Bump docker/build-push-action

Bumps the minor-actions-dependencies group with 1 update in the / directory: [docker/build-push-action](https://github.com/docker/build-push-action). Updates `docker/build-push-action` from 6.5.0 to 6.7.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v6.5.0...v6.7.0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-actions-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
2025-11-13 10:06:21 +08:00 · 2024-09-02 13:56:10 +00:00
28 changed files with 422 additions and 1393 deletions
--- a/.github/workflows/check-dist.yml
+++ b/.github/workflows/check-dist.yml
@@ -24,10 +24,10 @@ jobs:
    steps:
      - uses: actions/checkout@v4.1.6
-      - name: Set Node.js 24.x
+      - name: Set Node.js 20.x
        uses: actions/setup-node@v4
        with:
-          node-version: 24.x
+          node-version: 20.x
      - name: Install dependencies
        run: npm ci
--- a/.github/workflows/publish-immutable-actions.yml
+++ b/.github/workflows/publish-immutable-actions.yml
@@ -1,20 +0,0 @@
 name: 'Publish Immutable Action Version'
 on:
  release:
    types: [published]
 jobs:
  publish:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
      packages: write
    steps:
      - name: Checking out
        uses: actions/checkout@v4
      - name: Publish
        id: publish
        uses: actions/publish-immutable-action@0.0.3
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -18,7 +18,7 @@ jobs:
    steps:
      - uses: actions/setup-node@v4
        with:
-          node-version: 24.x
+          node-version: 20.x
      - uses: actions/checkout@v4.1.6
      - run: npm ci
      - run: npm run build
@@ -295,37 +295,3 @@ jobs:
        uses: actions/checkout@v4.1.6
        with:
          path: localClone
  test-output:
    runs-on: ubuntu-latest
    steps:
      # Clone this repo
      - name: Checkout
        uses: actions/checkout@v4.1.6
      # Basic checkout using git
      - name: Checkout basic
        id: checkout
        uses: ./
        with:
          ref: test-data/v2/basic
      # Verify output
      - name: Verify output
        run: |
          echo "Commit: ${{ steps.checkout.outputs.commit }}"
          echo "Ref: ${{ steps.checkout.outputs.ref }}"
          if [ "${{ steps.checkout.outputs.ref }}" != "test-data/v2/basic" ]; then
            echo "Expected ref to be test-data/v2/basic"
            exit 1
          fi
          if [ "${{ steps.checkout.outputs.commit }}" != "82f71901cf8c021332310dcc8cdba84c4193ff5d" ]; then
            echo "Expected commit to be 82f71901cf8c021332310dcc8cdba84c4193ff5d"
            exit 1
          fi
      # needed to make checkout post cleanup succeed
      - name: Fix Checkout
        uses: actions/checkout@v4.1.6
--- a/.github/workflows/update-main-version.yml
+++ b/.github/workflows/update-main-version.yml
@@ -11,7 +11,6 @@ on:
        type: choice
        description: The major version to update
        options:
          - v5
          - v4
          - v3
          - v2
--- a/.github/workflows/update-test-ubuntu-git.yml
+++ b/.github/workflows/update-test-ubuntu-git.yml
@@ -48,7 +48,7 @@ jobs:
      # Use `docker/build-push-action` to build (and optionally publish) the image. 
      - name: Build Docker Image (with optional Push)
-        uses: docker/build-push-action@v6.5.0
+        uses: docker/build-push-action@v6.7.0
        with:
          context: .
          file: images/test-ubuntu-git.Dockerfile
--- a/.licenses/npm/@octokit/endpoint.dep.yml
+++ b/.licenses/npm/@octokit/endpoint.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: "@octokit/endpoint"
-version: 9.0.6
+version: 9.0.5
 type: npm
 summary: Turns REST API endpoints into generic request options
 homepage: 
--- a/.licenses/npm/@octokit/plugin-paginate-rest.dep.yml
+++ b/.licenses/npm/@octokit/plugin-paginate-rest.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: "@octokit/plugin-paginate-rest"
-version: 9.2.2
+version: 9.2.1
 type: npm
 summary: Octokit plugin to paginate REST API endpoint responses
 homepage: 
--- a/.licenses/npm/@octokit/request-error.dep.yml
+++ b/.licenses/npm/@octokit/request-error.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: "@octokit/request-error"
-version: 5.1.1
+version: 5.1.0
 type: npm
 summary: Error class for Octokit request errors
 homepage: 
--- a/.licenses/npm/@octokit/request.dep.yml
+++ b/.licenses/npm/@octokit/request.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: "@octokit/request"
-version: 8.4.1
+version: 8.4.0
 type: npm
 summary: Send parameterized requests to GitHub's APIs with sensible defaults in browsers
  and Node
--- a/.licenses/npm/undici.dep.yml
+++ b/.licenses/npm/undici.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: undici
-version: 5.29.0
+version: 5.28.4
 type: npm
 summary: An HTTP/1.1 client, written from scratch for Node.js
 homepage: https://undici.nodejs.org
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,30 +1,5 @@
 # Changelog
 ## V5.0.0
 * Update actions checkout to use node 24 by @salmanmkc in https://github.com/actions/checkout/pull/2226
 ## V4.3.0
 * docs: update README.md by @motss in https://github.com/actions/checkout/pull/1971
 * Add internal repos for checking out multiple repositories by @mouismail in https://github.com/actions/checkout/pull/1977
 * Documentation update - add recommended permissions to Readme by @benwells in https://github.com/actions/checkout/pull/2043
 * Adjust positioning of user email note and permissions heading by @joshmgross in https://github.com/actions/checkout/pull/2044
 * Update README.md by @nebuk89 in https://github.com/actions/checkout/pull/2194
 * Update CODEOWNERS for actions by @TingluoHuang in https://github.com/actions/checkout/pull/2224
 * Update package dependencies by @salmanmkc in https://github.com/actions/checkout/pull/2236
 ## v4.2.2
 * `url-helper.ts` now leverages well-known environment variables by @jww3 in https://github.com/actions/checkout/pull/1941
 * Expand unit test coverage for `isGhes` by @jww3 in https://github.com/actions/checkout/pull/1946
 ## v4.2.1
 * Check out other refs/* by commit if provided, fall back to ref by @orhantoy in https://github.com/actions/checkout/pull/1924
 ## v4.2.0
 * Add Ref and Commit outputs by @lucacome in https://github.com/actions/checkout/pull/1180
 * Dependency updates by @dependabot- https://github.com/actions/checkout/pull/1777, https://github.com/actions/checkout/pull/1872
 ## v4.1.7
 * Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in https://github.com/actions/checkout/pull/1739
 * Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/actions/checkout/pull/1697
--- a/2
+++ b/2
@@ -1 +1 @@
-* @actions/actions-runtime
+* @actions/actions-launch
--- a/README.md
+++ b/README.md
@@ -1,9 +1,5 @@
 [![Build and Test](https://github.com/actions/checkout/actions/workflows/test.yml/badge.svg)](https://github.com/actions/checkout/actions/workflows/test.yml)
 # Checkout V5
 Checkout v5 now supports Node.js 24
 # Checkout V4
 This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it.
@@ -14,24 +10,6 @@ The auth token is persisted in the local git config. This enables your scripts t
 When Git 2.18 or higher is not in your PATH, falls back to the REST API to download the files.
 ### Note
 Thank you for your interest in this GitHub action, however, right now we are not taking contributions. 
 We continue to focus our resources on strategic areas that help our customers be successful while making developers' lives easier. While GitHub Actions remains a key part of this vision, we are allocating resources towards other areas of Actions and are not taking contributions to this repository at this time. The GitHub public roadmap is the best place to follow along for any updates on features we’re working on and what stage they’re in.
 We are taking the following steps to better direct requests related to GitHub Actions, including:
 1. We will be directing questions and support requests to our [Community Discussions area](https://github.com/orgs/community/discussions/categories/actions)
 2. High Priority bugs can be reported through Community Discussions or you can report these to our support team https://support.github.com/contact/bug-report.
 3. Security Issues should be handled as per our [security.md](security.md)
 We will still provide security updates for this project and fix major breaking changes during this time.
 You are welcome to still raise bugs in this repo.
 # What's new
 Please refer to the [release page](https://github.com/actions/checkout/releases/latest) for the latest release notes.
@@ -40,7 +18,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 <!-- start usage -->
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v4
  with:
    # Repository name with owner. For example, actions/checkout
    # Default: ${{ github.repository }}
@@ -153,32 +131,23 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 # Scenarios
- [Checkout V5](#checkout-v5)
+- [Fetch only the root files](#Fetch-only-the-root-files)
- [Checkout V4](#checkout-v4)
+- [Fetch only the root files and `.github` and `src` folder](#Fetch-only-the-root-files-and-github-and-src-folder)
-    - [Note](#note)
+- [Fetch only a single file](#Fetch-only-a-single-file)
- [What's new](#whats-new)
+- [Fetch all history for all tags and branches](#Fetch-all-history-for-all-tags-and-branches)
- [Usage](#usage)
+- [Checkout a different branch](#Checkout-a-different-branch)
- [Scenarios](#scenarios)
+- [Checkout HEAD^](#Checkout-HEAD)
-  - [Fetch only the root files](#fetch-only-the-root-files)
+- [Checkout multiple repos (side by side)](#Checkout-multiple-repos-side-by-side)
-  - [Fetch only the root files and `.github` and `src` folder](#fetch-only-the-root-files-and-github-and-src-folder)
+- [Checkout multiple repos (nested)](#Checkout-multiple-repos-nested)
-  - [Fetch only a single file](#fetch-only-a-single-file)
+- [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
-  - [Fetch all history for all tags and branches](#fetch-all-history-for-all-tags-and-branches)
+- [Checkout pull request HEAD commit instead of merge commit](#Checkout-pull-request-HEAD-commit-instead-of-merge-commit)
-  - [Checkout a different branch](#checkout-a-different-branch)
+- [Checkout pull request on closed event](#Checkout-pull-request-on-closed-event)
-  - [Checkout HEAD^](#checkout-head)
+- [Push a commit using the built-in token](#Push-a-commit-using-the-built-in-token)
  - [Checkout multiple repos (side by side)](#checkout-multiple-repos-side-by-side)
  - [Checkout multiple repos (nested)](#checkout-multiple-repos-nested)
  - [Checkout multiple repos (private)](#checkout-multiple-repos-private)
  - [Checkout pull request HEAD commit instead of merge commit](#checkout-pull-request-head-commit-instead-of-merge-commit)
  - [Checkout pull request on closed event](#checkout-pull-request-on-closed-event)
  - [Push a commit using the built-in token](#push-a-commit-using-the-built-in-token)
  - [Push a commit to a PR using the built-in token](#push-a-commit-to-a-pr-using-the-built-in-token)
 - [Recommended permissions](#recommended-permissions)
 - [License](#license)
 ## Fetch only the root files
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v4
  with:
    sparse-checkout: .
 ```
@@ -186,7 +155,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch only the root files and `.github` and `src` folder
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v4
  with:
    sparse-checkout: |
      .github
@@ -196,7 +165,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch only a single file
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v4
  with:
    sparse-checkout: |
      README.md
@@ -206,7 +175,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch all history for all tags and branches
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v4
  with:
    fetch-depth: 0
 ```
@@ -214,7 +183,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Checkout a different branch
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v4
  with:
    ref: my-branch
 ```
@@ -222,7 +191,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Checkout HEAD^
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v4
  with:
    fetch-depth: 2
 - run: git checkout HEAD^
@@ -232,42 +201,42 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v5
+  uses: actions/checkout@v4
  with:
    path: main
 - name: Checkout tools repo
-  uses: actions/checkout@v5
+  uses: actions/checkout@v4
  with:
    repository: my-org/my-tools
    path: my-tools
 ```
-> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
+> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
 ## Checkout multiple repos (nested)
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v5
+  uses: actions/checkout@v4
 - name: Checkout tools repo
-  uses: actions/checkout@v5
+  uses: actions/checkout@v4
  with:
    repository: my-org/my-tools
    path: my-tools
 ```
-> - If your secondary repository is private or internal you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
+> - If your secondary repository is private you will need to add the option noted in [Checkout multiple repos (private)](#Checkout-multiple-repos-private)
 ## Checkout multiple repos (private)
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v5
+  uses: actions/checkout@v4
  with:
    path: main
 - name: Checkout private tools
-  uses: actions/checkout@v5
+  uses: actions/checkout@v4
  with:
    repository: my-org/my-private-tools
    token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
@@ -280,7 +249,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Checkout pull request HEAD commit instead of merge commit
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v4
  with:
    ref: ${{ github.event.pull_request.head.sha }}
 ```
@@ -296,7 +265,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
 ```
 ## Push a commit using the built-in token
@@ -307,7 +276,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v4
      - run: |
          date > generated.txt
          # Note: the following account information will not work on GHES
@@ -319,40 +288,6 @@ jobs:
 ```
 *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
 ## Push a commit to a PR using the built-in token
 In a pull request trigger, `ref` is required as GitHub Actions checks out in detached HEAD mode, meaning it doesn’t check out your branch by default.
 ```yaml
 on: pull_request
 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v5
        with:
          ref: ${{ github.head_ref }}
      - run: |
          date > generated.txt
          # Note: the following account information will not work on GHES
          git config user.name "github-actions[bot]"
          git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
          git add .
          git commit -m "generated"
          git push
 ```
 *NOTE:* The user email is `{user.id}+{user.login}@users.noreply.github.com`. See users API: https://api.github.com/users/github-actions%5Bbot%5D
 # Recommended permissions
 When using the `checkout` action in your GitHub Actions workflow, it is recommended to set the following `GITHUB_TOKEN` permissions to ensure proper functionality, unless alternative auth is provided via the `token` or `ssh-key` inputs:
 ```yaml
 permissions:
  contents: read
 ```
 # License
 The scripts and documentation in this project are released under the [MIT License](LICENSE)
--- a/test/git-auth-helper.test.ts
+++ b/test/git-auth-helper.test.ts
@@ -675,283 +675,6 @@ describe('git-auth-helper tests', () => {
    expect(gitConfigContent.indexOf('http.')).toBeLessThan(0)
  })
  const removeAuth_removesV6StyleCredentials =
    'removeAuth removes v6 style credentials'
  it(removeAuth_removesV6StyleCredentials, async () => {
    // Arrange
    await setup(removeAuth_removesV6StyleCredentials)
    const authHelper = gitAuthHelper.createAuthHelper(git, settings)
    await authHelper.configureAuth()
    // Manually create v6-style credentials that would be left by v6
    const credentialsFileName =
      'git-credentials-12345678-1234-1234-1234-123456789abc.config'
    const credentialsFilePath = path.join(runnerTemp, credentialsFileName)
    const basicCredential = Buffer.from(
      `x-access-token:${settings.authToken}`,
      'utf8'
    ).toString('base64')
    const credentialsContent = `[http "https://github.com/"]\n\textraheader = AUTHORIZATION: basic ${basicCredential}\n`
    await fs.promises.writeFile(credentialsFilePath, credentialsContent)
    // Add includeIf entries to local git config (simulating v6 configuration)
    const hostGitDir = path.join(workspace, '.git').replace(/\\/g, '/')
    await fs.promises.appendFile(
      localGitConfigPath,
      `[includeIf "gitdir:${hostGitDir}/"]\n\tpath = ${credentialsFilePath}\n`
    )
    await fs.promises.appendFile(
      localGitConfigPath,
      `[includeIf "gitdir:/github/workspace/.git/"]\n\tpath = /github/runner_temp/${credentialsFileName}\n`
    )
    // Verify v6 style config exists
    let gitConfigContent = (
      await fs.promises.readFile(localGitConfigPath)
    ).toString()
    expect(gitConfigContent.indexOf('includeIf')).toBeGreaterThanOrEqual(0)
    expect(
      gitConfigContent.indexOf(credentialsFilePath)
    ).toBeGreaterThanOrEqual(0)
    await fs.promises.stat(credentialsFilePath) // Verify file exists
    // Mock the git methods to handle v6 cleanup
    const mockTryGetConfigKeys = git.tryGetConfigKeys as jest.Mock<any, any>
    mockTryGetConfigKeys.mockResolvedValue([
      `includeIf.gitdir:${hostGitDir}/.path`,
      'includeIf.gitdir:/github/workspace/.git/.path'
    ])
    const mockTryGetConfigValues = git.tryGetConfigValues as jest.Mock<any, any>
    mockTryGetConfigValues.mockImplementation(async (key: string) => {
      if (key === `includeIf.gitdir:${hostGitDir}/.path`) {
        return [credentialsFilePath]
      }
      if (key === 'includeIf.gitdir:/github/workspace/.git/.path') {
        return [`/github/runner_temp/${credentialsFileName}`]
      }
      return []
    })
    const mockTryConfigUnsetValue = git.tryConfigUnsetValue as jest.Mock<
      any,
      any
    >
    mockTryConfigUnsetValue.mockImplementation(
      async (
        key: string,
        value: string,
        globalConfig?: boolean,
        configPath?: string
      ) => {
        const targetPath = configPath || localGitConfigPath
        let content = await fs.promises.readFile(targetPath, 'utf8')
        // Remove the includeIf section
        const lines = content
          .split('\n')
          .filter(line => !line.includes('includeIf') && !line.includes(value))
        await fs.promises.writeFile(targetPath, lines.join('\n'))
        return true
      }
    )
    // Act
    await authHelper.removeAuth()
    // Assert includeIf entries removed from local git config
    gitConfigContent = (
      await fs.promises.readFile(localGitConfigPath)
    ).toString()
    expect(gitConfigContent.indexOf('includeIf')).toBeLessThan(0)
    expect(gitConfigContent.indexOf(credentialsFilePath)).toBeLessThan(0)
    // Assert credentials config file deleted
    try {
      await fs.promises.stat(credentialsFilePath)
      throw new Error('Credentials file should have been deleted')
    } catch (err) {
      if ((err as any)?.code !== 'ENOENT') {
        throw err
      }
    }
  })
  const removeAuth_removesV6StyleCredentialsFromSubmodules =
    'removeAuth removes v6 style credentials from submodules'
  it(removeAuth_removesV6StyleCredentialsFromSubmodules, async () => {
    // Arrange
    await setup(removeAuth_removesV6StyleCredentialsFromSubmodules)
    // Create fake submodule config paths
    const submodule1Dir = path.join(workspace, '.git', 'modules', 'submodule-1')
    const submodule1ConfigPath = path.join(submodule1Dir, 'config')
    await fs.promises.mkdir(submodule1Dir, {recursive: true})
    await fs.promises.writeFile(submodule1ConfigPath, '')
    const authHelper = gitAuthHelper.createAuthHelper(git, settings)
    await authHelper.configureAuth()
    // Create v6-style credentials file
    const credentialsFileName =
      'git-credentials-abcdef12-3456-7890-abcd-ef1234567890.config'
    const credentialsFilePath = path.join(runnerTemp, credentialsFileName)
    const basicCredential = Buffer.from(
      `x-access-token:${settings.authToken}`,
      'utf8'
    ).toString('base64')
    const credentialsContent = `[http "https://github.com/"]\n\textraheader = AUTHORIZATION: basic ${basicCredential}\n`
    await fs.promises.writeFile(credentialsFilePath, credentialsContent)
    // Add includeIf entries to submodule config
    const submodule1GitDir = submodule1Dir.replace(/\\/g, '/')
    await fs.promises.appendFile(
      submodule1ConfigPath,
      `[includeIf "gitdir:${submodule1GitDir}/"]\n\tpath = ${credentialsFilePath}\n`
    )
    // Verify submodule config has includeIf entry
    let submoduleConfigContent = (
      await fs.promises.readFile(submodule1ConfigPath)
    ).toString()
    expect(submoduleConfigContent.indexOf('includeIf')).toBeGreaterThanOrEqual(
      0
    )
    expect(
      submoduleConfigContent.indexOf(credentialsFilePath)
    ).toBeGreaterThanOrEqual(0)
    // Mock getSubmoduleConfigPaths
    const mockGetSubmoduleConfigPaths =
      git.getSubmoduleConfigPaths as jest.Mock<any, any>
    mockGetSubmoduleConfigPaths.mockResolvedValue([submodule1ConfigPath])
    // Mock tryGetConfigKeys for submodule
    const mockTryGetConfigKeys = git.tryGetConfigKeys as jest.Mock<any, any>
    mockTryGetConfigKeys.mockImplementation(
      async (pattern: string, globalConfig?: boolean, configPath?: string) => {
        if (configPath === submodule1ConfigPath) {
          return [`includeIf.gitdir:${submodule1GitDir}/.path`]
        }
        return []
      }
    )
    // Mock tryGetConfigValues for submodule
    const mockTryGetConfigValues = git.tryGetConfigValues as jest.Mock<any, any>
    mockTryGetConfigValues.mockImplementation(
      async (key: string, globalConfig?: boolean, configPath?: string) => {
        if (
          configPath === submodule1ConfigPath &&
          key === `includeIf.gitdir:${submodule1GitDir}/.path`
        ) {
          return [credentialsFilePath]
        }
        return []
      }
    )
    // Mock tryConfigUnsetValue for submodule
    const mockTryConfigUnsetValue = git.tryConfigUnsetValue as jest.Mock<
      any,
      any
    >
    mockTryConfigUnsetValue.mockImplementation(
      async (
        key: string,
        value: string,
        globalConfig?: boolean,
        configPath?: string
      ) => {
        const targetPath = configPath || localGitConfigPath
        let content = await fs.promises.readFile(targetPath, 'utf8')
        const lines = content
          .split('\n')
          .filter(line => !line.includes('includeIf') && !line.includes(value))
        await fs.promises.writeFile(targetPath, lines.join('\n'))
        return true
      }
    )
    // Act
    await authHelper.removeAuth()
    // Assert submodule includeIf entries removed
    submoduleConfigContent = (
      await fs.promises.readFile(submodule1ConfigPath)
    ).toString()
    expect(submoduleConfigContent.indexOf('includeIf')).toBeLessThan(0)
    expect(submoduleConfigContent.indexOf(credentialsFilePath)).toBeLessThan(0)
    // Assert credentials file deleted
    try {
      await fs.promises.stat(credentialsFilePath)
      throw new Error('Credentials file should have been deleted')
    } catch (err) {
      if ((err as any)?.code !== 'ENOENT') {
        throw err
      }
    }
  })
  const removeAuth_skipsV6CleanupWhenEnvVarSet =
    'removeAuth skips v6 cleanup when ACTIONS_CHECKOUT_SKIP_V6_CLEANUP is set'
  it(removeAuth_skipsV6CleanupWhenEnvVarSet, async () => {
    // Arrange
    await setup(removeAuth_skipsV6CleanupWhenEnvVarSet)
    // Set the skip environment variable
    process.env['ACTIONS_CHECKOUT_SKIP_V6_CLEANUP'] = '1'
    const authHelper = gitAuthHelper.createAuthHelper(git, settings)
    await authHelper.configureAuth()
    // Create v6-style credentials file in RUNNER_TEMP
    const credentialsFileName = 'git-credentials-test-uuid-1234-5678.config'
    const credentialsFilePath = path.join(runnerTemp, credentialsFileName)
    const credentialsContent =
      '[http "https://github.com/"]\n\textraheader = AUTHORIZATION: basic token\n'
    await fs.promises.writeFile(credentialsFilePath, credentialsContent)
    // Add includeIf section to local git config (separate from http.* config)
    const includeIfSection = `\n[includeIf "gitdir:/some/path/.git/"]\n\tpath = ${credentialsFilePath}\n`
    await fs.promises.appendFile(localGitConfigPath, includeIfSection)
    // Verify v6 style config exists
    let gitConfigContent = (
      await fs.promises.readFile(localGitConfigPath)
    ).toString()
    expect(gitConfigContent.indexOf('includeIf')).toBeGreaterThanOrEqual(0)
    await fs.promises.stat(credentialsFilePath) // Verify file exists
    // Act
    await authHelper.removeAuth()
    // Assert v5 cleanup still happened (http.* removed)
    gitConfigContent = (
      await fs.promises.readFile(localGitConfigPath)
    ).toString()
    expect(
      gitConfigContent.indexOf('http.https://github.com/.extraheader')
    ).toBeLessThan(0)
    // Assert v6 cleanup was skipped - includeIf should still be present
    expect(gitConfigContent.indexOf('includeIf')).toBeGreaterThanOrEqual(0)
    expect(
      gitConfigContent.indexOf(credentialsFilePath)
    ).toBeGreaterThanOrEqual(0)
    // Assert credentials file still exists (wasn't deleted)
    await fs.promises.stat(credentialsFilePath) // File should still exist
    // Assert debug message was logged
    expect(core.debug).toHaveBeenCalledWith(
      'Skipping v6 style cleanup due to ACTIONS_CHECKOUT_SKIP_V6_CLEANUP'
    )
    // Cleanup
    delete process.env['ACTIONS_CHECKOUT_SKIP_V6_CLEANUP']
  })
  const removeGlobalConfig_removesOverride =
    'removeGlobalConfig removes override'
  it(removeGlobalConfig_removesOverride, async () => {
@@ -1073,18 +796,6 @@ async function setup(testName: string): Promise<void> {
    ),
    tryDisableAutomaticGarbageCollection: jest.fn(),
    tryGetFetchUrl: jest.fn(),
    getSubmoduleConfigPaths: jest.fn(async () => {
      return []
    }),
    tryConfigUnsetValue: jest.fn(async () => {
      return true
    }),
    tryGetConfigValues: jest.fn(async () => {
      return []
    }),
    tryGetConfigKeys: jest.fn(async () => {
      return []
    }),
    tryReset: jest.fn(),
    version: jest.fn()
  }
--- a/test/git-directory-helper.test.ts
+++ b/test/git-directory-helper.test.ts
@@ -499,18 +499,6 @@ async function setup(testName: string): Promise<void> {
      await fs.promises.stat(path.join(repositoryPath, '.git'))
      return repositoryUrl
    }),
    getSubmoduleConfigPaths: jest.fn(async () => {
      return []
    }),
    tryConfigUnsetValue: jest.fn(async () => {
      return true
    }),
    tryGetConfigValues: jest.fn(async () => {
      return []
    }),
    tryGetConfigKeys: jest.fn(async () => {
      return []
    }),
    tryReset: jest.fn(async () => {
      return true
    }),
--- a/test/ref-helper.test.ts
+++ b/test/ref-helper.test.ts
@@ -77,16 +77,6 @@ describe('ref-helper tests', () => {
    expect(checkoutInfo.startPoint).toBeFalsy()
  })
  it('getCheckoutInfo refs/ without commit', async () => {
    const checkoutInfo = await refHelper.getCheckoutInfo(
      git,
      'refs/non-standard-ref',
      ''
    )
    expect(checkoutInfo.ref).toBe('refs/non-standard-ref')
    expect(checkoutInfo.startPoint).toBeFalsy()
  })
  it('getCheckoutInfo unqualified branch only', async () => {
    git.branchExists = jest.fn(async (remote: boolean, pattern: string) => {
      return true
--- a/test/url-helper.test.ts
+++ b/test/url-helper.test.ts
@@ -1,92 +0,0 @@
 import * as urlHelper from '../src/url-helper'
 describe('getServerUrl tests', () => {
  it('basics', async () => {
    // Note that URL::toString will append a trailing / when passed just a domain name ...
    expect(urlHelper.getServerUrl().toString()).toBe('https://github.com/')
    expect(urlHelper.getServerUrl(' ').toString()).toBe('https://github.com/')
    expect(urlHelper.getServerUrl('   ').toString()).toBe('https://github.com/')
    expect(urlHelper.getServerUrl('http://contoso.com').toString()).toBe(
      'http://contoso.com/'
    )
    expect(urlHelper.getServerUrl('https://contoso.com').toString()).toBe(
      'https://contoso.com/'
    )
    expect(urlHelper.getServerUrl('https://contoso.com/').toString()).toBe(
      'https://contoso.com/'
    )
    // ... but can't make that same assumption when passed an URL that includes some deeper path.
    expect(urlHelper.getServerUrl('https://contoso.com/a/b').toString()).toBe(
      'https://contoso.com/a/b'
    )
  })
 })
 describe('isGhes tests', () => {
  const pristineEnv = process.env
  beforeEach(() => {
    jest.resetModules()
    process.env = {...pristineEnv}
  })
  afterAll(() => {
    process.env = pristineEnv
  })
  it('basics', async () => {
    delete process.env['GITHUB_SERVER_URL']
    expect(urlHelper.isGhes()).toBeFalsy()
    expect(urlHelper.isGhes('https://github.com')).toBeFalsy()
    expect(urlHelper.isGhes('https://contoso.ghe.com')).toBeFalsy()
    expect(urlHelper.isGhes('https://test.github.localhost')).toBeFalsy()
    expect(urlHelper.isGhes('https://src.onpremise.fabrikam.com')).toBeTruthy()
  })
  it('returns false when the GITHUB_SERVER_URL environment variable is not defined', async () => {
    delete process.env['GITHUB_SERVER_URL']
    expect(urlHelper.isGhes()).toBeFalsy()
  })
  it('returns false when the GITHUB_SERVER_URL environment variable is set to github.com', async () => {
    process.env['GITHUB_SERVER_URL'] = 'https://github.com'
    expect(urlHelper.isGhes()).toBeFalsy()
  })
  it('returns false when the GITHUB_SERVER_URL environment variable is set to a GitHub Enterprise Cloud-style URL', async () => {
    process.env['GITHUB_SERVER_URL'] = 'https://contoso.ghe.com'
    expect(urlHelper.isGhes()).toBeFalsy()
  })
  it('returns false when the GITHUB_SERVER_URL environment variable has a .localhost suffix', async () => {
    process.env['GITHUB_SERVER_URL'] = 'https://mock-github.localhost'
    expect(urlHelper.isGhes()).toBeFalsy()
  })
  it('returns true when the GITHUB_SERVER_URL environment variable is set to some other URL', async () => {
    process.env['GITHUB_SERVER_URL'] = 'https://src.onpremise.fabrikam.com'
    expect(urlHelper.isGhes()).toBeTruthy()
  })
 })
 describe('getServerApiUrl tests', () => {
  it('basics', async () => {
    expect(urlHelper.getServerApiUrl()).toBe('https://api.github.com')
    expect(urlHelper.getServerApiUrl('https://github.com')).toBe(
      'https://api.github.com'
    )
    expect(urlHelper.getServerApiUrl('https://GitHub.com')).toBe(
      'https://api.github.com'
    )
    expect(urlHelper.getServerApiUrl('https://contoso.ghe.com')).toBe(
      'https://api.contoso.ghe.com'
    )
    expect(urlHelper.getServerApiUrl('https://fabrikam.GHE.COM')).toBe(
      'https://api.fabrikam.ghe.com'
    )
    expect(
      urlHelper.getServerApiUrl('https://src.onpremise.fabrikam.com')
    ).toBe('https://src.onpremise.fabrikam.com/api/v3')
  })
 })
--- a/action.yml
+++ b/action.yml
@@ -98,12 +98,7 @@ inputs:
  github-server-url:
    description: The base URL for the GitHub instance that you are trying to clone from, will use environment defaults to fetch from the same instance that the workflow is running from unless specified. Example URLs are https://github.com or https://my-ghes-server.example.com
    required: false
 outputs:
  ref:
    description: 'The branch, tag or SHA that was checked out'
  commit:
    description: 'The commit SHA that was checked out'
 runs:
-  using: node24
+  using: node20
  main: dist/index.js
  post: dist/index.js
--- a/dist/index.js
+++ b/dist/index.js
@@ -30,9 +30,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.directoryExistsSync = directoryExistsSync;
+exports.fileExistsSync = exports.existsSync = exports.directoryExistsSync = void 0;
 exports.existsSync = existsSync;
 exports.fileExistsSync = fileExistsSync;
 const fs = __importStar(__nccwpck_require__(7147));
 function directoryExistsSync(path, required) {
    var _a;
@@ -60,6 +58,7 @@ function directoryExistsSync(path, required) {
    }
    throw new Error(`Directory '${path}' does not exist`);
 }
 exports.directoryExistsSync = directoryExistsSync;
 function existsSync(path) {
    var _a;
    if (!path) {
@@ -76,6 +75,7 @@ function existsSync(path) {
    }
    return true;
 }
 exports.existsSync = existsSync;
 function fileExistsSync(path) {
    var _a;
    if (!path) {
@@ -96,6 +96,7 @@ function fileExistsSync(path) {
    }
    return false;
 }
 exports.fileExistsSync = fileExistsSync;
 /***/ }),
@@ -138,7 +139,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
    });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.createAuthHelper = createAuthHelper;
+exports.createAuthHelper = void 0;
 const assert = __importStar(__nccwpck_require__(9491));
 const core = __importStar(__nccwpck_require__(2186));
 const exec = __importStar(__nccwpck_require__(1514));
@@ -155,6 +156,7 @@ const SSH_COMMAND_KEY = 'core.sshCommand';
 function createAuthHelper(git, settings) {
    return new GitAuthHelper(git, settings);
 }
 exports.createAuthHelper = createAuthHelper;
 class GitAuthHelper {
    constructor(gitCommandManager, gitSourceSettings) {
        this.insteadOfValues = [];
@@ -411,50 +413,8 @@ class GitAuthHelper {
    }
    removeToken() {
        return __awaiter(this, void 0, void 0, function* () {
-            // Remove HTTP extra header from local git config and submodule configs
+            // HTTP extra header
            yield this.removeGitConfig(this.tokenConfigKey);
            //
            // Cleanup actions/checkout@v6 style credentials
            //
            const skipV6Cleanup = process.env['ACTIONS_CHECKOUT_SKIP_V6_CLEANUP'];
            if (skipV6Cleanup === '1' || (skipV6Cleanup === null || skipV6Cleanup === void 0 ? void 0 : skipV6Cleanup.toLowerCase()) === 'true') {
                core.debug('Skipping v6 style cleanup due to ACTIONS_CHECKOUT_SKIP_V6_CLEANUP');
                return;
            }
            try {
                // Collect credentials config paths that need to be removed
                const credentialsPaths = new Set();
                // Remove includeIf entries that point to git-credentials-*.config files
                const mainCredentialsPaths = yield this.removeIncludeIfCredentials();
                mainCredentialsPaths.forEach(path => credentialsPaths.add(path));
                // Remove submodule includeIf entries that point to git-credentials-*.config files
                try {
                    const submoduleConfigPaths = yield this.git.getSubmoduleConfigPaths(true);
                    for (const configPath of submoduleConfigPaths) {
                        const submoduleCredentialsPaths = yield this.removeIncludeIfCredentials(configPath);
                        submoduleCredentialsPaths.forEach(path => credentialsPaths.add(path));
                    }
                }
                catch (err) {
                    core.debug(`Unable to get submodule config paths: ${err}`);
                }
                // Remove credentials config files
                for (const credentialsPath of credentialsPaths) {
                    // Only remove credentials config files if they are under RUNNER_TEMP
                    const runnerTemp = process.env['RUNNER_TEMP'];
                    if (runnerTemp && credentialsPath.startsWith(runnerTemp)) {
                        try {
                            yield io.rmRF(credentialsPath);
                        }
                        catch (err) {
                            core.debug(`Failed to remove credentials config '${credentialsPath}': ${err}`);
                        }
                    }
                }
            }
            catch (err) {
                core.debug(`Failed to cleanup v6 style credentials: ${err}`);
            }
        });
    }
    removeGitConfig(configKey_1) {
@@ -472,49 +432,6 @@ class GitAuthHelper {
            `sh -c "git config --local --name-only --get-regexp '${pattern}' && git config --local --unset-all '${configKey}' || :"`, true);
        });
    }
    /**
     * Removes includeIf entries that point to git-credentials-*.config files.
     * This handles cleanup of credentials configured by newer versions of the action.
     * @param configPath Optional path to a specific git config file to operate on
     * @returns Array of unique credentials config file paths that were found and removed
     */
    removeIncludeIfCredentials(configPath) {
        return __awaiter(this, void 0, void 0, function* () {
            const credentialsPaths = new Set();
            try {
                // Get all includeIf.gitdir keys
                const keys = yield this.git.tryGetConfigKeys('^includeIf\\.gitdir:', false, // globalConfig?
                configPath);
                for (const key of keys) {
                    // Get all values for this key
                    const values = yield this.git.tryGetConfigValues(key, false, // globalConfig?
                    configPath);
                    if (values.length > 0) {
                        // Remove only values that match git-credentials-<uuid>.config pattern
                        for (const value of values) {
                            if (this.testCredentialsConfigPath(value)) {
                                credentialsPaths.add(value);
                                yield this.git.tryConfigUnsetValue(key, value, false, configPath);
                            }
                        }
                    }
                }
            }
            catch (err) {
                // Ignore errors - this is cleanup code
                core.debug(`Error during includeIf cleanup${configPath ? ` for ${configPath}` : ''}: ${err}`);
            }
            return Array.from(credentialsPaths);
        });
    }
    /**
     * Tests if a path matches the git-credentials-*.config pattern used by newer versions.
     * @param path The path to test
     * @returns True if the path matches the credentials config pattern
     */
    testCredentialsConfigPath(path) {
        return /git-credentials-[0-9a-f-]+\.config$/i.test(path);
    }
 }
@@ -558,8 +475,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
    });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.MinimumGitSparseCheckoutVersion = exports.MinimumGitVersion = void 0;
+exports.createCommandManager = exports.MinimumGitSparseCheckoutVersion = exports.MinimumGitVersion = void 0;
 exports.createCommandManager = createCommandManager;
 const core = __importStar(__nccwpck_require__(2186));
 const exec = __importStar(__nccwpck_require__(1514));
 const fs = __importStar(__nccwpck_require__(7147));
@@ -580,6 +496,7 @@ function createCommandManager(workingDirectory, lfs, doSparseCheckout) {
        return yield GitCommandManager.createCommandManager(workingDirectory, lfs, doSparseCheckout);
    });
 }
 exports.createCommandManager = createCommandManager;
 class GitCommandManager {
    // Private constructor; use createCommandManager()
    constructor() {
@@ -791,16 +708,6 @@ class GitCommandManager {
            throw new Error('Unexpected output when retrieving default branch');
        });
    }
    getSubmoduleConfigPaths(recursive) {
        return __awaiter(this, void 0, void 0, function* () {
            // Get submodule config file paths.
            // Use `--show-origin` to get the config file path for each submodule.
            const output = yield this.submoduleForeach(`git config --local --show-origin --name-only --get-regexp remote.origin.url`, recursive);
            // Extract config file paths from the output (lines starting with "file:").
            const configPaths = output.match(/(?<=(^|\n)file:)[^\t]+(?=\tremote\.origin\.url)/g) || [];
            return configPaths;
        });
    }
    getWorkingDirectory() {
        return this.workingDirectory;
    }
@@ -931,20 +838,6 @@ class GitCommandManager {
            return output.exitCode === 0;
        });
    }
    tryConfigUnsetValue(configKey, configValue, globalConfig, configFile) {
        return __awaiter(this, void 0, void 0, function* () {
            const args = ['config'];
            if (configFile) {
                args.push('--file', configFile);
            }
            else {
                args.push(globalConfig ? '--global' : '--local');
            }
            args.push('--unset', configKey, configValue);
            const output = yield this.execGit(args, true);
            return output.exitCode === 0;
        });
    }
    tryDisableAutomaticGarbageCollection() {
        return __awaiter(this, void 0, void 0, function* () {
            const output = yield this.execGit(['config', '--local', 'gc.auto', '0'], true);
@@ -964,46 +857,6 @@ class GitCommandManager {
            return stdout;
        });
    }
    tryGetConfigValues(configKey, globalConfig, configFile) {
        return __awaiter(this, void 0, void 0, function* () {
            const args = ['config'];
            if (configFile) {
                args.push('--file', configFile);
            }
            else {
                args.push(globalConfig ? '--global' : '--local');
            }
            args.push('--get-all', configKey);
            const output = yield this.execGit(args, true);
            if (output.exitCode !== 0) {
                return [];
            }
            return output.stdout
                .trim()
                .split('\n')
                .filter(value => value.trim());
        });
    }
    tryGetConfigKeys(pattern, globalConfig, configFile) {
        return __awaiter(this, void 0, void 0, function* () {
            const args = ['config'];
            if (configFile) {
                args.push('--file', configFile);
            }
            else {
                args.push(globalConfig ? '--global' : '--local');
            }
            args.push('--name-only', '--get-regexp', pattern);
            const output = yield this.execGit(args, true);
            if (output.exitCode !== 0) {
                return [];
            }
            return output.stdout
                .trim()
                .split('\n')
                .filter(key => key.trim());
        });
    }
    tryReset() {
        return __awaiter(this, void 0, void 0, function* () {
            const output = yield this.execGit(['reset', '--hard', 'HEAD'], true);
@@ -1167,7 +1020,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
    });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.prepareExistingDirectory = prepareExistingDirectory;
+exports.prepareExistingDirectory = void 0;
 const assert = __importStar(__nccwpck_require__(9491));
 const core = __importStar(__nccwpck_require__(2186));
 const fs = __importStar(__nccwpck_require__(7147));
@@ -1271,6 +1124,7 @@ function prepareExistingDirectory(git, repositoryPath, repositoryUrl, clean, ref
        }
    });
 }
 exports.prepareExistingDirectory = prepareExistingDirectory;
 /***/ }),
@@ -1313,8 +1167,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
    });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.getSource = getSource;
+exports.cleanup = exports.getSource = void 0;
 exports.cleanup = cleanup;
 const core = __importStar(__nccwpck_require__(2186));
 const fsHelper = __importStar(__nccwpck_require__(7219));
 const gitAuthHelper = __importStar(__nccwpck_require__(2565));
@@ -1502,8 +1355,7 @@ function getSource(settings) {
            // Get commit information
            const commitInfo = yield git.log1();
            // Log commit sha
-            const commitSHA = yield git.log1('--format=%H');
+            yield git.log1("--format='%H'");
            core.setOutput('commit', commitSHA.trim());
            // Check for incorrect pull request merge commit
            yield refHelper.checkCommitInfo(settings.authToken, commitInfo, settings.repositoryOwner, settings.repositoryName, settings.ref, settings.commit, settings.githubServerUrl);
        }
@@ -1520,6 +1372,7 @@ function getSource(settings) {
        }
    });
 }
 exports.getSource = getSource;
 function cleanup(repositoryPath) {
    return __awaiter(this, void 0, void 0, function* () {
        // Repo exists?
@@ -1555,6 +1408,7 @@ function cleanup(repositoryPath) {
        }
    });
 }
 exports.cleanup = cleanup;
 function getGitCommandManager(settings) {
    return __awaiter(this, void 0, void 0, function* () {
        core.info(`Working directory is '${settings.repositoryPath}'`);
@@ -1693,8 +1547,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
    });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.downloadRepository = downloadRepository;
+exports.getDefaultBranch = exports.downloadRepository = void 0;
 exports.getDefaultBranch = getDefaultBranch;
 const assert = __importStar(__nccwpck_require__(9491));
 const core = __importStar(__nccwpck_require__(2186));
 const fs = __importStar(__nccwpck_require__(7147));
@@ -1758,6 +1611,7 @@ function downloadRepository(authToken, owner, repo, ref, commit, repositoryPath,
        yield io.rmRF(extractPath);
    });
 }
 exports.downloadRepository = downloadRepository;
 /**
 * Looks up the default branch name
 */
@@ -1796,6 +1650,7 @@ function getDefaultBranch(authToken, owner, repo, baseUrl) {
        }));
    });
 }
 exports.getDefaultBranch = getDefaultBranch;
 function downloadArchive(authToken, owner, repo, ref, commit, baseUrl) {
    return __awaiter(this, void 0, void 0, function* () {
        const octokit = github.getOctokit(authToken, {
@@ -1854,7 +1709,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
    });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.getInputs = getInputs;
+exports.getInputs = void 0;
 const core = __importStar(__nccwpck_require__(2186));
 const fsHelper = __importStar(__nccwpck_require__(7219));
 const github = __importStar(__nccwpck_require__(5438));
@@ -1983,6 +1838,7 @@ function getInputs() {
        return result;
    });
 }
 exports.getInputs = getInputs;
 /***/ }),
@@ -2041,7 +1897,6 @@ function run() {
                coreCommand.issueCommand('add-matcher', {}, path.join(__dirname, 'problem-matcher.json'));
                // Get sources
                yield gitSourceProvider.getSource(sourceSettings);
                core.setOutput('ref', sourceSettings.ref);
            }
            finally {
                // Unregister problem matcher
@@ -2114,12 +1969,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
    });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.tagsRefSpec = void 0;
+exports.checkCommitInfo = exports.testRef = exports.getRefSpec = exports.getRefSpecForAllHistory = exports.getCheckoutInfo = exports.tagsRefSpec = void 0;
 exports.getCheckoutInfo = getCheckoutInfo;
 exports.getRefSpecForAllHistory = getRefSpecForAllHistory;
 exports.getRefSpec = getRefSpec;
 exports.testRef = testRef;
 exports.checkCommitInfo = checkCommitInfo;
 const core = __importStar(__nccwpck_require__(2186));
 const github = __importStar(__nccwpck_require__(5438));
 const url_helper_1 = __nccwpck_require__(9437);
@@ -2154,8 +2004,8 @@ function getCheckoutInfo(git, ref, commit) {
            result.ref = ref;
        }
        // refs/
-        else if (upperRef.startsWith('REFS/')) {
+        else if (upperRef.startsWith('REFS/') && commit) {
-            result.ref = commit ? commit : ref;
+            result.ref = commit;
        }
        // Unqualified ref, check for a matching branch or tag
        else {
@@ -2173,6 +2023,7 @@ function getCheckoutInfo(git, ref, commit) {
        return result;
    });
 }
 exports.getCheckoutInfo = getCheckoutInfo;
 function getRefSpecForAllHistory(ref, commit) {
    const result = ['+refs/heads/*:refs/remotes/origin/*', exports.tagsRefSpec];
    if (ref && ref.toUpperCase().startsWith('REFS/PULL/')) {
@@ -2181,6 +2032,7 @@ function getRefSpecForAllHistory(ref, commit) {
    }
    return result;
 }
 exports.getRefSpecForAllHistory = getRefSpecForAllHistory;
 function getRefSpec(ref, commit) {
    if (!ref && !commit) {
        throw new Error('Args ref and commit cannot both be empty');
@@ -2229,6 +2081,7 @@ function getRefSpec(ref, commit) {
        return [`+${ref}:${ref}`];
    }
 }
 exports.getRefSpec = getRefSpec;
 /**
 * Tests whether the initial fetch created the ref at the expected commit
 */
@@ -2272,6 +2125,7 @@ function testRef(git, ref, commit) {
        }
    });
 }
 exports.testRef = testRef;
 function checkCommitInfo(token, commitInfo, repositoryOwner, repositoryName, ref, commit, baseUrl) {
    return __awaiter(this, void 0, void 0, function* () {
        var _a;
@@ -2337,6 +2191,7 @@ function checkCommitInfo(token, commitInfo, repositoryOwner, repositoryName, ref
        }
    });
 }
 exports.checkCommitInfo = checkCommitInfo;
 function fromPayload(path) {
    return select(github.context.payload, path);
 }
@@ -2361,12 +2216,13 @@ function select(obj, path) {
 "use strict";
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.escape = escape;
+exports.escape = void 0;
 function escape(value) {
    return value.replace(/[^a-zA-Z0-9_]/g, x => {
        return `\\${x}`;
    });
 }
 exports.escape = escape;
 /***/ }),
@@ -2409,8 +2265,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
    });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.RetryHelper = void 0;
+exports.execute = exports.RetryHelper = void 0;
 exports.execute = execute;
 const core = __importStar(__nccwpck_require__(2186));
 const defaultMaxAttempts = 3;
 const defaultMinSeconds = 10;
@@ -2462,6 +2317,7 @@ function execute(action) {
        return yield retryHelper.execute(action);
    });
 }
 exports.execute = execute;
 /***/ }),
@@ -2495,11 +2351,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.SshKnownHostsPath = exports.SshKeyPath = exports.PostSetSafeDirectory = exports.RepositoryPath = exports.IsPost = void 0;
+exports.setSafeDirectory = exports.setSshKnownHostsPath = exports.setSshKeyPath = exports.setRepositoryPath = exports.SshKnownHostsPath = exports.SshKeyPath = exports.PostSetSafeDirectory = exports.RepositoryPath = exports.IsPost = void 0;
 exports.setRepositoryPath = setRepositoryPath;
 exports.setSshKeyPath = setSshKeyPath;
 exports.setSshKnownHostsPath = setSshKnownHostsPath;
 exports.setSafeDirectory = setSafeDirectory;
 const core = __importStar(__nccwpck_require__(2186));
 /**
 * Indicates whether the POST action is running
@@ -2527,24 +2379,28 @@ exports.SshKnownHostsPath = core.getState('sshKnownHostsPath');
 function setRepositoryPath(repositoryPath) {
    core.saveState('repositoryPath', repositoryPath);
 }
 exports.setRepositoryPath = setRepositoryPath;
 /**
 * Save the SSH key path so the POST action can retrieve the value.
 */
 function setSshKeyPath(sshKeyPath) {
    core.saveState('sshKeyPath', sshKeyPath);
 }
 exports.setSshKeyPath = setSshKeyPath;
 /**
 * Save the SSH known hosts path so the POST action can retrieve the value.
 */
 function setSshKnownHostsPath(sshKnownHostsPath) {
    core.saveState('sshKnownHostsPath', sshKnownHostsPath);
 }
 exports.setSshKnownHostsPath = setSshKnownHostsPath;
 /**
 * Save the set-safe-directory input so the POST action can retrieve the value.
 */
 function setSafeDirectory() {
    core.saveState('setSafeDirectory', 'true');
 }
 exports.setSafeDirectory = setSafeDirectory;
 // Publish a variable so that when the POST action runs, it can determine it should run the cleanup logic.
 // This is necessary since we don't have a separate entry point.
 if (!exports.IsPost) {
@@ -2583,10 +2439,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
    return result;
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.getFetchUrl = getFetchUrl;
+exports.isGhes = exports.getServerApiUrl = exports.getServerUrl = exports.getFetchUrl = void 0;
 exports.getServerUrl = getServerUrl;
 exports.getServerApiUrl = getServerApiUrl;
 exports.isGhes = isGhes;
 const assert = __importStar(__nccwpck_require__(9491));
 const url_1 = __nccwpck_require__(7310);
 function getFetchUrl(settings) {
@@ -2602,52 +2455,28 @@ function getFetchUrl(settings) {
    // "origin" is SCHEME://HOSTNAME[:PORT]
    return `${serviceUrl.origin}/${encodedOwner}/${encodedName}`;
 }
 exports.getFetchUrl = getFetchUrl;
 function getServerUrl(url) {
-    let resolvedUrl = process.env['GITHUB_SERVER_URL'] || 'https://github.com';
+    let urlValue = url && url.trim().length > 0
-    if (hasContent(url, WhitespaceMode.Trim)) {
+        ? url
-        resolvedUrl = url;
+        : process.env['GITHUB_SERVER_URL'] || 'https://github.com';
-    }
+    return new url_1.URL(urlValue);
    return new url_1.URL(resolvedUrl);
 }
 exports.getServerUrl = getServerUrl;
 function getServerApiUrl(url) {
-    if (hasContent(url, WhitespaceMode.Trim)) {
+    let apiUrl = 'https://api.github.com';
        let serverUrl = getServerUrl(url);
    if (isGhes(url)) {
-            serverUrl.pathname = 'api/v3';
+        const serverUrl = getServerUrl(url);
        apiUrl = new url_1.URL(`${serverUrl.origin}/api/v3`).toString();
    }
-        else {
+    return apiUrl;
            serverUrl.hostname = 'api.' + serverUrl.hostname;
        }
        return pruneSuffix(serverUrl.toString(), '/');
    }
    return process.env['GITHUB_API_URL'] || 'https://api.github.com';
 }
 exports.getServerApiUrl = getServerApiUrl;
 function isGhes(url) {
-    const ghUrl = new url_1.URL(url || process.env['GITHUB_SERVER_URL'] || 'https://github.com');
+    const ghUrl = getServerUrl(url);
-    const hostname = ghUrl.hostname.trimEnd().toUpperCase();
+    return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM';
    const isGitHubHost = hostname === 'GITHUB.COM';
    const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM');
    const isLocalHost = hostname.endsWith('.LOCALHOST');
    return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost;
 }
 function pruneSuffix(text, suffix) {
    if (hasContent(suffix, WhitespaceMode.Preserve) && (text === null || text === void 0 ? void 0 : text.endsWith(suffix))) {
        return text.substring(0, text.length - suffix.length);
    }
    return text;
 }
 var WhitespaceMode;
 (function (WhitespaceMode) {
    WhitespaceMode[WhitespaceMode["Trim"] = 0] = "Trim";
    WhitespaceMode[WhitespaceMode["Preserve"] = 1] = "Preserve";
 })(WhitespaceMode || (WhitespaceMode = {}));
 function hasContent(text, whitespaceMode) {
    let refinedText = text !== null && text !== void 0 ? text : '';
    if (whitespaceMode == WhitespaceMode.Trim) {
        refinedText = refinedText.trim();
    }
    return refinedText.length > 0;
 }
 exports.isGhes = isGhes;
 /***/ }),
@@ -2690,7 +2519,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
    });
 };
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.getOrganizationId = getOrganizationId;
+exports.getOrganizationId = void 0;
 const core = __importStar(__nccwpck_require__(2186));
 const fs = __importStar(__nccwpck_require__(7147));
 /**
@@ -2719,6 +2548,7 @@ function getOrganizationId() {
        }
    });
 }
 exports.getOrganizationId = getOrganizationId;
 /***/ }),
@@ -7951,7 +7781,7 @@ module.exports = __toCommonJS(dist_src_exports);
 var import_universal_user_agent = __nccwpck_require__(5030);
 // pkg/dist-src/version.js
-var VERSION = "9.0.6";
+var VERSION = "9.0.5";
 // pkg/dist-src/defaults.js
 var userAgent = `octokit-endpoint.js/${VERSION} ${(0, import_universal_user_agent.getUserAgent)()}`;
@@ -8056,9 +7886,9 @@ function addQueryParameters(url, parameters) {
 }
 // pkg/dist-src/util/extract-url-variable-names.js
-var urlVariableRegex = /\{[^{}}]+\}/g;
+var urlVariableRegex = /\{[^}]+\}/g;
 function removeNonChars(variableName) {
-  return variableName.replace(/(?:^\W+)|(?:(?<!\W)\W+$)/g, "").split(/,/);
+  return variableName.replace(/^\W+|\W+$/g, "").split(/,/);
 }
 function extractUrlVariableNames(url) {
  const matches = url.match(urlVariableRegex);
@@ -8244,7 +8074,7 @@ function parse(options) {
    }
    if (url.endsWith("/graphql")) {
      if (options.mediaType.previews?.length) {
-        const previewsFromAcceptHeader = headers.accept.match(/(?<![\w-])[\w-]+(?=-preview)/g) || [];
+        const previewsFromAcceptHeader = headers.accept.match(/[\w-]+(?=-preview)/g) || [];
        headers.accept = previewsFromAcceptHeader.concat(options.mediaType.previews).map((preview) => {
          const format = options.mediaType.format ? `.${options.mediaType.format}` : "+json";
          return `application/vnd.github.${preview}-preview${format}`;
@@ -8493,7 +8323,7 @@ __export(dist_src_exports, {
 module.exports = __toCommonJS(dist_src_exports);
 // pkg/dist-src/version.js
-var VERSION = "9.2.2";
+var VERSION = "9.2.1";
 // pkg/dist-src/normalize-paginated-list-response.js
 function normalizePaginatedListResponse(response) {
@@ -8541,7 +8371,7 @@ function iterator(octokit, route, parameters) {
          const response = await requestMethod({ method, url, headers });
          const normalizedResponse = normalizePaginatedListResponse(response);
          url = ((normalizedResponse.headers.link || "").match(
-            /<([^<>]+)>;\s*rel="next"/
+            /<([^>]+)>;\s*rel="next"/
          ) || [])[1];
          return { value: normalizedResponse };
        } catch (error) {
@@ -11093,7 +10923,7 @@ var RequestError = class extends Error {
    if (options.request.headers.authorization) {
      requestCopy.headers = Object.assign({}, options.request.headers, {
        authorization: options.request.headers.authorization.replace(
-          /(?<! ) .*$/,
+          / .*$/,
          " [REDACTED]"
        )
      });
@@ -11161,7 +10991,7 @@ var import_endpoint = __nccwpck_require__(9440);
 var import_universal_user_agent = __nccwpck_require__(5030);
 // pkg/dist-src/version.js
-var VERSION = "8.4.1";
+var VERSION = "8.4.0";
 // pkg/dist-src/is-plain-object.js
 function isPlainObject(value) {
@@ -11220,7 +11050,7 @@ function fetchWrapper(requestOptions) {
      headers[keyAndValue[0]] = keyAndValue[1];
    }
    if ("deprecation" in headers) {
-      const matches = headers.link && headers.link.match(/<([^<>]+)>; rel="deprecation"/);
+      const matches = headers.link && headers.link.match(/<([^>]+)>; rel="deprecation"/);
      const deprecationLink = matches && matches.pop();
      log.warn(
        `[@octokit/request] "${requestOptions.method} ${requestOptions.url}" is deprecated. It is scheduled to be removed on ${headers.sunset}${deprecationLink ? `. See ${deprecationLink}` : ""}`
@@ -18874,7 +18704,7 @@ module.exports = {
 const { parseSetCookie } = __nccwpck_require__(4408)
-const { stringify } = __nccwpck_require__(3121)
+const { stringify, getHeadersList } = __nccwpck_require__(3121)
 const { webidl } = __nccwpck_require__(1744)
 const { Headers } = __nccwpck_require__(554)
@@ -18950,13 +18780,14 @@ function getSetCookies (headers) {
  webidl.brandCheck(headers, Headers, { strict: false })
-  const cookies = headers.getSetCookie()
+  const cookies = getHeadersList(headers).cookies
  if (!cookies) {
    return []
  }
-  return cookies.map((pair) => parseSetCookie(pair))
+  // In older versions of undici, cookies is a list of name:value.
  return cookies.map((pair) => parseSetCookie(Array.isArray(pair) ? pair[1] : pair))
 }
 /**
@@ -19384,15 +19215,14 @@ module.exports = {
 /***/ }),
 /***/ 3121:
-/***/ ((module) => {
+/***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 "use strict";
-/**
+const assert = __nccwpck_require__(9491)
- * @param {string} value
+const { kHeadersList } = __nccwpck_require__(2785)
- * @returns {boolean}
+
 */
 function isCTLExcludingHtab (value) {
  if (value.length === 0) {
    return false
@@ -19653,13 +19483,31 @@ function stringify (cookie) {
  return out.join('; ')
 }
 let kHeadersListNode
 function getHeadersList (headers) {
  if (headers[kHeadersList]) {
    return headers[kHeadersList]
  }
  if (!kHeadersListNode) {
    kHeadersListNode = Object.getOwnPropertySymbols(headers).find(
      (symbol) => symbol.description === 'headers list'
    )
    assert(kHeadersListNode, 'Headers cannot be parsed')
  }
  const headersList = headers[kHeadersListNode]
  assert(headersList)
  return headersList
 }
 module.exports = {
  isCTLExcludingHtab,
-  validateCookieName,
+  stringify,
-  validateCookiePath,
+  getHeadersList
  validateCookieValue,
  toIMFDate,
  stringify
 }
@@ -21588,14 +21436,6 @@ const { isUint8Array, isArrayBuffer } = __nccwpck_require__(9830)
 const { File: UndiciFile } = __nccwpck_require__(8511)
 const { parseMIMEType, serializeAMimeType } = __nccwpck_require__(685)
 let random
 try {
  const crypto = __nccwpck_require__(6005)
  random = (max) => crypto.randomInt(0, max)
 } catch {
  random = (max) => Math.floor(Math.random(max))
 }
 let ReadableStream = globalThis.ReadableStream
 /** @type {globalThis['File']} */
@@ -21681,7 +21521,7 @@ function extractBody (object, keepalive = false) {
    // Set source to a copy of the bytes held by object.
    source = new Uint8Array(object.buffer.slice(object.byteOffset, object.byteOffset + object.byteLength))
  } else if (util.isFormDataLike(object)) {
-    const boundary = `----formdata-undici-0${`${random(1e11)}`.padStart(11, '0')}`
+    const boundary = `----formdata-undici-0${`${Math.floor(Math.random() * 1e11)}`.padStart(11, '0')}`
    const prefix = `--${boundary}\r\nContent-Disposition: form-data`
    /*! formdata-polyfill. MIT License. Jimmy Wärting <https://jimmy.warting.se/opensource> */
@@ -23663,7 +23503,6 @@ const {
  isValidHeaderName,
  isValidHeaderValue
 } = __nccwpck_require__(2538)
 const util = __nccwpck_require__(3837)
 const { webidl } = __nccwpck_require__(1744)
 const assert = __nccwpck_require__(9491)
@@ -24217,9 +24056,6 @@ Object.defineProperties(Headers.prototype, {
  [Symbol.toStringTag]: {
    value: 'Headers',
    configurable: true
  },
  [util.inspect.custom]: {
    enumerable: false
  }
 })
@@ -33396,20 +33232,6 @@ class Pool extends PoolBase {
      ? { ...options.interceptors }
      : undefined
    this[kFactory] = factory
    this.on('connectionError', (origin, targets, error) => {
      // If a connection error occurs, we remove the client from the pool,
      // and emit a connectionError event. They will not be re-used.
      // Fixes https://github.com/nodejs/undici/issues/3895
      for (const target of targets) {
        // Do not use kRemoveClient here, as it will close the client,
        // but the client cannot be closed in this state.
        const idx = this[kClients].indexOf(target)
        if (idx !== -1) {
          this[kClients].splice(idx, 1)
        }
      }
    })
  }
  [kGetDispatcher] () {
@@ -36565,14 +36387,6 @@ module.exports = require("net");
 /***/ }),
 /***/ 6005:
 /***/ ((module) => {
 "use strict";
 module.exports = require("node:crypto");
 /***/ }),
 /***/ 5673:
 /***/ ((module) => {
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
  "name": "checkout",
-  "version": "5.0.0",
+  "version": "4.1.7",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "checkout",
-      "version": "5.0.0",
+      "version": "4.1.7",
      "license": "MIT",
      "dependencies": {
        "@actions/core": "^1.10.1",
@@ -18,20 +18,20 @@
      },
      "devDependencies": {
        "@types/jest": "^29.5.12",
-        "@types/node": "^24.1.0",
+        "@types/node": "^20.12.12",
        "@types/uuid": "^9.0.8",
        "@typescript-eslint/eslint-plugin": "^7.9.0",
        "@typescript-eslint/parser": "^7.9.0",
        "@vercel/ncc": "^0.38.1",
        "eslint": "^8.57.0",
        "eslint-plugin-github": "^4.10.2",
-        "eslint-plugin-jest": "^28.8.2",
+        "eslint-plugin-jest": "^28.5.0",
        "jest": "^29.7.0",
        "jest-circus": "^29.7.0",
        "js-yaml": "^4.1.0",
-        "prettier": "^3.3.3",
+        "prettier": "^3.2.5",
-        "ts-jest": "^29.2.5",
+        "ts-jest": "^29.1.2",
-        "typescript": "^5.5.4"
+        "typescript": "^5.4.5"
      }
    },
    "node_modules/@aashutoshrathi/word-wrap": {
@@ -129,15 +129,13 @@
      }
    },
    "node_modules/@babel/code-frame": {
-      "version": "7.27.1",
+      "version": "7.24.2",
-      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz",
+      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz",
-      "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==",
+      "integrity": "sha512-y5+tLQyV8pg3fsiln67BVLD1P13Eg4lh5RW9mF0zUuvLrv9uIQ4MCL+CRT+FTsBlBjcIan6PGsLcBN0m3ClUyQ==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@babel/helper-validator-identifier": "^7.27.1",
+        "@babel/highlight": "^7.24.2",
-        "js-tokens": "^4.0.0",
+        "picocolors": "^1.0.0"
        "picocolors": "^1.1.1"
      },
      "engines": {
        "node": ">=6.9.0"
@@ -312,21 +310,19 @@
      }
    },
    "node_modules/@babel/helper-string-parser": {
-      "version": "7.27.1",
+      "version": "7.24.1",
-      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.27.1.tgz",
+      "resolved": "https://registry.npmjs.org/@babel/helper-string-parser/-/helper-string-parser-7.24.1.tgz",
-      "integrity": "sha512-qMlSxKbpRlAridDExk92nSobyDdpPijUq2DW6oDnUqd0iOGxmQjyqhMIihI9+zv4LPyZdRje2cavWPbCbWm3eA==",
+      "integrity": "sha512-2ofRCjnnA9y+wk8b9IAREroeUP02KHp431N2mhKniy2yKIDKpbrHv9eXwm8cBeWQYcJmzv5qKCu65P47eCF7CQ==",
      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">=6.9.0"
      }
    },
    "node_modules/@babel/helper-validator-identifier": {
-      "version": "7.27.1",
+      "version": "7.22.20",
-      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz",
+      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.22.20.tgz",
-      "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==",
+      "integrity": "sha512-Y4OZ+ytlatR8AI+8KZfKuL5urKp7qey08ha31L8b3BwewJAoJamTzyvxPR/5D+KkdJCGPq/+8TukHBlY10FX9A==",
      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">=6.9.0"
      }
@@ -341,28 +337,110 @@
      }
    },
    "node_modules/@babel/helpers": {
-      "version": "7.28.2",
+      "version": "7.24.4",
-      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.28.2.tgz",
+      "resolved": "https://registry.npmjs.org/@babel/helpers/-/helpers-7.24.4.tgz",
-      "integrity": "sha512-/V9771t+EgXz62aCcyofnQhGM8DQACbRhvzKFsXKC9QM+5MadF8ZmIm0crDMaz3+o0h0zXfJnd4EhbYbxsrcFw==",
+      "integrity": "sha512-FewdlZbSiwaVGlgT1DPANDuCHaDMiOo+D/IDYRFYjHOuv66xMSJ7fQwwODwRNAPkADIO/z1EoF/l2BCWlWABDw==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@babel/template": "^7.27.2",
+        "@babel/template": "^7.24.0",
-        "@babel/types": "^7.28.2"
+        "@babel/traverse": "^7.24.1",
        "@babel/types": "^7.24.0"
      },
      "engines": {
        "node": ">=6.9.0"
      }
    },
-    "node_modules/@babel/parser": {
+    "node_modules/@babel/highlight": {
-      "version": "7.28.0",
+      "version": "7.24.2",
-      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.28.0.tgz",
+      "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.24.2.tgz",
-      "integrity": "sha512-jVZGvOxOuNSsuQuLRTh13nU0AogFlw32w/MT+LV6D3sP5WdbW61E77RnkbaO2dUvmPAYrBDJXGn5gGS6tH4j8g==",
+      "integrity": "sha512-Yac1ao4flkTxTteCDZLEvdxg2fZfz1v8M4QpaGypq/WPDqg3ijHYbDfs+LG5hvzSoqaSZ9/Z9lKSP3CjZjv+pA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@babel/types": "^7.28.0"
+        "@babel/helper-validator-identifier": "^7.22.20",
        "chalk": "^2.4.2",
        "js-tokens": "^4.0.0",
        "picocolors": "^1.0.0"
      },
      "engines": {
        "node": ">=6.9.0"
      }
    },
    "node_modules/@babel/highlight/node_modules/ansi-styles": {
      "version": "3.2.1",
      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
      "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
      "dev": true,
      "dependencies": {
        "color-convert": "^1.9.0"
      },
      "engines": {
        "node": ">=4"
      }
    },
    "node_modules/@babel/highlight/node_modules/chalk": {
      "version": "2.4.2",
      "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
      "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
      "dev": true,
      "dependencies": {
        "ansi-styles": "^3.2.1",
        "escape-string-regexp": "^1.0.5",
        "supports-color": "^5.3.0"
      },
      "engines": {
        "node": ">=4"
      }
    },
    "node_modules/@babel/highlight/node_modules/color-convert": {
      "version": "1.9.3",
      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
      "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
      "dev": true,
      "dependencies": {
        "color-name": "1.1.3"
      }
    },
    "node_modules/@babel/highlight/node_modules/color-name": {
      "version": "1.1.3",
      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
      "integrity": "sha512-72fSenhMw2HZMTVHeCA9KCmpEIbzWiQsjN+BHcBbS9vr1mtt+vJjPdksIBNUmKAW8TFUDPJK5SUU3QhE9NEXDw==",
      "dev": true
    },
    "node_modules/@babel/highlight/node_modules/escape-string-regexp": {
      "version": "1.0.5",
      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
      "integrity": "sha512-vbRorB5FUQWvla16U8R/qgaFIya2qGzwDrNmCZuYKrbdSUMG6I1ZCGQRefkRVhuOkIGVne7BQ35DSfo1qvJqFg==",
      "dev": true,
      "engines": {
        "node": ">=0.8.0"
      }
    },
    "node_modules/@babel/highlight/node_modules/has-flag": {
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
      "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==",
      "dev": true,
      "engines": {
        "node": ">=4"
      }
    },
    "node_modules/@babel/highlight/node_modules/supports-color": {
      "version": "5.5.0",
      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
      "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
      "dev": true,
      "dependencies": {
        "has-flag": "^3.0.0"
      },
      "engines": {
        "node": ">=4"
      }
    },
    "node_modules/@babel/parser": {
      "version": "7.24.4",
      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.4.tgz",
      "integrity": "sha512-zTvEBcghmeBma9QIGunWevvBAp4/Qu9Bdq+2k0Ot4fVMD6v3dsC9WOcRSKk7tRRyBM/53yKMJko9xOatGQAwSg==",
      "dev": true,
      "bin": {
        "parser": "bin/babel-parser.js"
      },
@@ -548,25 +626,26 @@
      }
    },
    "node_modules/@babel/runtime": {
-      "version": "7.28.2",
+      "version": "7.24.4",
-      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.28.2.tgz",
+      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.24.4.tgz",
-      "integrity": "sha512-KHp2IflsnGywDjBWDkR9iEqiWSpc8GIi0lgTT3mOElT0PP1tG26P4tmFI2YvAdzgq9RGyoHZQEIEdZy6Ec5xCA==",
+      "integrity": "sha512-dkxf7+hn8mFBwKjs9bvBlArzLVxVbS8usaPUDd5p2a9JCL9tB8OaOVN1isD4+Xyk4ns89/xeOmbQvgdK7IIVdA==",
      "dev": true,
-      "license": "MIT",
+      "dependencies": {
        "regenerator-runtime": "^0.14.0"
      },
      "engines": {
        "node": ">=6.9.0"
      }
    },
    "node_modules/@babel/template": {
-      "version": "7.27.2",
+      "version": "7.24.0",
-      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.27.2.tgz",
+      "resolved": "https://registry.npmjs.org/@babel/template/-/template-7.24.0.tgz",
-      "integrity": "sha512-LPDZ85aEJyYSd18/DkjNh4/y1ntkE5KwUHWTiqgRxruuZL2F1yuHligVHLvcHY2vMHXttKFpJn6LwfI7cw7ODw==",
+      "integrity": "sha512-Bkf2q8lMB0AFpX0NFEqSbx1OkTHf0f+0j82mkw+ZpzBnkk7e9Ql0891vlfgi+kHwOk8tQjiQHpqh4LaSa0fKEA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@babel/code-frame": "^7.27.1",
+        "@babel/code-frame": "^7.23.5",
-        "@babel/parser": "^7.27.2",
+        "@babel/parser": "^7.24.0",
-        "@babel/types": "^7.27.1"
+        "@babel/types": "^7.24.0"
      },
      "engines": {
        "node": ">=6.9.0"
@@ -603,14 +682,14 @@
      }
    },
    "node_modules/@babel/types": {
-      "version": "7.28.2",
+      "version": "7.24.0",
-      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.28.2.tgz",
+      "resolved": "https://registry.npmjs.org/@babel/types/-/types-7.24.0.tgz",
-      "integrity": "sha512-ruv7Ae4J5dUYULmeXw1gmb7rYRz57OWCPM57pHojnLq/3Z1CK2lNSLTCVjxVk1F/TZHwOZZrOWi0ur95BbLxNQ==",
+      "integrity": "sha512-+j7a5c253RfKh8iABBhywc8NSfP5LURe7Uh4qpsh6jc+aLJguvmIUBdjSdEMQv2bENrCR5MfRdjGo7vzS/ob7w==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "@babel/helper-string-parser": "^7.27.1",
+        "@babel/helper-string-parser": "^7.23.4",
-        "@babel/helper-validator-identifier": "^7.27.1"
+        "@babel/helper-validator-identifier": "^7.22.20",
        "to-fast-properties": "^2.0.0"
      },
      "engines": {
        "node": ">=6.9.0"
@@ -670,11 +749,10 @@
      }
    },
    "node_modules/@eslint/eslintrc/node_modules/brace-expansion": {
-      "version": "1.1.12",
+      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "balanced-match": "^1.0.0",
        "concat-map": "0.0.1"
@@ -730,11 +808,10 @@
      }
    },
    "node_modules/@humanwhocodes/config-array/node_modules/brace-expansion": {
-      "version": "1.1.12",
+      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "balanced-match": "^1.0.0",
        "concat-map": "0.0.1"
@@ -1266,10 +1343,9 @@
      }
    },
    "node_modules/@octokit/endpoint": {
-      "version": "9.0.6",
+      "version": "9.0.5",
-      "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-9.0.6.tgz",
+      "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-9.0.5.tgz",
-      "integrity": "sha512-H1fNTMA57HbkFESSt3Y9+FBICv+0jFceJFPWDePYlR/iMGrwM5ph+Dd4XRQs+8X+PUFURLQgX9ChPfhJ/1uNQw==",
+      "integrity": "sha512-ekqR4/+PCLkEBF6qgj8WqJfvDq65RH85OAgrtnVp1mSxaXF03u2xW/hUdweGS5654IlC0wkNYC18Z50tSYTAFw==",
      "license": "MIT",
      "dependencies": {
        "@octokit/types": "^13.1.0",
        "universal-user-agent": "^6.0.0"
@@ -1297,10 +1373,9 @@
      "integrity": "sha512-pGUdSP+eEPfZiQHNkZI0U01HLipxncisdJQB4G//OAmfeO8sqTQ9KRa0KF03TUPCziNsoXUrTg4B2Q1EX++T0Q=="
    },
    "node_modules/@octokit/plugin-paginate-rest": {
-      "version": "9.2.2",
+      "version": "9.2.1",
-      "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-9.2.2.tgz",
+      "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-9.2.1.tgz",
-      "integrity": "sha512-u3KYkGF7GcZnSD/3UP0S7K5XUFT2FkOQdcfXZGZQPGv3lm4F2Xbf71lvjldr8c1H3nNbF+33cLEkWYbokGWqiQ==",
+      "integrity": "sha512-wfGhE/TAkXZRLjksFXuDZdmGnJQHvtU/joFQdweXUgzo1XwvBCD4o4+75NtFfjfLK5IwLf9vHTfSiU3sLRYpRw==",
      "license": "MIT",
      "dependencies": {
        "@octokit/types": "^12.6.0"
      },
@@ -1352,13 +1427,12 @@
      }
    },
    "node_modules/@octokit/request": {
-      "version": "8.4.1",
+      "version": "8.4.0",
-      "resolved": "https://registry.npmjs.org/@octokit/request/-/request-8.4.1.tgz",
+      "resolved": "https://registry.npmjs.org/@octokit/request/-/request-8.4.0.tgz",
-      "integrity": "sha512-qnB2+SY3hkCmBxZsR/MPCybNmbJe4KAlfWErXq+rBKkQJlbjdJeS85VI9r8UqeLYLvnAenU8Q1okM/0MBsAGXw==",
+      "integrity": "sha512-9Bb014e+m2TgBeEJGEbdplMVWwPmL1FPtggHQRkV+WVsMggPtEkLKPlcVYm/o8xKLkpJ7B+6N8WfQMtDLX2Dpw==",
      "license": "MIT",
      "dependencies": {
-        "@octokit/endpoint": "^9.0.6",
+        "@octokit/endpoint": "^9.0.1",
-        "@octokit/request-error": "^5.1.1",
+        "@octokit/request-error": "^5.1.0",
        "@octokit/types": "^13.1.0",
        "universal-user-agent": "^6.0.0"
      },
@@ -1367,10 +1441,9 @@
      }
    },
    "node_modules/@octokit/request-error": {
-      "version": "5.1.1",
+      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-5.1.1.tgz",
+      "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-5.1.0.tgz",
-      "integrity": "sha512-v9iyEQJH6ZntoENr9/yXxjuezh4My67CBSu9r6Ve/05Iu5gNgnisNWOsoJHTP6k0Rr0+HQIpnH+kyammu90q/g==",
+      "integrity": "sha512-GETXfE05J0+7H2STzekpKObFe765O5dlAKUTLNGeH+x47z7JjXHfsHKo5z21D/o/IOZTUEI6nyWyR+bZVP/n5Q==",
      "license": "MIT",
      "dependencies": {
        "@octokit/types": "^13.1.0",
        "deprecation": "^2.0.0",
@@ -1515,12 +1588,12 @@
      "dev": true
    },
    "node_modules/@types/node": {
-      "version": "24.1.0",
+      "version": "20.12.12",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.1.0.tgz",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.12.12.tgz",
-      "integrity": "sha512-ut5FthK5moxFKH2T1CUOC6ctR67rQRvvHdFLCD2Ql6KXmMuCrjsSsRI9UsLCm9M18BMwClv4pn327UvB7eeO1w==",
+      "integrity": "sha512-eWLDGF/FOSPtAvEqeRAQ4C8LSA7M1I7i0ky1I8U7kD1J5ITyW3AsRhQrKVoWf5pFKZ2kILsEGJhsI9r93PYnOw==",
      "dev": true,
      "dependencies": {
-        "undici-types": "~7.8.0"
+        "undici-types": "~5.26.4"
      }
    },
    "node_modules/@types/stack-utils": {
@@ -2007,12 +2080,6 @@
      "integrity": "sha512-OH/2E5Fg20h2aPrbe+QL8JZQFko0YZaF+j4mnQ7BGhfavO7OpSLa8a0y9sBwomHdSbkhTS8TQNayBfnW5DwbvQ==",
      "dev": true
    },
    "node_modules/async": {
      "version": "3.2.6",
      "resolved": "https://registry.npmjs.org/async/-/async-3.2.6.tgz",
      "integrity": "sha512-htCUDlxyyCLMgaM3xXg0C0LW2xqfuQ6p05pCEIsXuyQ+a1koYKTuBMzRNwmybfLgvJDMd0r1LTn4+E0Ti6C2AA==",
      "dev": true
    },
    "node_modules/available-typed-arrays": {
      "version": "1.0.7",
      "resolved": "https://registry.npmjs.org/available-typed-arrays/-/available-typed-arrays-1.0.7.tgz",
@@ -2165,22 +2232,21 @@
      "integrity": "sha512-NzUnlZexiaH/46WDhANlyR2bXRopNg4F/zuSA3OpZnllCUgRaOF2znDioDWrmbNVsuZk6l9pMquQB38cfBZwkQ=="
    },
    "node_modules/brace-expansion": {
-      "version": "2.0.2",
+      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-      "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
+      "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "balanced-match": "^1.0.0"
      }
    },
    "node_modules/braces": {
-      "version": "3.0.3",
+      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
-      "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
+      "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
      "dev": true,
      "dependencies": {
-        "fill-range": "^7.1.1"
+        "fill-range": "^7.0.1"
      },
      "engines": {
        "node": ">=8"
@@ -2430,11 +2496,10 @@
      }
    },
    "node_modules/cross-spawn": {
-      "version": "7.0.6",
+      "version": "7.0.3",
-      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz",
+      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
-      "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==",
+      "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "path-key": "^3.1.0",
        "shebang-command": "^2.0.0",
@@ -2637,21 +2702,6 @@
        "node": ">=6.0.0"
      }
    },
    "node_modules/ejs": {
      "version": "3.1.10",
      "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.10.tgz",
      "integrity": "sha512-UeJmFfOrAQS8OJWPZ4qtgHyWExa088/MtK5UEyoJGFH67cDEXkZSviOiKRCZ4Xij0zxI3JECgYs3oKx+AizQBA==",
      "dev": true,
      "dependencies": {
        "jake": "^10.8.5"
      },
      "bin": {
        "ejs": "bin/cli.js"
      },
      "engines": {
        "node": ">=0.10.0"
      }
    },
    "node_modules/electron-to-chromium": {
      "version": "1.4.747",
      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.747.tgz",
@@ -3104,11 +3154,10 @@
      }
    },
    "node_modules/eslint-plugin-import/node_modules/brace-expansion": {
-      "version": "1.1.12",
+      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "balanced-match": "^1.0.0",
        "concat-map": "0.0.1"
@@ -3148,18 +3197,18 @@
      }
    },
    "node_modules/eslint-plugin-jest": {
-      "version": "28.8.2",
+      "version": "28.5.0",
-      "resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.8.2.tgz",
+      "resolved": "https://registry.npmjs.org/eslint-plugin-jest/-/eslint-plugin-jest-28.5.0.tgz",
-      "integrity": "sha512-mC3OyklHmS5i7wYU1rGId9EnxRI8TVlnFG56AE+8U9iRy6zwaNygZR+DsdZuCL0gRG0wVeyzq+uWcPt6yJrrMA==",
+      "integrity": "sha512-6np6DGdmNq/eBbA7HOUNV8fkfL86PYwBfwyb8n23FXgJNTR8+ot3smRHjza9LGsBBZRypK3qyF79vMjohIL8eQ==",
      "dev": true,
      "dependencies": {
-        "@typescript-eslint/utils": "^6.0.0 || ^7.0.0 || ^8.0.0"
+        "@typescript-eslint/utils": "^6.0.0 || ^7.0.0"
      },
      "engines": {
        "node": "^16.10.0 || ^18.12.0 || >=20.0.0"
      },
      "peerDependencies": {
-        "@typescript-eslint/eslint-plugin": "^6.0.0 || ^7.0.0 || ^8.0.0",
+        "@typescript-eslint/eslint-plugin": "^6.0.0 || ^7.0.0",
        "eslint": "^7.0.0 || ^8.0.0 || ^9.0.0",
        "jest": "*"
      },
@@ -3203,11 +3252,10 @@
      }
    },
    "node_modules/eslint-plugin-jsx-a11y/node_modules/brace-expansion": {
-      "version": "1.1.12",
+      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "balanced-match": "^1.0.0",
        "concat-map": "0.0.1"
@@ -3302,11 +3350,10 @@
      }
    },
    "node_modules/eslint/node_modules/brace-expansion": {
-      "version": "1.1.12",
+      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "balanced-match": "^1.0.0",
        "concat-map": "0.0.1"
@@ -3526,31 +3573,10 @@
        "node": "^10.12.0 || >=12.0.0"
      }
    },
    "node_modules/filelist": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz",
      "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==",
      "dev": true,
      "dependencies": {
        "minimatch": "^5.0.1"
      }
    },
    "node_modules/filelist/node_modules/minimatch": {
      "version": "5.1.6",
      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
      "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
      "dev": true,
      "dependencies": {
        "brace-expansion": "^2.0.1"
      },
      "engines": {
        "node": ">=10"
      }
    },
    "node_modules/fill-range": {
-      "version": "7.1.1",
+      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
+      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
-      "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
+      "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
      "dev": true,
      "dependencies": {
        "to-regex-range": "^5.0.1"
@@ -3768,11 +3794,10 @@
      }
    },
    "node_modules/glob/node_modules/brace-expansion": {
-      "version": "1.1.12",
+      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "balanced-match": "^1.0.0",
        "concat-map": "0.0.1"
@@ -4549,47 +4574,6 @@
        "set-function-name": "^2.0.1"
      }
    },
    "node_modules/jake": {
      "version": "10.9.2",
      "resolved": "https://registry.npmjs.org/jake/-/jake-10.9.2.tgz",
      "integrity": "sha512-2P4SQ0HrLQ+fw6llpLnOaGAvN2Zu6778SJMrCUwns4fOoG9ayrTiZk3VV8sCPkVZF8ab0zksVpS8FDY5pRCNBA==",
      "dev": true,
      "dependencies": {
        "async": "^3.2.3",
        "chalk": "^4.0.2",
        "filelist": "^1.0.4",
        "minimatch": "^3.1.2"
      },
      "bin": {
        "jake": "bin/cli.js"
      },
      "engines": {
        "node": ">=10"
      }
    },
    "node_modules/jake/node_modules/brace-expansion": {
      "version": "1.1.12",
      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "balanced-match": "^1.0.0",
        "concat-map": "0.0.1"
      }
    },
    "node_modules/jake/node_modules/minimatch": {
      "version": "3.1.2",
      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
      "dev": true,
      "dependencies": {
        "brace-expansion": "^1.1.7"
      },
      "engines": {
        "node": "*"
      }
    },
    "node_modules/jest": {
      "version": "29.7.0",
      "resolved": "https://registry.npmjs.org/jest/-/jest-29.7.0.tgz",
@@ -5182,8 +5166,7 @@
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
      "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==",
-      "dev": true,
+      "dev": true
      "license": "MIT"
    },
    "node_modules/js-yaml": {
      "version": "4.1.0",
@@ -5463,13 +5446,12 @@
      }
    },
    "node_modules/micromatch": {
-      "version": "4.0.8",
+      "version": "4.0.5",
-      "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz",
+      "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.5.tgz",
-      "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==",
+      "integrity": "sha512-DMy+ERcEW2q8Z2Po+WNXuw3c5YaUSFjAO5GsJqfEl7UjvtIuFKO6ZrKvcItdy98dwFI2N1tg3zNIdKaQT+aNdA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
-        "braces": "^3.0.3",
+        "braces": "^3.0.2",
        "picomatch": "^2.3.1"
      },
      "engines": {
@@ -5805,11 +5787,10 @@
      }
    },
    "node_modules/picocolors": {
-      "version": "1.1.1",
+      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz",
+      "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz",
-      "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==",
+      "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ==",
-      "dev": true,
+      "dev": true
      "license": "ISC"
    },
    "node_modules/picomatch": {
      "version": "2.3.1",
@@ -5915,9 +5896,9 @@
      }
    },
    "node_modules/prettier": {
-      "version": "3.3.3",
+      "version": "3.2.5",
-      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.3.3.tgz",
+      "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.2.5.tgz",
-      "integrity": "sha512-i2tDNA0O5IrMO757lfrdQZCc2jPNDVntV0m/+4whiDfWaTKfMNgR7Qz0NAeGz/nRqF4m5/6CLzbP4/liHt12Ew==",
+      "integrity": "sha512-3/GWa9aOC0YeD7LUfvOG2NiDyhOWRvt1k+rcKhOuYnMY24iiCphgneUfJDyFXd6rZCAnuLBv6UeAULtrhT/F4A==",
      "dev": true,
      "bin": {
        "prettier": "bin/prettier.cjs"
@@ -6052,6 +6033,12 @@
        "url": "https://github.com/sponsors/ljharb"
      }
    },
    "node_modules/regenerator-runtime": {
      "version": "0.14.1",
      "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.14.1.tgz",
      "integrity": "sha512-dYnhHh0nJoMfnkZs6GmmhFknAGRrLznOu5nc9ML+EJxGvrx6H7teuevqVqCuPcPK//3eDrrjQhehXVx9cnkGdw==",
      "dev": true
    },
    "node_modules/regexp.prototype.flags": {
      "version": "1.5.2",
      "resolved": "https://registry.npmjs.org/regexp.prototype.flags/-/regexp.prototype.flags-1.5.2.tgz",
@@ -6553,11 +6540,10 @@
      }
    },
    "node_modules/test-exclude/node_modules/brace-expansion": {
-      "version": "1.1.12",
+      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
+      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
      "dev": true,
      "license": "MIT",
      "dependencies": {
        "balanced-match": "^1.0.0",
        "concat-map": "0.0.1"
@@ -6587,6 +6573,15 @@
      "integrity": "sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==",
      "dev": true
    },
    "node_modules/to-fast-properties": {
      "version": "2.0.0",
      "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-2.0.0.tgz",
      "integrity": "sha512-/OaKK0xYrs3DmxRYqL/yDc+FxFUVYhDlXMhRmv3z915w2HF1tnN1omB354j8VUGO/hbRzyD6Y3sA7v7GS/ceog==",
      "dev": true,
      "engines": {
        "node": ">=4"
      }
    },
    "node_modules/to-regex-range": {
      "version": "5.0.1",
      "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
@@ -6612,30 +6607,28 @@
      }
    },
    "node_modules/ts-jest": {
-      "version": "29.2.5",
+      "version": "29.1.2",
-      "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.2.5.tgz",
+      "resolved": "https://registry.npmjs.org/ts-jest/-/ts-jest-29.1.2.tgz",
-      "integrity": "sha512-KD8zB2aAZrcKIdGk4OwpJggeLcH1FgrICqDSROWqlnJXGCXK4Mn6FcdK2B6670Xr73lHMG1kHw8R87A0ecZ+vA==",
+      "integrity": "sha512-br6GJoH/WUX4pu7FbZXuWGKGNDuU7b8Uj77g/Sp7puZV6EXzuByl6JrECvm0MzVzSTkSHWTihsXt+5XYER5b+g==",
      "dev": true,
      "dependencies": {
-        "bs-logger": "^0.2.6",
+        "bs-logger": "0.x",
-        "ejs": "^3.1.10",
+        "fast-json-stable-stringify": "2.x",
        "fast-json-stable-stringify": "^2.1.0",
        "jest-util": "^29.0.0",
        "json5": "^2.2.3",
-        "lodash.memoize": "^4.1.2",
+        "lodash.memoize": "4.x",
-        "make-error": "^1.3.6",
+        "make-error": "1.x",
-        "semver": "^7.6.3",
+        "semver": "^7.5.3",
-        "yargs-parser": "^21.1.1"
+        "yargs-parser": "^21.0.1"
      },
      "bin": {
        "ts-jest": "cli.js"
      },
      "engines": {
-        "node": "^14.15.0 || ^16.10.0 || ^18.0.0 || >=20.0.0"
+        "node": "^16.10.0 || ^18.0.0 || >=20.0.0"
      },
      "peerDependencies": {
        "@babel/core": ">=7.0.0-beta.0 <8",
        "@jest/transform": "^29.0.0",
        "@jest/types": "^29.0.0",
        "babel-jest": "^29.0.0",
        "jest": "^29.0.0",
@@ -6645,9 +6638,6 @@
        "@babel/core": {
          "optional": true
        },
        "@jest/transform": {
          "optional": true
        },
        "@jest/types": {
          "optional": true
        },
@@ -6659,11 +6649,26 @@
        }
      }
    },
-    "node_modules/ts-jest/node_modules/semver": {
+    "node_modules/ts-jest/node_modules/lru-cache": {
-      "version": "7.6.3",
+      "version": "6.0.0",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
-      "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==",
+      "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
      "dev": true,
      "dependencies": {
        "yallist": "^4.0.0"
      },
      "engines": {
        "node": ">=10"
      }
    },
    "node_modules/ts-jest/node_modules/semver": {
      "version": "7.6.0",
      "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.0.tgz",
      "integrity": "sha512-EnwXhrlwXMk9gKu5/flx5sv/an57AkRplG3hTK68W7FRDN+k+OWBj65M7719OkA82XLBxrcX0KSHj+X5COhOVg==",
      "dev": true,
      "dependencies": {
        "lru-cache": "^6.0.0"
      },
      "bin": {
        "semver": "bin/semver.js"
      },
@@ -6671,6 +6676,12 @@
        "node": ">=10"
      }
    },
    "node_modules/ts-jest/node_modules/yallist": {
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
      "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
      "dev": true
    },
    "node_modules/tsconfig-paths": {
      "version": "3.15.0",
      "resolved": "https://registry.npmjs.org/tsconfig-paths/-/tsconfig-paths-3.15.0.tgz",
@@ -6825,9 +6836,9 @@
      }
    },
    "node_modules/typescript": {
-      "version": "5.5.4",
+      "version": "5.4.5",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.5.4.tgz",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.4.5.tgz",
-      "integrity": "sha512-Mtq29sKDAEYP7aljRgtPOpTvOfbwRWlS6dPRzwjdE+C0R4brX/GUyhHSecbHMFLNBLcJIPt9nl9yG5TZ1weH+Q==",
+      "integrity": "sha512-vcI4UpRgg81oIRUFwR0WSIHKt11nJ7SAVlYNIu+QpqeyXP+gpQJy/Z4+F0aGxSE4MqwjyXvW/TzgkLAx2AGHwQ==",
      "dev": true,
      "bin": {
        "tsc": "bin/tsc",
@@ -6853,10 +6864,9 @@
      }
    },
    "node_modules/undici": {
-      "version": "5.29.0",
+      "version": "5.28.4",
-      "resolved": "https://registry.npmjs.org/undici/-/undici-5.29.0.tgz",
+      "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz",
-      "integrity": "sha512-raqeBD6NQK4SkWhQzeYKd1KmIG6dllBOTt55Rmkt4HtI9mwdWtJljnrXjAFUBLTSN67HWrOIZ3EPF4kjUw80Bg==",
+      "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==",
      "license": "MIT",
      "dependencies": {
        "@fastify/busboy": "^2.0.0"
      },
@@ -6865,9 +6875,9 @@
      }
    },
    "node_modules/undici-types": {
-      "version": "7.8.0",
+      "version": "5.26.5",
-      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.8.0.tgz",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-      "integrity": "sha512-9UJ2xGDvQ43tYyVMpuHlsgApydB8ZKfVYTsLDhXkFL/6gfkp+U8xTGdh8pMJv1SpZna0zxG1DwsKZsreLbXBxw==",
+      "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==",
      "dev": true
    },
    "node_modules/universal-user-agent": {
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "checkout",
-  "version": "5.0.0",
+  "version": "4.1.7",
  "description": "checkout action",
  "main": "lib/main.js",
  "scripts": {
@@ -37,19 +37,19 @@
  },
  "devDependencies": {
    "@types/jest": "^29.5.12",
-    "@types/node": "^24.1.0",
+    "@types/node": "^20.12.12",
    "@types/uuid": "^9.0.8",
    "@typescript-eslint/eslint-plugin": "^7.9.0",
    "@typescript-eslint/parser": "^7.9.0",
    "@vercel/ncc": "^0.38.1",
    "eslint": "^8.57.0",
    "eslint-plugin-github": "^4.10.2",
-    "eslint-plugin-jest": "^28.8.2",
+    "eslint-plugin-jest": "^28.5.0",
    "jest": "^29.7.0",
    "jest-circus": "^29.7.0",
    "js-yaml": "^4.1.0",
-    "prettier": "^3.3.3",
+    "prettier": "^3.2.5",
-    "ts-jest": "^29.2.5",
+    "ts-jest": "^29.1.2",
-    "typescript": "^5.5.4"
+    "typescript": "^5.4.5"
  }
 }
--- a/src/git-auth-helper.ts
+++ b/src/git-auth-helper.ts
@@ -346,58 +346,8 @@ class GitAuthHelper {
  }
  private async removeToken(): Promise<void> {
-    // Remove HTTP extra header from local git config and submodule configs
+    // HTTP extra header
    await this.removeGitConfig(this.tokenConfigKey)
    //
    // Cleanup actions/checkout@v6 style credentials
    //
    const skipV6Cleanup = process.env['ACTIONS_CHECKOUT_SKIP_V6_CLEANUP']
    if (skipV6Cleanup === '1' || skipV6Cleanup?.toLowerCase() === 'true') {
      core.debug(
        'Skipping v6 style cleanup due to ACTIONS_CHECKOUT_SKIP_V6_CLEANUP'
      )
      return
    }
    try {
      // Collect credentials config paths that need to be removed
      const credentialsPaths = new Set<string>()
      // Remove includeIf entries that point to git-credentials-*.config files
      const mainCredentialsPaths = await this.removeIncludeIfCredentials()
      mainCredentialsPaths.forEach(path => credentialsPaths.add(path))
      // Remove submodule includeIf entries that point to git-credentials-*.config files
      try {
        const submoduleConfigPaths =
          await this.git.getSubmoduleConfigPaths(true)
        for (const configPath of submoduleConfigPaths) {
          const submoduleCredentialsPaths =
            await this.removeIncludeIfCredentials(configPath)
          submoduleCredentialsPaths.forEach(path => credentialsPaths.add(path))
        }
      } catch (err) {
        core.debug(`Unable to get submodule config paths: ${err}`)
      }
      // Remove credentials config files
      for (const credentialsPath of credentialsPaths) {
        // Only remove credentials config files if they are under RUNNER_TEMP
        const runnerTemp = process.env['RUNNER_TEMP']
        if (runnerTemp && credentialsPath.startsWith(runnerTemp)) {
          try {
            await io.rmRF(credentialsPath)
          } catch (err) {
            core.debug(
              `Failed to remove credentials config '${credentialsPath}': ${err}`
            )
          }
        }
      }
    } catch (err) {
      core.debug(`Failed to cleanup v6 style credentials: ${err}`)
    }
  }
  private async removeGitConfig(
@@ -421,59 +371,4 @@ class GitAuthHelper {
      true
    )
  }
  /**
   * Removes includeIf entries that point to git-credentials-*.config files.
   * This handles cleanup of credentials configured by newer versions of the action.
   * @param configPath Optional path to a specific git config file to operate on
   * @returns Array of unique credentials config file paths that were found and removed
   */
  private async removeIncludeIfCredentials(
    configPath?: string
  ): Promise<string[]> {
    const credentialsPaths = new Set<string>()
    try {
      // Get all includeIf.gitdir keys
      const keys = await this.git.tryGetConfigKeys(
        '^includeIf\\.gitdir:',
        false, // globalConfig?
        configPath
      )
      for (const key of keys) {
        // Get all values for this key
        const values = await this.git.tryGetConfigValues(
          key,
          false, // globalConfig?
          configPath
        )
        if (values.length > 0) {
          // Remove only values that match git-credentials-<uuid>.config pattern
          for (const value of values) {
            if (this.testCredentialsConfigPath(value)) {
              credentialsPaths.add(value)
              await this.git.tryConfigUnsetValue(key, value, false, configPath)
            }
          }
        }
      }
    } catch (err) {
      // Ignore errors - this is cleanup code
      core.debug(
        `Error during includeIf cleanup${configPath ? ` for ${configPath}` : ''}: ${err}`
      )
    }
    return Array.from(credentialsPaths)
  }
  /**
   * Tests if a path matches the git-credentials-*.config pattern used by newer versions.
   * @param path The path to test
   * @returns True if the path matches the credentials config pattern
   */
  private testCredentialsConfigPath(path: string): boolean {
    return /git-credentials-[0-9a-f-]+\.config$/i.test(path)
  }
 }
--- a/src/git-command-manager.ts
+++ b/src/git-command-manager.ts
@@ -41,7 +41,6 @@ export interface IGitCommandManager {
    }
  ): Promise<void>
  getDefaultBranch(repositoryUrl: string): Promise<string>
  getSubmoduleConfigPaths(recursive: boolean): Promise<string[]>
  getWorkingDirectory(): string
  init(): Promise<void>
  isDetached(): Promise<boolean>
@@ -60,24 +59,8 @@ export interface IGitCommandManager {
  tagExists(pattern: string): Promise<boolean>
  tryClean(): Promise<boolean>
  tryConfigUnset(configKey: string, globalConfig?: boolean): Promise<boolean>
  tryConfigUnsetValue(
    configKey: string,
    configValue: string,
    globalConfig?: boolean,
    configFile?: string
  ): Promise<boolean>
  tryDisableAutomaticGarbageCollection(): Promise<boolean>
  tryGetFetchUrl(): Promise<string>
  tryGetConfigValues(
    configKey: string,
    globalConfig?: boolean,
    configFile?: string
  ): Promise<string[]>
  tryGetConfigKeys(
    pattern: string,
    globalConfig?: boolean,
    configFile?: string
  ): Promise<string[]>
  tryReset(): Promise<boolean>
  version(): Promise<GitVersion>
 }
@@ -340,21 +323,6 @@ class GitCommandManager {
    throw new Error('Unexpected output when retrieving default branch')
  }
  async getSubmoduleConfigPaths(recursive: boolean): Promise<string[]> {
    // Get submodule config file paths.
    // Use `--show-origin` to get the config file path for each submodule.
    const output = await this.submoduleForeach(
      `git config --local --show-origin --name-only --get-regexp remote.origin.url`,
      recursive
    )
    // Extract config file paths from the output (lines starting with "file:").
    const configPaths =
      output.match(/(?<=(^|\n)file:)[^\t]+(?=\tremote\.origin\.url)/g) || []
    return configPaths
  }
  getWorkingDirectory(): string {
    return this.workingDirectory
  }
@@ -487,24 +455,6 @@ class GitCommandManager {
    return output.exitCode === 0
  }
  async tryConfigUnsetValue(
    configKey: string,
    configValue: string,
    globalConfig?: boolean,
    configFile?: string
  ): Promise<boolean> {
    const args = ['config']
    if (configFile) {
      args.push('--file', configFile)
    } else {
      args.push(globalConfig ? '--global' : '--local')
    }
    args.push('--unset', configKey, configValue)
    const output = await this.execGit(args, true)
    return output.exitCode === 0
  }
  async tryDisableAutomaticGarbageCollection(): Promise<boolean> {
    const output = await this.execGit(
      ['config', '--local', 'gc.auto', '0'],
@@ -531,56 +481,6 @@ class GitCommandManager {
    return stdout
  }
  async tryGetConfigValues(
    configKey: string,
    globalConfig?: boolean,
    configFile?: string
  ): Promise<string[]> {
    const args = ['config']
    if (configFile) {
      args.push('--file', configFile)
    } else {
      args.push(globalConfig ? '--global' : '--local')
    }
    args.push('--get-all', configKey)
    const output = await this.execGit(args, true)
    if (output.exitCode !== 0) {
      return []
    }
    return output.stdout
      .trim()
      .split('\n')
      .filter(value => value.trim())
  }
  async tryGetConfigKeys(
    pattern: string,
    globalConfig?: boolean,
    configFile?: string
  ): Promise<string[]> {
    const args = ['config']
    if (configFile) {
      args.push('--file', configFile)
    } else {
      args.push(globalConfig ? '--global' : '--local')
    }
    args.push('--name-only', '--get-regexp', pattern)
    const output = await this.execGit(args, true)
    if (output.exitCode !== 0) {
      return []
    }
    return output.stdout
      .trim()
      .split('\n')
      .filter(key => key.trim())
  }
  async tryReset(): Promise<boolean> {
    const output = await this.execGit(['reset', '--hard', 'HEAD'], true)
    return output.exitCode === 0
--- a/src/git-source-provider.ts
+++ b/src/git-source-provider.ts
@@ -261,8 +261,7 @@ export async function getSource(settings: IGitSourceSettings): Promise<void> {
    const commitInfo = await git.log1()
    // Log commit sha
-    const commitSHA = await git.log1('--format=%H')
+    await git.log1("--format='%H'")
    core.setOutput('commit', commitSHA.trim())
    // Check for incorrect pull request merge commit
    await refHelper.checkCommitInfo(
--- a/src/main.ts
+++ b/src/main.ts
@@ -19,7 +19,6 @@ async function run(): Promise<void> {
      // Get sources
      await gitSourceProvider.getSource(sourceSettings)
      core.setOutput('ref', sourceSettings.ref)
    } finally {
      // Unregister problem matcher
      coreCommand.issueCommand('remove-matcher', {owner: 'checkout-git'}, '')
--- a/src/misc/generate-docs.ts
+++ b/src/misc/generate-docs.ts
@@ -120,7 +120,7 @@ function updateUsage(
 }
 updateUsage(
-  'actions/checkout@v5',
+  'actions/checkout@v4',
  path.join(__dirname, '..', '..', 'action.yml'),
  path.join(__dirname, '..', '..', 'README.md')
 )
--- a/src/ref-helper.ts
+++ b/src/ref-helper.ts
@@ -46,8 +46,8 @@ export async function getCheckoutInfo(
    result.ref = ref
  }
  // refs/
-  else if (upperRef.startsWith('REFS/')) {
+  else if (upperRef.startsWith('REFS/') && commit) {
-    result.ref = commit ? commit : ref
+    result.ref = commit
  }
  // Unqualified ref, check for a matching branch or tag
  else {
--- a/src/url-helper.ts
+++ b/src/url-helper.ts
@@ -21,61 +21,26 @@ export function getFetchUrl(settings: IGitSourceSettings): string {
 }
 export function getServerUrl(url?: string): URL {
-  let resolvedUrl = process.env['GITHUB_SERVER_URL'] || 'https://github.com'
+  let urlValue =
-  if (hasContent(url, WhitespaceMode.Trim)) {
+    url && url.trim().length > 0
-    resolvedUrl = url!
+      ? url
-  }
+      : process.env['GITHUB_SERVER_URL'] || 'https://github.com'
-
+  return new URL(urlValue)
  return new URL(resolvedUrl)
 }
 export function getServerApiUrl(url?: string): string {
-  if (hasContent(url, WhitespaceMode.Trim)) {
+  let apiUrl = 'https://api.github.com'
-    let serverUrl = getServerUrl(url)
+
  if (isGhes(url)) {
-      serverUrl.pathname = 'api/v3'
+    const serverUrl = getServerUrl(url)
-    } else {
+    apiUrl = new URL(`${serverUrl.origin}/api/v3`).toString()
      serverUrl.hostname = 'api.' + serverUrl.hostname
  }
-    return pruneSuffix(serverUrl.toString(), '/')
+  return apiUrl
  }
  return process.env['GITHUB_API_URL'] || 'https://api.github.com'
 }
 export function isGhes(url?: string): boolean {
-  const ghUrl = new URL(
+  const ghUrl = getServerUrl(url)
    url || process.env['GITHUB_SERVER_URL'] || 'https://github.com'
  )
-  const hostname = ghUrl.hostname.trimEnd().toUpperCase()
+  return ghUrl.hostname.toUpperCase() !== 'GITHUB.COM'
  const isGitHubHost = hostname === 'GITHUB.COM'
  const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM')
  const isLocalHost = hostname.endsWith('.LOCALHOST')
  return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost
 }
 function pruneSuffix(text: string, suffix: string) {
  if (hasContent(suffix, WhitespaceMode.Preserve) && text?.endsWith(suffix)) {
    return text.substring(0, text.length - suffix.length)
  }
  return text
 }
 enum WhitespaceMode {
  Trim,
  Preserve
 }
 function hasContent(
  text: string | undefined,
  whitespaceMode: WhitespaceMode
 ): boolean {
  let refinedText = text ?? ''
  if (whitespaceMode == WhitespaceMode.Trim) {
    refinedText = refinedText.trim()
  }
  return refinedText.length > 0
 }
`@@ -1 +1 @@`
	`* @actions/actions-runtime`	`* @actions/actions-launch`