[PR #505] [CLOSED] chore(deps): bump actions/checkout from 2 to 3 #628

New issue

Closed

opened 2026-02-25 23:34:56 +03:00 by kerem · 0 comments

kerem commented 2026-02-25 23:34:56 +03:00

Owner

Copy link

📋 Pull Request Information

Original PR: https://github.com/go-shiori/shiori/pull/505
Author: @dependabot[bot]
Created: 10/11/2022
Status: ❌ Closed

Base: master ← Head: dependabot/github_actions/actions/checkout-3

---

📝 Commits (1)

• cbe6753 chore(deps): bump actions/checkout from 2 to 3

📊 Changes

5 files changed (+5 additions, -5 deletions)

View changed files

📝 .github/workflows/_buildx.yml (+1 -1)
📝 .github/workflows/_golangci-lint.yml (+1 -1)
📝 .github/workflows/_gorelease.yml (+1 -1)
📝 .github/workflows/_test.yml (+1 -1)
📝 .github/workflows/version_bump.yml (+1 -1)

📄 Description

Bumps actions/checkout from 2 to 3.

Release notes

Sourced from actions/checkout's releases.

v3.0.0

• Updated to the node16 runtime by default
  • This requires a minimum Actions Runner version of v2.285.0 to run, which is by default available in GHES 3.4 or later.

v2.4.2

What's Changed

• Add set-safe-directory input to allow customers to take control. (#770) by @​TingluoHuang in actions/checkout#776
• Prepare changelog for v2.4.2. by @​TingluoHuang in actions/checkout#778

Full Changelog: https://github.com/actions/checkout/compare/v2...v2.4.2

v2.4.1

• Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

v2.4.0

• Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

v2.3.5

Update dependencies

v2.3.4

• Add missing awaits
• Swap to Environment Files

v2.3.3

• Remove Unneeded commit information from build logs
• Add Licensed to verify third party dependencies

v2.3.2

Add Third Party License Information to Dist Files

v2.3.1

Fix default branch resolution for .wiki and when using SSH

v2.3.0

Fallback to the default branch

v2.2.0

Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v3.1.0

• Use @​actions/core saveState and getState
• Add github-server-url input

v3.0.2

• Add input set-safe-directory

v3.0.1

• Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory
• Bumped various npm package versions

v3.0.0

• Update to node 16

v2.3.1

• Fix default branch resolution for .wiki and when using SSH

v2.3.0

• Fallback to the default branch

v2.2.0

• Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

• Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Do not pass cred on command line
• Add input persist-credentials
• Fallback to REST API to download repo

Commits

• 93ea575 Prepare release v3.1.0 (#940)
• 6a84743 Bump @​actions/core to 1.10.0 (#939)
• e6d535c Inject GitHub host to be able to clone from another GitHub instance (#922)
• 2541b12 Prepare changelog for v3.0.2. (#777)
• 0ffe6f9 Add set-safe-directory input to allow customers to take control. (#770)
• dcd71f6 Enforce safe directory (#762)
• add3486 Patch to fix the dependbot alert. (#744)
• 5126516 Bump minimist from 1.2.5 to 1.2.6 (#741)
• d50f8ea Add v3.0 release information to changelog (#740)
• 2d1c119 update test workflows to checkout v3 (#709)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/go-shiori/shiori/pull/505 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 10/11/2022 **Status:** ❌ Closed **Base:** `master` ← **Head:** `dependabot/github_actions/actions/checkout-3` --- ### 📝 Commits (1) - [`cbe6753`](https://github.com/go-shiori/shiori/commit/cbe6753678e919145598420fd24ddbcfd438fff4) chore(deps): bump actions/checkout from 2 to 3 ### 📊 Changes **5 files changed** (+5 additions, -5 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/_buildx.yml` (+1 -1) 📝 `.github/workflows/_golangci-lint.yml` (+1 -1) 📝 `.github/workflows/_gorelease.yml` (+1 -1) 📝 `.github/workflows/_test.yml` (+1 -1) 📝 `.github/workflows/version_bump.yml` (+1 -1) </details> ### 📄 Description Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v3.0.0</h2> <ul> <li>Updated to the node16 runtime by default <ul> <li>This requires a minimum <a href="https://github.com/actions/runner/releases/tag/v2.285.0">Actions Runner</a> version of v2.285.0 to run, which is by default available in GHES 3.4 or later.</li> </ul> </li> </ul> <h2>v2.4.2</h2> <h2>What's Changed</h2> <ul> <li>Add set-safe-directory input to allow customers to take control. (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/770">#770</a>) by <a href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/776">actions/checkout#776</a></li> <li>Prepare changelog for v2.4.2. by <a href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/778">actions/checkout#778</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v2...v2.4.2">https://github.com/actions/checkout/compare/v2...v2.4.2</a></p> <h2>v2.4.1</h2> <ul> <li>Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></li> </ul> <h2>v2.4.0</h2> <ul> <li>Convert SSH URLs like <code>org-&lt;ORG_ID&gt;@github.com:</code> to <code>https://github.com/</code> - <a href="https://github-redirect.dependabot.com/actions/checkout/pull/621">pr</a></li> </ul> <h2>v2.3.5</h2> <p>Update dependencies</p> <h2>v2.3.4</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/379">Add missing <code>await</code>s</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/360">Swap to Environment Files</a></li> </ul> <h2>v2.3.3</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/345">Remove Unneeded commit information from build logs</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/326">Add Licensed to verify third party dependencies</a></li> </ul> <h2>v2.3.2</h2> <p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/320">Add Third Party License Information to Dist Files</a></p> <h2>v2.3.1</h2> <p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></p> <h2>v2.3.0</h2> <p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/278">Fallback to the default branch</a></p> <h2>v2.2.0</h2> <p><a href="https://github-redirect.dependabot.com/actions/checkout/pull/258">Fetch all history for all tags and branches when fetch-depth=0</a></p> <h2>v2.1.1</h2> <p>Changes to support GHES (<a href="https://github-redirect.dependabot.com/actions/checkout/pull/236">here</a> and <a href="https://github-redirect.dependabot.com/actions/checkout/pull/248">here</a>)</p> <h2>v2.1.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/191">Group output</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/199">Changes to support GHES alpha release</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/184">Persist core.sshCommand for submodules</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/163">Add support ssh</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/179">Convert submodule SSH URL to HTTPS, when not using SSH</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v3.1.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/939">Use <code>@​actions/core</code> <code>saveState</code> and <code>getState</code></a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/922">Add <code>github-server-url</code> input</a></li> </ul> <h2>v3.0.2</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/770">Add input <code>set-safe-directory</code></a></li> </ul> <h2>v3.0.1</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/762">Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/744">Bumped various npm package versions</a></li> </ul> <h2>v3.0.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/689">Update to node 16</a></li> </ul> <h2>v2.3.1</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></li> </ul> <h2>v2.3.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/278">Fallback to the default branch</a></li> </ul> <h2>v2.2.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/258">Fetch all history for all tags and branches when fetch-depth=0</a></li> </ul> <h2>v2.1.1</h2> <ul> <li>Changes to support GHES (<a href="https://github-redirect.dependabot.com/actions/checkout/pull/236">here</a> and <a href="https://github-redirect.dependabot.com/actions/checkout/pull/248">here</a>)</li> </ul> <h2>v2.1.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/191">Group output</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/199">Changes to support GHES alpha release</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/184">Persist core.sshCommand for submodules</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/163">Add support ssh</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/179">Convert submodule SSH URL to HTTPS, when not using SSH</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/157">Add submodule support</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/144">Follow proxy settings</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/141">Fix ref for pr closed event when a pr is merged</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/128">Fix issue checking detached when git less than 2.22</a></li> </ul> <h2>v2.0.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/108">Do not pass cred on command line</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/107">Add input persist-credentials</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/104">Fallback to REST API to download repo</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8"><code>93ea575</code></a> Prepare release v3.1.0 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/940">#940</a>)</li> <li><a href="https://github.com/actions/checkout/commit/6a84743051be17cee477b0a26bd866b5dba996e4"><code>6a84743</code></a> Bump <code>@​actions/core</code> to 1.10.0 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/939">#939</a>)</li> <li><a href="https://github.com/actions/checkout/commit/e6d535c99c374d0c3f6d8cd8086a57b43c6c700a"><code>e6d535c</code></a> Inject GitHub host to be able to clone from another GitHub instance (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/922">#922</a>)</li> <li><a href="https://github.com/actions/checkout/commit/2541b1294d2704b0964813337f33b291d3f8596b"><code>2541b12</code></a> Prepare changelog for v3.0.2. (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/777">#777</a>)</li> <li><a href="https://github.com/actions/checkout/commit/0ffe6f9c5599e73776da5b7f113e994bc0a76ede"><code>0ffe6f9</code></a> Add set-safe-directory input to allow customers to take control. (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/770">#770</a>)</li> <li><a href="https://github.com/actions/checkout/commit/dcd71f646680f2efd8db4afa5ad64fdcba30e748"><code>dcd71f6</code></a> Enforce safe directory (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/762">#762</a>)</li> <li><a href="https://github.com/actions/checkout/commit/add3486cc3b55d4a5e11c8045058cef96538edc7"><code>add3486</code></a> Patch to fix the dependbot alert. (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/744">#744</a>)</li> <li><a href="https://github.com/actions/checkout/commit/5126516654c75f76bca1de45dd82a3006d8890f9"><code>5126516</code></a> Bump minimist from 1.2.5 to 1.2.6 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/741">#741</a>)</li> <li><a href="https://github.com/actions/checkout/commit/d50f8ea76748df49594d9b109b614f3b4db63c71"><code>d50f8ea</code></a> Add v3.0 release information to changelog (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/740">#740</a>)</li> <li><a href="https://github.com/actions/checkout/commit/2d1c1198e79c30cca5c3957b1e3b65ce95b5356e"><code>2d1c119</code></a> update test workflows to checkout v3 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/709">#709</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/checkout/compare/v2...v3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

kerem 2026-02-25 23:34:56 +03:00

• closed this issue
• added the
  pull-request
  label

kerem referenced this issue 2026-02-25 23:35:11 +03:00

[PR #628] [MERGED] deps: update to go 1.20 + dependencies. Fixes CI #703

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

dependabot/go_modules/all-ad9dc7761f

dependabot/github_actions/all-7ab03d418b

dependabot/go_modules/golang.org/x/crypto-0.45.0

dependabot/go_modules/github.com/docker/docker-28.3.3incompatible

feat/bookmarks-api-v1

dependabot/npm_and_yarn/webapp/npm_and_yarn-7372c7abf2

deps/update202509

feat/pdf-archiver

feat/apiv1/tags

release/v1.7

fix/thumbnail-cache

gh-pages

fix/openbsd-test-speed

release/v1.6.1

release/v1.6.0

fmartingr/windows-tests

afero-removal

ci/windows-macos

feat/cookie-auth

webroot-support-new-server

fix/secret-key-makefile

frontend-jwt-auth

fmartingr/issue663

fix/remove-tag-package-name

fmartingr/issue455

fix/delete-pr-tags

feat/cross-api-authentication

feat/api-v1-to-master

release/v1.5.5

feat/api-next

release/v1.5.5-rc.2

deps/go-1.20

fix/bookmark-update

draft/gorm

v1.8.0

v1.8.0-rc.1

v1.7.4

v1.7.3

v1.7.2

v1.7.2-rc.1

v1.7.1

v1.7.0

v1.7.0-rc.3

v1.7.0-rc.2

v1.7.0-rc.1

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.6.0-rc.7

v1.6.0-rc.6

v1.6.0-rc.5

v1.6.0-rc.4

v1.6.0-rc.3

v1.6.0-rc.2

v1.6.0-rc.1

v1.5.5

v1.5.5-rc.2

v1.5.5-rc.1

v1.5.4

v1.5.3

v1.5.2

v1.5.1

v1.5.0

v1.0

v0.9

Labels

Clear labels   

component:backend

  

component:builds

  

component:builds

  

component:extension

  

component:frontend

  

component:readability

  

database

  

database:mysql

  

database:postgres

  

database:sqlite

  

feature:ebooks

  

github_actions

  

good first issue

  

hacktoberfest

  

note:duplicate?

  

note:fixed?

  

note:out-of-scope?

  

os:windows

  

priority:high

  

priority:low

  

pull-request

Mirrored from GitHub Pull Request

  

resolution:as-intended

  

resolution:cant-reproduce

  

resolution:duplicate

  

resolution:fixed

  

resolution:wontfix

  

tag:TBD

  

tag:big-task

  

tag:help-wanted

  

tag:huge-data

  

tag:meta

  

tag:more-info

  

tag:next

  

tag:no-stale

  

tag:requires-migrations

  

tag:research

  

tag:security 🛡️

  

tag:stale

  

tag:waiting-for-assignee

  

type:bug

  

type:documentation

  

type:enhancement

  

type:meta

  

type:ux

  

user:cli

  

user:web

No labels

component:backend

component:builds

component:builds

component:extension

component:frontend

component:readability

database

database:mysql

database:postgres

database:sqlite

feature:ebooks

github_actions

good first issue

hacktoberfest

note:duplicate?

note:fixed?

note:out-of-scope?

os:windows

priority:high

priority:low

pull-request

resolution:as-intended

resolution:cant-reproduce

resolution:duplicate

resolution:fixed

resolution:wontfix

tag:TBD

tag:big-task

tag:help-wanted

tag:huge-data

tag:meta

tag:more-info

tag:next

tag:no-stale

tag:requires-migrations

tag:research

tag:security 🛡️

tag:stale

tag:waiting-for-assignee

type:bug

type:documentation

type:enhancement

type:meta

type:ux

user:cli

user:web

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/shiori#628

No description provided.