actions/checkout
原文摘要
Action for checking out a repo Checkout v7 What's new Safer fork pull request handling: checkout now refuses to check out fork pull request code by default when the workflow is triggered by pull_request_target or workflow_run . These triggers run with the base repository's GITHUB_TOKEN , secrets, and runner access, where executing a fork's code commonly leads to "pwn request" vulnerabilities. To opt in after reviewing the risks , set the new allow-unsafe-pr-checkout: true input. Migrated actions/checkout to ESM to support new versions of the @actions/* packages. Updated direct and transitive dependencies, including security fixes for known vulnerabilities. Checkout v6 What's new Improved credential security: persist-credentials now stores credentials in a separate file under $RUNNER_TEMP instead of directly in .git/config No workflow changes required — git fetch , git push , etc. continue to work automatically Running authenticated git commands from a Docker container action requires Actions Runner v2.329.0 or later Checkout v5 What's new Updated to the node24 runtime This requires a minimum Actions Runner version of v2.327.1 to run. Checkout v4 This action checks-out your reposito…
📋 本文为 GitHub Trending Daily RSS 的 RSS 摘要原文,未经 AI 整理。完整上下文请以 原文 为准。