Clarify v6 README (#2328 )

Add worktree support for persist-credentials includeIf (#2327 )
Update all references from v5 and v4 to v6 (#2314 )
2025-12-10 13:47:25 +00:00 · 2025-12-01 20:08:49 -06:00 · 2025-12-01 19:53:23 -06:00 · 2025-11-23 19:32:55 -06:00 · 2025-11-20 10:20:04 -06:00 · 2025-11-03 13:40:10 -06:00
17 changed files with 505 additions and 148 deletions
--- a/.github/workflows/check-dist.yml
+++ b/.github/workflows/check-dist.yml
@@ -22,7 +22,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v6
      - name: Set Node.js 24.x
        uses: actions/setup-node@v4
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -39,7 +39,7 @@ jobs:
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v4.1.6
+      uses: actions/checkout@v6
    - name: Initialize CodeQL
      uses: github/codeql-action/init@v3
--- a/.github/workflows/licensed.yml
+++ b/.github/workflows/licensed.yml
@@ -9,6 +9,6 @@ jobs:
    runs-on: ubuntu-latest
    name: Check licenses
    steps:
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v6
      - run: npm ci
      - run: npm run licensed-check
--- a/.github/workflows/publish-immutable-actions.yml
+++ b/.github/workflows/publish-immutable-actions.yml
@@ -14,7 +14,7 @@ jobs:
    steps:
      - name: Checking out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
      - name: Publish
        id: publish
        uses: actions/publish-immutable-action@0.0.3
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -19,7 +19,7 @@ jobs:
      - uses: actions/setup-node@v4
        with:
          node-version: 24.x
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v6
      - run: npm ci
      - run: npm run build
      - run: npm run format-check
@@ -37,7 +37,7 @@ jobs:
    steps:
      # Clone this repo
      - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
      # Basic checkout
      - name: Checkout basic
@@ -165,6 +165,22 @@ jobs:
      - name: Verify submodules recursive
        run: __test__/verify-submodules-recursive.sh
      # Worktree credentials
      - name: Checkout for worktree test
        uses: ./
        with:
          path: worktree-test
      - name: Verify worktree credentials
        shell: bash
        run: __test__/verify-worktree.sh worktree-test worktree-branch
      # Worktree credentials in container step
      - name: Verify worktree credentials in container step
        if: runner.os == 'Linux'
        uses: docker://bitnami/git:latest
        with:
          args: bash __test__/verify-worktree.sh worktree-test container-worktree-branch
      # Basic checkout using REST API
      - name: Remove basic
        if: runner.os != 'windows'
@@ -202,7 +218,7 @@ jobs:
    steps:
      # Clone this repo
      - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
      # Basic checkout using git
      - name: Checkout basic
@@ -234,7 +250,7 @@ jobs:
    steps:
      # Clone this repo
      - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
      # Basic checkout using git
      - name: Checkout basic
@@ -264,7 +280,7 @@ jobs:
    steps:
      # Clone this repo
      - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
        with:
          path: localClone
@@ -291,17 +307,17 @@ jobs:
          git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main
      # needed to make checkout post cleanup succeed
-      - name: Fix Checkout v4
+      - name: Fix Checkout v6
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
        with:
          path: localClone
  test-output:
    runs-on: ubuntu-latest
    steps:
-      # Download the action at the current ref
+      # Clone this repo
      - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v6
        with:
          path: actions-checkout
--- a/.github/workflows/update-main-version.yml
+++ b/.github/workflows/update-main-version.yml
@@ -23,7 +23,7 @@ jobs:
    # Note this update workflow can also be used as a rollback tool.
    # For that reason, it's best to pin `actions/checkout` to a known, stable version
    # (typically, about two releases back).
-    - uses: actions/checkout@v4.1.6
+    - uses: actions/checkout@v6
      with:
        fetch-depth: 0
    - name: Git config
--- a/.github/workflows/update-test-ubuntu-git.yml
+++ b/.github/workflows/update-test-ubuntu-git.yml
@@ -26,7 +26,7 @@ jobs:
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
      # Use `docker/login-action` to log in to GHCR.io. 
      # Once published, the packages are scoped to the account defined here.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,10 +1,19 @@
 # Changelog
-## V5.0.0
+## v6.0.0
 * Persist creds to a separate file by @ericsciple in https://github.com/actions/checkout/pull/2286
 * Update README to include Node.js 24 support details and requirements by @salmanmkc in https://github.com/actions/checkout/pull/2248
 ## v5.0.1
 * Port v6 cleanup to v5 by @ericsciple in https://github.com/actions/checkout/pull/2301
 ## v5.0.0
 * Update actions checkout to use node 24 by @salmanmkc in https://github.com/actions/checkout/pull/2226
 ## v4.3.1
 * Port v6 cleanup to v4 by @ericsciple in https://github.com/actions/checkout/pull/2305
-## V4.3.0
+## v4.3.0
 * docs: update README.md by @motss in https://github.com/actions/checkout/pull/1971
 * Add internal repos for checking out multiple repositories by @mouismail in https://github.com/actions/checkout/pull/1977
 * Documentation update - add recommended permissions to Readme by @benwells in https://github.com/actions/checkout/pull/2043
--- a/README.md
+++ b/README.md
@@ -1,6 +1,14 @@
 [![Build and Test](https://github.com/actions/checkout/actions/workflows/test.yml/badge.svg)](https://github.com/actions/checkout/actions/workflows/test.yml)
-# Checkout V5
+# Checkout v6
 ## What's new
 - Improved credential security: `persist-credentials` now stores credentials in a separate file under `$RUNNER_TEMP` instead of directly in `.git/config`
 - No workflow changes required — `git fetch`, `git push`, etc. continue to work automatically
 - Running authenticated git commands from a [Docker container action](https://docs.github.com/actions/sharing-automations/creating-actions/creating-a-docker-container-action) requires Actions Runner [v2.329.0](https://github.com/actions/runner/releases/tag/v2.329.0) or later
 # Checkout v5
 ## What's new
@@ -8,7 +16,7 @@
  - This requires a minimum Actions Runner version of [v2.327.1](https://github.com/actions/runner/releases/tag/v2.327.1) to run.
-# Checkout V4
+# Checkout v4
 This action checks-out your repository under `$GITHUB_WORKSPACE`, so your workflow can access it.
@@ -44,7 +52,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 <!-- start usage -->
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v6
  with:
    # Repository name with owner. For example, actions/checkout
    # Default: ${{ github.repository }}
@@ -183,7 +191,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch only the root files
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v6
  with:
    sparse-checkout: .
 ```
@@ -191,7 +199,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch only the root files and `.github` and `src` folder
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v6
  with:
    sparse-checkout: |
      .github
@@ -201,7 +209,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch only a single file
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v6
  with:
    sparse-checkout: |
      README.md
@@ -211,7 +219,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Fetch all history for all tags and branches
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v6
  with:
    fetch-depth: 0
 ```
@@ -219,7 +227,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Checkout a different branch
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v6
  with:
    ref: my-branch
 ```
@@ -227,7 +235,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Checkout HEAD^
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v6
  with:
    fetch-depth: 2
 - run: git checkout HEAD^
@@ -237,12 +245,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
  with:
    path: main
 - name: Checkout tools repo
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
  with:
    repository: my-org/my-tools
    path: my-tools
@@ -253,10 +261,10 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
 - name: Checkout tools repo
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
  with:
    repository: my-org/my-tools
    path: my-tools
@@ -267,12 +275,12 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ```yaml
 - name: Checkout
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
  with:
    path: main
 - name: Checkout private tools
-  uses: actions/checkout@v5
+  uses: actions/checkout@v6
  with:
    repository: my-org/my-private-tools
    token: ${{ secrets.GH_PAT }} # `GH_PAT` is a secret that contains your PAT
@@ -285,7 +293,7 @@ Please refer to the [release page](https://github.com/actions/checkout/releases/
 ## Checkout pull request HEAD commit instead of merge commit
 ```yaml
- uses: actions/checkout@v5
+- uses: actions/checkout@v6
  with:
    ref: ${{ github.event.pull_request.head.sha }}
 ```
@@ -301,7 +309,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 ```
 ## Push a commit using the built-in token
@@ -312,7 +320,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
      - run: |
          date > generated.txt
          # Note: the following account information will not work on GHES
@@ -334,7 +342,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
        with:
          ref: ${{ github.head_ref }}
      - run: |
--- a/test/git-auth-helper.test.ts
+++ b/test/git-auth-helper.test.ts
@@ -706,7 +706,7 @@ describe('git-auth-helper tests', () => {
    const authHelper = gitAuthHelper.createAuthHelper(git, settings)
    await authHelper.configureAuth()
-    // Sanity check - verify includeIf entries exist in local config
+    // Verify includeIf entries exist in local config
    let localConfigContent = (
      await fs.promises.readFile(localGitConfigPath)
    ).toString()
@@ -714,26 +714,192 @@ describe('git-auth-helper tests', () => {
      localConfigContent.indexOf('includeIf.gitdir:')
    ).toBeGreaterThanOrEqual(0)
-    // Sanity check - verify credentials file exists
+    // Verify both host and container includeIf entries are present
    const hostGitDir = path.join(workspace, '.git').replace(/\\/g, '/')
    expect(
      localConfigContent.indexOf(`includeIf.gitdir:${hostGitDir}.path`)
    ).toBeGreaterThanOrEqual(0)
    expect(
      localConfigContent.indexOf('includeIf.gitdir:/github/workspace/.git.path')
    ).toBeGreaterThanOrEqual(0)
    // Verify credentials file exists
    let credentialsFiles = (await fs.promises.readdir(runnerTemp)).filter(
      f => f.startsWith('git-credentials-') && f.endsWith('.config')
    )
    expect(credentialsFiles.length).toBe(1)
    const credentialsFilePath = path.join(runnerTemp, credentialsFiles[0])
    // Verify credentials file contains the auth token
    let credentialsContent = (
      await fs.promises.readFile(credentialsFilePath)
    ).toString()
    const basicCredential = Buffer.from(
      `x-access-token:${settings.authToken}`,
      'utf8'
    ).toString('base64')
    expect(
      credentialsContent.indexOf(
        `http.https://github.com/.extraheader AUTHORIZATION: basic ${basicCredential}`
      )
    ).toBeGreaterThanOrEqual(0)
    // Verify the includeIf entries point to the credentials file
    const containerCredentialsPath = path.posix.join(
      '/github/runner_temp',
      path.basename(credentialsFilePath)
    )
    expect(
      localConfigContent.indexOf(credentialsFilePath)
    ).toBeGreaterThanOrEqual(0)
    expect(
      localConfigContent.indexOf(containerCredentialsPath)
    ).toBeGreaterThanOrEqual(0)
    // Act
    await authHelper.removeAuth()
-    // Assert includeIf entries removed from local git config
+    // Assert all includeIf entries removed from local git config
    localConfigContent = (
      await fs.promises.readFile(localGitConfigPath)
    ).toString()
    expect(localConfigContent.indexOf('includeIf.gitdir:')).toBeLessThan(0)
    expect(
      localConfigContent.indexOf(`includeIf.gitdir:${hostGitDir}.path`)
    ).toBeLessThan(0)
    expect(
      localConfigContent.indexOf('includeIf.gitdir:/github/workspace/.git.path')
    ).toBeLessThan(0)
    expect(localConfigContent.indexOf(credentialsFilePath)).toBeLessThan(0)
    expect(localConfigContent.indexOf(containerCredentialsPath)).toBeLessThan(0)
    // Assert credentials config file deleted
    credentialsFiles = (await fs.promises.readdir(runnerTemp)).filter(
      f => f.startsWith('git-credentials-') && f.endsWith('.config')
    )
    expect(credentialsFiles.length).toBe(0)
    // Verify credentials file no longer exists on disk
    try {
      await fs.promises.stat(credentialsFilePath)
      throw new Error('Credentials file should have been deleted')
    } catch (err) {
      if ((err as any)?.code !== 'ENOENT') {
        throw err
      }
    }
  })
  const removeAuth_removesTokenFromSubmodules =
    'removeAuth removes token from submodules'
  it(removeAuth_removesTokenFromSubmodules, async () => {
    // Arrange
    await setup(removeAuth_removesTokenFromSubmodules)
    // Create fake submodule config paths
    const submodule1Dir = path.join(workspace, '.git', 'modules', 'submodule-1')
    const submodule2Dir = path.join(workspace, '.git', 'modules', 'submodule-2')
    const submodule1ConfigPath = path.join(submodule1Dir, 'config')
    const submodule2ConfigPath = path.join(submodule2Dir, 'config')
    await fs.promises.mkdir(submodule1Dir, {recursive: true})
    await fs.promises.mkdir(submodule2Dir, {recursive: true})
    await fs.promises.writeFile(submodule1ConfigPath, '')
    await fs.promises.writeFile(submodule2ConfigPath, '')
    // Mock getSubmoduleConfigPaths to return our fake submodules (for both configure and remove)
    const mockGetSubmoduleConfigPaths =
      git.getSubmoduleConfigPaths as jest.Mock<any, any>
    mockGetSubmoduleConfigPaths.mockResolvedValue([
      submodule1ConfigPath,
      submodule2ConfigPath
    ])
    const authHelper = gitAuthHelper.createAuthHelper(git, settings)
    await authHelper.configureAuth()
    await authHelper.configureSubmoduleAuth()
    // Verify credentials file exists
    let credentialsFiles = (await fs.promises.readdir(runnerTemp)).filter(
      f => f.startsWith('git-credentials-') && f.endsWith('.config')
    )
    expect(credentialsFiles.length).toBe(1)
    const credentialsFilePath = path.join(runnerTemp, credentialsFiles[0])
    // Verify submodule 1 config has includeIf entries
    let submodule1Content = (
      await fs.promises.readFile(submodule1ConfigPath)
    ).toString()
    const submodule1GitDir = submodule1Dir.replace(/\\/g, '/')
    expect(
      submodule1Content.indexOf(`includeIf.gitdir:${submodule1GitDir}.path`)
    ).toBeGreaterThanOrEqual(0)
    expect(
      submodule1Content.indexOf(credentialsFilePath)
    ).toBeGreaterThanOrEqual(0)
    // Verify submodule 2 config has includeIf entries
    let submodule2Content = (
      await fs.promises.readFile(submodule2ConfigPath)
    ).toString()
    const submodule2GitDir = submodule2Dir.replace(/\\/g, '/')
    expect(
      submodule2Content.indexOf(`includeIf.gitdir:${submodule2GitDir}.path`)
    ).toBeGreaterThanOrEqual(0)
    expect(
      submodule2Content.indexOf(credentialsFilePath)
    ).toBeGreaterThanOrEqual(0)
    // Verify both host and container paths are in each submodule config
    const containerCredentialsPath = path.posix.join(
      '/github/runner_temp',
      path.basename(credentialsFilePath)
    )
    expect(
      submodule1Content.indexOf(containerCredentialsPath)
    ).toBeGreaterThanOrEqual(0)
    expect(
      submodule2Content.indexOf(containerCredentialsPath)
    ).toBeGreaterThanOrEqual(0)
    // Act - ensure mock persists for removeAuth
    mockGetSubmoduleConfigPaths.mockResolvedValue([
      submodule1ConfigPath,
      submodule2ConfigPath
    ])
    await authHelper.removeAuth()
    // Assert submodule 1 includeIf entries removed
    submodule1Content = (
      await fs.promises.readFile(submodule1ConfigPath)
    ).toString()
    expect(submodule1Content.indexOf('includeIf.gitdir:')).toBeLessThan(0)
    expect(submodule1Content.indexOf(credentialsFilePath)).toBeLessThan(0)
    expect(submodule1Content.indexOf(containerCredentialsPath)).toBeLessThan(0)
    // Assert submodule 2 includeIf entries removed
    submodule2Content = (
      await fs.promises.readFile(submodule2ConfigPath)
    ).toString()
    expect(submodule2Content.indexOf('includeIf.gitdir:')).toBeLessThan(0)
    expect(submodule2Content.indexOf(credentialsFilePath)).toBeLessThan(0)
    expect(submodule2Content.indexOf(containerCredentialsPath)).toBeLessThan(0)
    // Assert credentials config file deleted
    credentialsFiles = (await fs.promises.readdir(runnerTemp)).filter(
      f => f.startsWith('git-credentials-') && f.endsWith('.config')
    )
    expect(credentialsFiles.length).toBe(0)
    // Verify credentials file no longer exists on disk
    try {
      await fs.promises.stat(credentialsFilePath)
      throw new Error('Credentials file should have been deleted')
    } catch (err) {
      if ((err as any)?.code !== 'ENOENT') {
        throw err
      }
    }
  })
  const removeGlobalConfig_removesOverride =
@@ -771,17 +937,41 @@ describe('git-auth-helper tests', () => {
    const authHelper = gitAuthHelper.createAuthHelper(git, settings)
    // Get a real credentials config path
-    const credentialsConfigPath = await (authHelper as any).getCredentialsConfigPath()
+    const credentialsConfigPath = await (
      authHelper as any
    ).getCredentialsConfigPath()
    // Act & Assert
-    expect((authHelper as any).testCredentialsConfigPath(credentialsConfigPath)).toBe(true)
+    expect(
-    expect((authHelper as any).testCredentialsConfigPath('/some/path/git-credentials-12345678-abcd-1234-5678-123456789012.config')).toBe(true)
+      (authHelper as any).testCredentialsConfigPath(credentialsConfigPath)
-    expect((authHelper as any).testCredentialsConfigPath('/some/path/git-credentials-abcdef12-3456-7890-abcd-ef1234567890.config')).toBe(true)
+    ).toBe(true)
    expect(
      (authHelper as any).testCredentialsConfigPath(
        '/some/path/git-credentials-12345678-abcd-1234-5678-123456789012.config'
      )
    ).toBe(true)
    expect(
      (authHelper as any).testCredentialsConfigPath(
        '/some/path/git-credentials-abcdef12-3456-7890-abcd-ef1234567890.config'
      )
    ).toBe(true)
    // Test invalid paths
-    expect((authHelper as any).testCredentialsConfigPath('/some/path/other-config.config')).toBe(false)
+    expect(
-    expect((authHelper as any).testCredentialsConfigPath('/some/path/git-credentials-invalid.config')).toBe(false)
+      (authHelper as any).testCredentialsConfigPath(
-    expect((authHelper as any).testCredentialsConfigPath('/some/path/git-credentials-.config')).toBe(false)
+        '/some/path/other-config.config'
      )
    ).toBe(false)
    expect(
      (authHelper as any).testCredentialsConfigPath(
        '/some/path/git-credentials-invalid.config'
      )
    ).toBe(false)
    expect(
      (authHelper as any).testCredentialsConfigPath(
        '/some/path/git-credentials-.config'
      )
    ).toBe(false)
    expect((authHelper as any).testCredentialsConfigPath('')).toBe(false)
  })
 })
@@ -890,28 +1080,41 @@ async function setup(testName: string): Promise<void> {
      }
    ),
    tryConfigUnsetValue: jest.fn(
-      async (key: string, value: string, globalConfig?: boolean): Promise<boolean> => {
+      async (
-        const configPath = globalConfig
+        key: string,
-          ? path.join(git.env['HOME'] || tempHomedir, '.gitconfig')
+        value: string,
-          : localGitConfigPath
+        globalConfig?: boolean,
-        let content = await fs.promises.readFile(configPath)
+        configPath?: string
      ): Promise<boolean> => {
        const targetConfigPath =
          configPath ||
          (globalConfig
            ? path.join(git.env['HOME'] || tempHomedir, '.gitconfig')
            : localGitConfigPath)
        let content = await fs.promises.readFile(targetConfigPath)
        let lines = content
          .toString()
          .split('\n')
          .filter(x => x)
          .filter(x => !(x.startsWith(key) && x.includes(value)))
-        await fs.promises.writeFile(configPath, lines.join('\n'))
+        await fs.promises.writeFile(targetConfigPath, lines.join('\n'))
        return true
      }
    ),
    tryDisableAutomaticGarbageCollection: jest.fn(),
    tryGetFetchUrl: jest.fn(),
    tryGetConfigValues: jest.fn(
-      async (key: string, globalConfig?: boolean): Promise<string[]> => {
+      async (
-        const configPath = globalConfig
+        key: string,
-          ? path.join(git.env['HOME'] || tempHomedir, '.gitconfig')
+        globalConfig?: boolean,
-          : localGitConfigPath
+        configPath?: string
-        const content = await fs.promises.readFile(configPath)
+      ): Promise<string[]> => {
        const targetConfigPath =
          configPath ||
          (globalConfig
            ? path.join(git.env['HOME'] || tempHomedir, '.gitconfig')
            : localGitConfigPath)
        const content = await fs.promises.readFile(targetConfigPath)
        const lines = content
          .toString()
          .split('\n')
@@ -921,11 +1124,17 @@ async function setup(testName: string): Promise<void> {
      }
    ),
    tryGetConfigKeys: jest.fn(
-      async (pattern: string, globalConfig?: boolean): Promise<string[]> => {
+      async (
-        const configPath = globalConfig
+        pattern: string,
-          ? path.join(git.env['HOME'] || tempHomedir, '.gitconfig')
+        globalConfig?: boolean,
-          : localGitConfigPath
+        configPath?: string
-        const content = await fs.promises.readFile(configPath)
+      ): Promise<string[]> => {
        const targetConfigPath =
          configPath ||
          (globalConfig
            ? path.join(git.env['HOME'] || tempHomedir, '.gitconfig')
            : localGitConfigPath)
        const content = await fs.promises.readFile(targetConfigPath)
        const lines = content
          .toString()
          .split('\n')
--- a/test/verify-submodules-recursive.sh
+++ b/test/verify-submodules-recursive.sh
@@ -17,7 +17,7 @@ fi
 echo "Testing persisted credential"
 pushd ./submodules-recursive/submodule-level-1/submodule-level-2
-git config --local --name-only --get-regexp http.+extraheader && git fetch
+git config --local --includes --name-only --get-regexp http.+extraheader && git fetch
 if [ "$?" != "0" ]; then
    echo "Failed to validate persisted credential"
    popd
--- a/test/verify-submodules-true.sh
+++ b/test/verify-submodules-true.sh
@@ -17,7 +17,7 @@ fi
 echo "Testing persisted credential"
 pushd ./submodules-true/submodule-level-1
-git config --local --name-only --get-regexp http.+extraheader && git fetch
+git config --local --includes --name-only --get-regexp http.+extraheader && git fetch
 if [ "$?" != "0" ]; then
    echo "Failed to validate persisted credential"
    popd
--- a/test/verify-worktree.sh
+++ b/test/verify-worktree.sh
@@ -0,0 +1,51 @@
 #!/bin/bash
 set -e
 # Verify worktree credentials
 # This test verifies that git credentials work in worktrees created after checkout
 # Usage: verify-worktree.sh <checkout-path> <worktree-name>
 CHECKOUT_PATH="$1"
 WORKTREE_NAME="$2"
 if [ -z "$CHECKOUT_PATH" ] || [ -z "$WORKTREE_NAME" ]; then
  echo "Usage: verify-worktree.sh <checkout-path> <worktree-name>"
  exit 1
 fi
 cd "$CHECKOUT_PATH"
 # Add safe directory for container environments
 git config --global --add safe.directory "*" 2>/dev/null || true
 # Show the includeIf configuration
 echo "Git config includeIf entries:"
 git config --list --show-origin | grep -i include || true
 # Create the worktree
 echo "Creating worktree..."
 git worktree add "../$WORKTREE_NAME" HEAD --detach
 # Change to worktree directory
 cd "../$WORKTREE_NAME"
 # Verify we're in a worktree
 echo "Verifying worktree gitdir:"
 cat .git
 # Verify credentials are available in worktree by checking extraheader is configured
 echo "Checking credentials in worktree..."
 if git config --list --show-origin | grep -q "extraheader"; then
  echo "Credentials are configured in worktree"
 else
  echo "ERROR: Credentials are NOT configured in worktree"
  echo "Full git config:"
  git config --list --show-origin
  exit 1
 fi
 # Verify fetch works in the worktree
 echo "Fetching in worktree..."
 git fetch origin
 echo "Worktree credentials test passed!"
--- a/dist/index.js
+++ b/dist/index.js
@@ -238,7 +238,9 @@ class GitAuthHelper {
                yield this.git.tryConfigUnset(this.insteadOfKey, true);
                if (!this.settings.sshKey) {
                    for (const insteadOfValue of this.insteadOfValues) {
-                        yield this.git.config(this.insteadOfKey, insteadOfValue, true, true);
+                        yield this.git.config(this.insteadOfKey, insteadOfValue, true, // globalConfig?
                        true // add?
                        );
                    }
                }
            }
@@ -255,17 +257,10 @@ class GitAuthHelper {
            // Remove possible previous HTTPS instead of SSH
            yield this.removeSubmoduleGitConfig(this.insteadOfKey);
            if (this.settings.persistCredentials) {
-                // Credentials config path
+                // Get the credentials config file path in RUNNER_TEMP
-                const credentialsConfigPath = yield this.getCredentialsConfigPath();
+                const credentialsConfigPath = this.getCredentialsConfigPath();
                // Container credentials config path
                const containerCredentialsPath = path.posix.join('/github/runner_temp', path.basename(credentialsConfigPath));
                // Container repo path
                const workingDirectory = this.git.getWorkingDirectory();
                const githubWorkspace = process.env['GITHUB_WORKSPACE'];
                assert.ok(githubWorkspace, 'GITHUB_WORKSPACE is not defined');
                let relativePath = path.relative(githubWorkspace, workingDirectory);
                relativePath = relativePath.replace(/\\/g, '/');
                const containerRepoPath = path.posix.join('/github/workspace', relativePath);
                // Get submodule config file paths.
                const configPaths = yield this.git.getSubmoduleConfigPaths(this.settings.nestedSubmodules);
                // For each submodule, configure includeIf entries pointing to the shared credentials file.
@@ -275,12 +270,19 @@ class GitAuthHelper {
                    let submoduleGitDir = path.dirname(configPath); // The config file is at .git/modules/submodule-name/config
                    submoduleGitDir = submoduleGitDir.replace(/\\/g, '/'); // Use forward slashes, even on Windows
                    // Configure host includeIf
-                    yield this.git.config(`includeIf.gitdir:${submoduleGitDir}.path`, credentialsConfigPath, false, false, configPath);
+                    yield this.git.config(`includeIf.gitdir:${submoduleGitDir}.path`, credentialsConfigPath, false, // globalConfig?
-                    // Configure container includeIf
+                    false, // add?
                    configPath);
                    // Container submodule git directory
                    const githubWorkspace = process.env['GITHUB_WORKSPACE'];
                    assert.ok(githubWorkspace, 'GITHUB_WORKSPACE is not defined');
                    let relativeSubmoduleGitDir = path.relative(githubWorkspace, submoduleGitDir);
                    relativeSubmoduleGitDir = relativeSubmoduleGitDir.replace(/\\/g, '/'); // Use forward slashes, even on Windows
                    const containerSubmoduleGitDir = path.posix.join('/github/workspace', relativeSubmoduleGitDir);
-                    yield this.git.config(`includeIf.gitdir:${containerSubmoduleGitDir}.path`, containerCredentialsPath, false, false, configPath);
+                    // Configure container includeIf
                    yield this.git.config(`includeIf.gitdir:${containerSubmoduleGitDir}.path`, containerCredentialsPath, false, // globalConfig?
                    false, // add?
                    configPath);
                }
                if (this.settings.sshKey) {
                    // Configure core.sshCommand
@@ -379,12 +381,14 @@ class GitAuthHelper {
    configureToken(globalConfig) {
        return __awaiter(this, void 0, void 0, function* () {
            // Get the credentials config file path in RUNNER_TEMP
-            const credentialsConfigPath = yield this.getCredentialsConfigPath();
+            const credentialsConfigPath = this.getCredentialsConfigPath();
            // Write placeholder to the separate credentials config file using git config.
            // This approach avoids the credential being captured by process creation audit events,
            // which are commonly logged. For more information, refer to
            // https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/component-updates/command-line-process-auditing
-            yield this.git.config(this.tokenConfigKey, this.tokenPlaceholderConfigValue, false, false, credentialsConfigPath);
+            yield this.git.config(this.tokenConfigKey, this.tokenPlaceholderConfigValue, false, // globalConfig?
            false, // add?
            credentialsConfigPath);
            // Replace the placeholder in the credentials config file
            let content = (yield fs.promises.readFile(credentialsConfigPath)).toString();
            const placeholderIndex = content.indexOf(this.tokenPlaceholderConfigValue);
@@ -398,7 +402,8 @@ class GitAuthHelper {
            // Add include or includeIf to reference the credentials config
            if (globalConfig) {
                // Global config file is temporary
-                yield this.git.config('include.path', credentialsConfigPath, true);
+                yield this.git.config('include.path', credentialsConfigPath, true // globalConfig?
                );
            }
            else {
                // Host git directory
@@ -407,10 +412,13 @@ class GitAuthHelper {
                // Configure host includeIf
                const hostIncludeKey = `includeIf.gitdir:${gitDir}.path`;
                yield this.git.config(hostIncludeKey, credentialsConfigPath);
                // Configure host includeIf for worktrees
                const hostWorktreeIncludeKey = `includeIf.gitdir:${gitDir}/worktrees/*.path`;
                yield this.git.config(hostWorktreeIncludeKey, credentialsConfigPath);
                // Container git directory
                const workingDirectory = this.git.getWorkingDirectory();
                const githubWorkspace = process.env['GITHUB_WORKSPACE'];
                assert.ok(githubWorkspace, 'GITHUB_WORKSPACE is not defined');
                const workingDirectory = this.git.getWorkingDirectory();
                let relativePath = path.relative(githubWorkspace, workingDirectory);
                relativePath = relativePath.replace(/\\/g, '/'); // Use forward slashes, even on Windows
                const containerGitDir = path.posix.join('/github/workspace', relativePath, '.git');
@@ -419,6 +427,9 @@ class GitAuthHelper {
                // Configure container includeIf
                const containerIncludeKey = `includeIf.gitdir:${containerGitDir}.path`;
                yield this.git.config(containerIncludeKey, containerCredentialsPath);
                // Configure container includeIf for worktrees
                const containerWorktreeIncludeKey = `includeIf.gitdir:${containerGitDir}/worktrees/*.path`;
                yield this.git.config(containerWorktreeIncludeKey, containerCredentialsPath);
            }
        });
    }
@@ -427,18 +438,16 @@ class GitAuthHelper {
     * @returns The absolute path to the credentials config file
     */
    getCredentialsConfigPath() {
-        return __awaiter(this, void 0, void 0, function* () {
+        if (this.credentialsConfigPath) {
            if (this.credentialsConfigPath) {
                return this.credentialsConfigPath;
            }
            const runnerTemp = process.env['RUNNER_TEMP'] || '';
            assert.ok(runnerTemp, 'RUNNER_TEMP is not defined');
            // Create a unique filename for this checkout instance
            const configFileName = `git-credentials-${(0, uuid_1.v4)()}.config`;
            this.credentialsConfigPath = path.join(runnerTemp, configFileName);
            core.debug(`Credentials config path: ${this.credentialsConfigPath}`);
            return this.credentialsConfigPath;
-        });
+        }
        const runnerTemp = process.env['RUNNER_TEMP'] || '';
        assert.ok(runnerTemp, 'RUNNER_TEMP is not defined');
        // Create a unique filename for this checkout instance
        const configFileName = `git-credentials-${(0, uuid_1.v4)()}.config`;
        this.credentialsConfigPath = path.join(runnerTemp, configFileName);
        core.debug(`Credentials config path: ${this.credentialsConfigPath}`);
        return this.credentialsConfigPath;
    }
    /**
     * Removes SSH authentication configuration by cleaning up SSH keys,
@@ -472,7 +481,7 @@ class GitAuthHelper {
                }
            }
            // SSH command
-            core.info("Removing SSH command configuration");
+            core.info('Removing SSH command configuration');
            yield this.removeGitConfig(SSH_COMMAND_KEY);
            yield this.removeSubmoduleGitConfig(SSH_COMMAND_KEY);
        });
@@ -485,13 +494,13 @@ class GitAuthHelper {
        return __awaiter(this, void 0, void 0, function* () {
            var _a;
            // Remove HTTP extra header
-            core.info("Removing HTTP extra header");
+            core.info('Removing HTTP extra header');
            yield this.removeGitConfig(this.tokenConfigKey);
            yield this.removeSubmoduleGitConfig(this.tokenConfigKey);
            // Collect credentials config paths that need to be removed
            const credentialsPaths = new Set();
            // Remove includeIf entries that point to git-credentials-*.config files
-            core.info("Removing includeIf entries pointing to credentials config files");
+            core.info('Removing includeIf entries pointing to credentials config files');
            const mainCredentialsPaths = yield this.removeIncludeIfCredentials();
            mainCredentialsPaths.forEach(path => credentialsPaths.add(path));
            // Remove submodule includeIf entries that point to git-credentials-*.config files
@@ -556,10 +565,12 @@ class GitAuthHelper {
            const credentialsPaths = new Set();
            try {
                // Get all includeIf.gitdir keys
-                const keys = yield this.git.tryGetConfigKeys('^includeIf\\.gitdir:', false, configPath);
+                const keys = yield this.git.tryGetConfigKeys('^includeIf\\.gitdir:', false, // globalConfig?
                configPath);
                for (const key of keys) {
                    // Get all values for this key
-                    const values = yield this.git.tryGetConfigValues(key, false, configPath);
+                    const values = yield this.git.tryGetConfigValues(key, false, // globalConfig?
                    configPath);
                    if (values.length > 0) {
                        // Remove only values that match git-credentials-<uuid>.config pattern
                        for (const value of values) {
@@ -1060,7 +1071,10 @@ class GitCommandManager {
            if (output.exitCode !== 0) {
                return [];
            }
-            return output.stdout.trim().split('\n').filter(value => value.trim());
+            return output.stdout
                .trim()
                .split('\n')
                .filter(value => value.trim());
        });
    }
    tryGetConfigKeys(pattern, globalConfig, configFile) {
@@ -1077,7 +1091,10 @@ class GitCommandManager {
            if (output.exitCode !== 0) {
                return [];
            }
-            return output.stdout.trim().split('\n').filter(key => key.trim());
+            return output.stdout
                .trim()
                .split('\n')
                .filter(key => key.trim());
        });
    }
    tryReset() {
--- a/src/git-auth-helper.ts
+++ b/src/git-auth-helper.ts
@@ -136,7 +136,12 @@ class GitAuthHelper {
      await this.git.tryConfigUnset(this.insteadOfKey, true)
      if (!this.settings.sshKey) {
        for (const insteadOfValue of this.insteadOfValues) {
-          await this.git.config(this.insteadOfKey, insteadOfValue, true, true)
+          await this.git.config(
            this.insteadOfKey,
            insteadOfValue,
            true, // globalConfig?
            true // add?
          )
        }
      }
    } catch (err) {
@@ -154,8 +159,8 @@ class GitAuthHelper {
    await this.removeSubmoduleGitConfig(this.insteadOfKey)
    if (this.settings.persistCredentials) {
-      // Credentials config path
+      // Get the credentials config file path in RUNNER_TEMP
-      const credentialsConfigPath = await this.getCredentialsConfigPath()
+      const credentialsConfigPath = this.getCredentialsConfigPath()
      // Container credentials config path
      const containerCredentialsPath = path.posix.join(
@@ -163,17 +168,6 @@ class GitAuthHelper {
        path.basename(credentialsConfigPath)
      )
      // Container repo path
      const workingDirectory = this.git.getWorkingDirectory()
      const githubWorkspace = process.env['GITHUB_WORKSPACE']
      assert.ok(githubWorkspace, 'GITHUB_WORKSPACE is not defined')
      let relativePath = path.relative(githubWorkspace, workingDirectory)
      relativePath = relativePath.replace(/\\/g, '/')
      const containerRepoPath = path.posix.join(
        '/github/workspace',
        relativePath
      )
      // Get submodule config file paths.
      const configPaths = await this.git.getSubmoduleConfigPaths(
        this.settings.nestedSubmodules
@@ -190,12 +184,14 @@ class GitAuthHelper {
        await this.git.config(
          `includeIf.gitdir:${submoduleGitDir}.path`,
          credentialsConfigPath,
-          false,
+          false, // globalConfig?
-          false,
+          false, // add?
          configPath
        )
-        // Configure container includeIf
+        // Container submodule git directory
        const githubWorkspace = process.env['GITHUB_WORKSPACE']
        assert.ok(githubWorkspace, 'GITHUB_WORKSPACE is not defined')
        let relativeSubmoduleGitDir = path.relative(
          githubWorkspace,
          submoduleGitDir
@@ -205,11 +201,13 @@ class GitAuthHelper {
          '/github/workspace',
          relativeSubmoduleGitDir
        )
        // Configure container includeIf
        await this.git.config(
          `includeIf.gitdir:${containerSubmoduleGitDir}.path`,
          containerCredentialsPath,
-          false,
+          false, // globalConfig?
-          false,
+          false, // add?
          configPath
        )
      }
@@ -327,7 +325,7 @@ class GitAuthHelper {
   */
  private async configureToken(globalConfig?: boolean): Promise<void> {
    // Get the credentials config file path in RUNNER_TEMP
-    const credentialsConfigPath = await this.getCredentialsConfigPath()
+    const credentialsConfigPath = this.getCredentialsConfigPath()
    // Write placeholder to the separate credentials config file using git config.
    // This approach avoids the credential being captured by process creation audit events,
@@ -336,8 +334,8 @@ class GitAuthHelper {
    await this.git.config(
      this.tokenConfigKey,
      this.tokenPlaceholderConfigValue,
-      false,
+      false, // globalConfig?
-      false,
+      false, // add?
      credentialsConfigPath
    )
@@ -348,7 +346,9 @@ class GitAuthHelper {
      placeholderIndex < 0 ||
      placeholderIndex != content.lastIndexOf(this.tokenPlaceholderConfigValue)
    ) {
-      throw new Error(`Unable to replace auth placeholder in ${credentialsConfigPath}`)
+      throw new Error(
        `Unable to replace auth placeholder in ${credentialsConfigPath}`
      )
    }
    assert.ok(this.tokenConfigValue, 'tokenConfigValue is not defined')
    content = content.replace(
@@ -360,7 +360,11 @@ class GitAuthHelper {
    // Add include or includeIf to reference the credentials config
    if (globalConfig) {
      // Global config file is temporary
-      await this.git.config('include.path', credentialsConfigPath, true)
+      await this.git.config(
        'include.path',
        credentialsConfigPath,
        true // globalConfig?
      )
    } else {
      // Host git directory
      let gitDir = path.join(this.git.getWorkingDirectory(), '.git')
@@ -370,10 +374,14 @@ class GitAuthHelper {
      const hostIncludeKey = `includeIf.gitdir:${gitDir}.path`
      await this.git.config(hostIncludeKey, credentialsConfigPath)
      // Configure host includeIf for worktrees
      const hostWorktreeIncludeKey = `includeIf.gitdir:${gitDir}/worktrees/*.path`
      await this.git.config(hostWorktreeIncludeKey, credentialsConfigPath)
      // Container git directory
      const workingDirectory = this.git.getWorkingDirectory()
      const githubWorkspace = process.env['GITHUB_WORKSPACE']
      assert.ok(githubWorkspace, 'GITHUB_WORKSPACE is not defined')
      const workingDirectory = this.git.getWorkingDirectory()
      let relativePath = path.relative(githubWorkspace, workingDirectory)
      relativePath = relativePath.replace(/\\/g, '/') // Use forward slashes, even on Windows
      const containerGitDir = path.posix.join(
@@ -391,6 +399,13 @@ class GitAuthHelper {
      // Configure container includeIf
      const containerIncludeKey = `includeIf.gitdir:${containerGitDir}.path`
      await this.git.config(containerIncludeKey, containerCredentialsPath)
      // Configure container includeIf for worktrees
      const containerWorktreeIncludeKey = `includeIf.gitdir:${containerGitDir}/worktrees/*.path`
      await this.git.config(
        containerWorktreeIncludeKey,
        containerCredentialsPath
      )
    }
  }
@@ -398,7 +413,7 @@ class GitAuthHelper {
   * Gets or creates the path to the credentials config file in RUNNER_TEMP.
   * @returns The absolute path to the credentials config file
   */
-  private async getCredentialsConfigPath(): Promise<string> {
+  private getCredentialsConfigPath(): string {
    if (this.credentialsConfigPath) {
      return this.credentialsConfigPath
    }
@@ -445,7 +460,7 @@ class GitAuthHelper {
    }
    // SSH command
-    core.info("Removing SSH command configuration")
+    core.info('Removing SSH command configuration')
    await this.removeGitConfig(SSH_COMMAND_KEY)
    await this.removeSubmoduleGitConfig(SSH_COMMAND_KEY)
  }
@@ -456,7 +471,7 @@ class GitAuthHelper {
   */
  private async removeToken(): Promise<void> {
    // Remove HTTP extra header
-    core.info("Removing HTTP extra header")
+    core.info('Removing HTTP extra header')
    await this.removeGitConfig(this.tokenConfigKey)
    await this.removeSubmoduleGitConfig(this.tokenConfigKey)
@@ -464,14 +479,15 @@ class GitAuthHelper {
    const credentialsPaths = new Set<string>()
    // Remove includeIf entries that point to git-credentials-*.config files
-    core.info("Removing includeIf entries pointing to credentials config files")
+    core.info('Removing includeIf entries pointing to credentials config files')
    const mainCredentialsPaths = await this.removeIncludeIfCredentials()
    mainCredentialsPaths.forEach(path => credentialsPaths.add(path))
    // Remove submodule includeIf entries that point to git-credentials-*.config files
    const submoduleConfigPaths = await this.git.getSubmoduleConfigPaths(true)
    for (const configPath of submoduleConfigPaths) {
-      const submoduleCredentialsPaths = await this.removeIncludeIfCredentials(configPath)
+      const submoduleCredentialsPaths =
        await this.removeIncludeIfCredentials(configPath)
      submoduleCredentialsPaths.forEach(path => credentialsPaths.add(path))
    }
@@ -491,7 +507,9 @@ class GitAuthHelper {
          )
        }
      } else {
-        core.debug(`Skipping removal of credentials config '${credentialsPath}' - not under RUNNER_TEMP`)
+        core.debug(
          `Skipping removal of credentials config '${credentialsPath}' - not under RUNNER_TEMP`
        )
      }
    }
  }
@@ -528,16 +546,26 @@ class GitAuthHelper {
   * @param configPath Optional path to a specific git config file to operate on
   * @returns Array of unique credentials config file paths that were found and removed
   */
-  private async removeIncludeIfCredentials(configPath?: string): Promise<string[]> {
+  private async removeIncludeIfCredentials(
    configPath?: string
  ): Promise<string[]> {
    const credentialsPaths = new Set<string>()
    try {
      // Get all includeIf.gitdir keys
-      const keys = await this.git.tryGetConfigKeys('^includeIf\\.gitdir:', false, configPath)
+      const keys = await this.git.tryGetConfigKeys(
        '^includeIf\\.gitdir:',
        false, // globalConfig?
        configPath
      )
      for (const key of keys) {
        // Get all values for this key
-        const values = await this.git.tryGetConfigValues(key, false, configPath)
+        const values = await this.git.tryGetConfigValues(
          key,
          false, // globalConfig?
          configPath
        )
        if (values.length > 0) {
          // Remove only values that match git-credentials-<uuid>.config pattern
          for (const value of values) {
--- a/src/git-command-manager.ts
+++ b/src/git-command-manager.ts
@@ -61,11 +61,24 @@ export interface IGitCommandManager {
  tagExists(pattern: string): Promise<boolean>
  tryClean(): Promise<boolean>
  tryConfigUnset(configKey: string, globalConfig?: boolean): Promise<boolean>
-  tryConfigUnsetValue(configKey: string, configValue: string, globalConfig?: boolean, configFile?: string): Promise<boolean>
+  tryConfigUnsetValue(
    configKey: string,
    configValue: string,
    globalConfig?: boolean,
    configFile?: string
  ): Promise<boolean>
  tryDisableAutomaticGarbageCollection(): Promise<boolean>
  tryGetFetchUrl(): Promise<string>
-  tryGetConfigValues(configKey: string, globalConfig?: boolean, configFile?: string): Promise<string[]>
+  tryGetConfigValues(
-  tryGetConfigKeys(pattern: string, globalConfig?: boolean, configFile?: string): Promise<string[]>
+    configKey: string,
    globalConfig?: boolean,
    configFile?: string
  ): Promise<string[]>
  tryGetConfigKeys(
    pattern: string,
    globalConfig?: boolean,
    configFile?: string
  ): Promise<string[]>
  tryReset(): Promise<boolean>
  version(): Promise<GitVersion>
 }
@@ -544,7 +557,10 @@ class GitCommandManager {
      return []
    }
-    return output.stdout.trim().split('\n').filter(value => value.trim())
+    return output.stdout
      .trim()
      .split('\n')
      .filter(value => value.trim())
  }
  async tryGetConfigKeys(
@@ -566,7 +582,10 @@ class GitCommandManager {
      return []
    }
-    return output.stdout.trim().split('\n').filter(key => key.trim())
+    return output.stdout
      .trim()
      .split('\n')
      .filter(key => key.trim())
  }
  async tryReset(): Promise<boolean> {
--- a/src/misc/generate-docs.ts
+++ b/src/misc/generate-docs.ts
@@ -120,7 +120,7 @@ function updateUsage(
 }
 updateUsage(
-  'actions/checkout@v5',
+  'actions/checkout@v6',
  path.join(__dirname, '..', '..', 'action.yml'),
  path.join(__dirname, '..', '..', 'README.md')
 )
Author	SHA1	Message	Date
eric sciple	8e8c483db8	Clarify v6 README (#2328 )	2025-12-01 20:08:49 -06:00
eric sciple	033fa0dc0b	Add worktree support for persist-credentials includeIf (#2327 )	2025-12-01 19:53:23 -06:00
eric sciple	c2d88d3ecc	Update all references from v5 and v4 to v6 (#2314 ) - Updated README.md examples to reference @v6 - Updated all workflow files to use actions/checkout@v6	2025-11-23 19:32:55 -06:00
eric sciple	1af3b93b68	update readme/changelog for v6 (#2311 )	2025-11-20 10:20:04 -06:00
eric sciple	71cf2267d8	v6-beta (#2298 )	2025-11-03 13:40:10 -06:00
eric sciple	069c695914	Persist creds to a separate file (#2286 )	2025-11-03 13:08:38 -06:00