60f15826 100644 --- a/.github/workflows/test-standalone-install.yml +++ b/.github/workflows/test-standalone-install.yml @@ -40,7 +40,7 @@ jobs: - os: macos-latest name: macOS ARM64 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Run install.sh run: cat packages/cli/install.sh | bash @@ -122,7 +122,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Make shell config files read-only run: | @@ -157,7 +157,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Set up QEMU uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 @@ -221,7 +221,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Run install.sh in Alpine container run: | @@ -274,7 +274,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Set up QEMU uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 @@ -333,7 +333,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Assert PowerShell 5.x shell: powershell @@ -415,7 +415,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Run install.ps1 shell: pwsh @@ -482,7 +482,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Install PowerShell 7.6 shell: pwsh @@ -562,9 +562,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Verify minimumReleaseAge blocks non-interactive install shell: powershell @@ -642,7 +640,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - name: Run install.ps1 shell: pwsh @@ -795,7 +793,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - name: Setup Dev Drive diff --git a/.github/workflows/test-vp-create.yml b/.github/workflows/test-vp-create.yml index 24c53cff81..53e3e53a5f 100644 --- a/.github/workflows/test-vp-create.yml +++ b/.github/workflows/test-vp-create.yml @@ -32,7 +32,7 @@ jobs: outputs: related-files-changed: ${{ steps.filter.outputs.related-files }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 id: filter with: @@ -55,7 +55,7 @@ jobs: contents: read packages: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/download-rolldown-binaries with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -69,7 +69,7 @@ jobs: needs: - download-previous-rolldown-binaries steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - uses: oxc-project/setup-rust@23f38cfb0c04af97a055f76acee94d5be71c7c82 # v1.0.16 @@ -158,7 +158,7 @@ jobs: # vite-plus dep gets overridden with the local tgz VP_FORCE_MIGRATE: '1' steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: diff --git a/.github/workflows/upgrade-deps.yml b/.github/workflows/upgrade-deps.yml index 4e583616ca..20bb4790bc 100644 --- a/.github/workflows/upgrade-deps.yml +++ b/.github/workflows/upgrade-deps.yml @@ -15,9 +15,7 @@ jobs: actions: read id-token: write steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false + - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - uses: ./.github/actions/clone - name: Set up metadata directory diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index c7c603d530..9652c2e22c 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -23,10 +23,13 @@ jobs: security-events: write steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - persist-credentials: false - submodules: true + uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 + + - name: Update submodules + run: | + if [ -f .gitmodules ]; then + git submodule update --init --recursive + fi - uses: taiki-e/install-action@ae97ff9daf1cd2e216671a047d80ff48461e30bb # v2.49.1 with: From 2851aadacc596c49703c842b6a4833f126dfb05d Mon Sep 17 00:00:00 2001 From: Boshen Date: Fri, 24 Apr 2026 11:17:43 +0800 Subject: [PATCH 2/2] ci: keep non-default checkout usage on actions/checkout --- .github/actions/clone/action.yml | 28 ++++++++----------- .github/workflows/claude.yml | 10 +++---- .github/workflows/deny.yml | 17 ++++++----- .github/workflows/release.yml | 8 +++--- .github/workflows/test-standalone-install.yml | 4 ++- .github/workflows/upgrade-deps.yml | 4 ++- .github/workflows/zizmor.yml | 11 +++----- 7 files changed, 37 insertions(+), 45 deletions(-) diff --git a/.github/actions/clone/action.yml b/.github/actions/clone/action.yml index fe561d516d..c10333217d 100644 --- a/.github/actions/clone/action.yml +++ b/.github/actions/clone/action.yml @@ -31,23 +31,17 @@ runs: node -e "console.log('ECOSYSTEM_CI_PROJECT_REPOSITORY=' + require('./ecosystem-ci/repo.json')['${{ inputs.ecosystem-ci-project }}'].repository.replace('https://github.com/', '').replace('.git', ''))" >> $GITHUB_OUTPUT echo "ECOSYSTEM_CI_PROJECT_PATH=${{ runner.temp }}/vite-plus-ecosystem-ci/${{ inputs.ecosystem-ci-project }}" >> $GITHUB_OUTPUT - - name: Clone rolldown - shell: bash - run: | - git init rolldown - git -C rolldown remote add origin https://github.com/rolldown/rolldown - git -C rolldown config --local gc.auto 0 - git -C rolldown fetch --no-tags --depth=1 origin "${{ steps.upstream-versions.outputs.ROLLDOWN_HASH }}" - git -C rolldown checkout --force FETCH_HEAD - - - name: Clone vite - shell: bash - run: | - git init vite - git -C vite remote add origin https://github.com/vitejs/vite - git -C vite config --local gc.auto 0 - git -C vite fetch --no-tags --depth=1 origin "${{ steps.upstream-versions.outputs.ROLLDOWN_VITE_HASH }}" - git -C vite checkout --force FETCH_HEAD + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + repository: rolldown/rolldown + path: rolldown + ref: ${{ steps.upstream-versions.outputs.ROLLDOWN_HASH }} + + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + repository: vitejs/vite + path: vite + ref: ${{ steps.upstream-versions.outputs.ROLLDOWN_VITE_HASH }} # Disable autocrlf to preserve LF line endings on Windows # This prevents prettier/eslint from failing with "Delete ␍" errors diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 0b1ee3782d..042c816b06 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -14,12 +14,10 @@ jobs: id-token: write steps: - name: Checkout repository - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - - - name: Deepen history for issue analysis - if: ${{ startsWith(github.ref, 'refs/heads/') }} - shell: bash - run: git fetch --depth=100 --no-tags origin "${GITHUB_REF_NAME}" + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + fetch-depth: 100 + persist-credentials: true - name: Run Claude Code id: claude diff --git a/.github/workflows/deny.yml b/.github/workflows/deny.yml index dd7588cb39..cd551f041c 100644 --- a/.github/workflows/deny.yml +++ b/.github/workflows/deny.yml @@ -27,20 +27,19 @@ jobs: name: Cargo Deny runs-on: ubuntu-latest steps: - - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false - name: Output rolldown hash id: upstream-versions run: node -e "console.log('ROLLDOWN_HASH=' + require('./packages/tools/.upstream-versions.json').rolldown.hash)" >> $GITHUB_OUTPUT - - name: Clone rolldown - shell: bash - run: | - git init rolldown - git -C rolldown remote add origin https://github.com/rolldown/rolldown - git -C rolldown config --local gc.auto 0 - git -C rolldown fetch --no-tags --depth=1 origin "${{ steps.upstream-versions.outputs.ROLLDOWN_HASH }}" - git -C rolldown checkout --force FETCH_HEAD + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + repository: rolldown/rolldown + path: rolldown + ref: ${{ steps.upstream-versions.outputs.ROLLDOWN_HASH }} - uses: oxc-project/setup-rust@23f38cfb0c04af97a055f76acee94d5be71c7c82 # v1.0.16 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cebb074ec5..40b044c331 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,10 +32,10 @@ jobs: outputs: version: ${{ steps.version.outputs.version }} steps: - - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - - - name: Fetch full history and tags - run: git fetch --force --tags --prune --unshallow origin + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + fetch-depth: 0 + fetch-tags: true - uses: ./.github/actions/set-snapshot-version if: ${{ inputs.version == '' }} id: computed diff --git a/.github/workflows/test-standalone-install.yml b/.github/workflows/test-standalone-install.yml index 4f60f15826..d48c9a926c 100644 --- a/.github/workflows/test-standalone-install.yml +++ b/.github/workflows/test-standalone-install.yml @@ -562,7 +562,9 @@ jobs: permissions: contents: read steps: - - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false - name: Verify minimumReleaseAge blocks non-interactive install shell: powershell diff --git a/.github/workflows/upgrade-deps.yml b/.github/workflows/upgrade-deps.yml index 20bb4790bc..4e583616ca 100644 --- a/.github/workflows/upgrade-deps.yml +++ b/.github/workflows/upgrade-deps.yml @@ -15,7 +15,9 @@ jobs: actions: read id-token: write steps: - - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false - uses: ./.github/actions/clone - name: Set up metadata directory diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 9652c2e22c..c7c603d530 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -23,13 +23,10 @@ jobs: security-events: write steps: - name: Checkout repository - uses: taiki-e/checkout-action@7d1e50e93dc4fb3bba58f85018fadf77898aee8b # v1.4.2 - - - name: Update submodules - run: | - if [ -f .gitmodules ]; then - git submodule update --init --recursive - fi + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + with: + persist-credentials: false + submodules: true - uses: taiki-e/install-action@ae97ff9daf1cd2e216671a047d80ff48461e30bb # v2.49.1 with: