chore(deps)!: Update GitHub Actions to v7#53
Conversation
|
Warning Review limit reached
Next review available in: 39 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (9)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
There was a problem hiding this comment.
Pull request overview
Updates the repository’s GitHub Actions workflows to use actions/checkout v7 (pinned by commit SHA) in order to keep CI/security/release automation current.
Changes:
- Bumped
actions/checkoutfrom v6.x to v7 across all workflows that perform a checkout. - Updated the pinned checkout digest consistently across CI, security, release, and provenance workflows.
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/slsa-provenance.yml | Update checkout action pin to v7 for provenance build job. |
| .github/workflows/security-analysis.yml | Update checkout action pin to v7 for security scan job. |
| .github/workflows/reuse.yml | Update checkout action pin to v7 for REUSE compliance job. |
| .github/workflows/release.yml | Update checkout action pin to v7 for test + release jobs. |
| .github/workflows/publish-artifact-registry.yml | Update checkout action pin to v7 for publish workflow. |
| .github/workflows/pr-validation.yml | Update checkout action pin to v7 for dead-code job. |
| .github/workflows/dependency-review.yml | Update checkout action pin to v7 for dependency review job. |
| .github/workflows/codeql.yml | Update checkout action pin to v7 for CodeQL analysis job. |
| .github/workflows/ci.yml | Update checkout action pin to v7 across CI jobs. |
| - name: Checkout repository | ||
| uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 | ||
| uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 |
51480f3 to
0d5a5db
Compare
|



Summary
Why
Scheduled patch update, bug fixes and security patches with no API changes.
Changes
This PR contains the following updates:
v6.0.3→v7.0.0v6→v7Impact
Acceptance Criteria
Testing
Notes
Release Notes
actions/checkout (actions/checkout)
v7.0.0Compare Source
v7Compare Source
Configuration
📅 Schedule: (in timezone America/New_York)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR has been generated by Mend Renovate.