From d9f802555ffbb24203e79816396f77f668e83b57 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Jul 2026 14:25:50 +0000 Subject: [PATCH] build(deps): bump actions/checkout in /.github/workflows Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 7.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/bump-go-toolchain.yml | 2 +- .github/workflows/bump-vuln-deps.yml | 2 +- .github/workflows/check.yml | 2 +- .github/workflows/conftest.yml | 2 +- .github/workflows/external-message.yml | 2 +- .github/workflows/maintainer-approval.yml | 2 +- .github/workflows/push.yml | 14 +++++++------- .github/workflows/python_push.yml | 6 +++--- .github/workflows/release-build.yml | 8 ++++---- .github/workflows/release-docker.yml | 2 +- .github/workflows/test-owners-scripts.yml | 2 +- .github/workflows/update-schema-docs.yml | 2 +- 12 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/bump-go-toolchain.yml b/.github/workflows/bump-go-toolchain.yml index 080a15e5f9f..79e6479fcba 100644 --- a/.github/workflows/bump-go-toolchain.yml +++ b/.github/workflows/bump-go-toolchain.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Determine current toolchain version id: current diff --git a/.github/workflows/bump-vuln-deps.yml b/.github/workflows/bump-vuln-deps.yml index 27bbce20425..150c03764b9 100644 --- a/.github/workflows/bump-vuln-deps.yml +++ b/.github/workflows/bump-vuln-deps.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup JFrog uses: ./.github/actions/setup-jfrog diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml index 350fed7256b..0a717d613b2 100644 --- a/.github/workflows/check.yml +++ b/.github/workflows/check.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: diff --git a/.github/workflows/conftest.yml b/.github/workflows/conftest.yml index 0f5deda45c6..1fc410e0790 100644 --- a/.github/workflows/conftest.yml +++ b/.github/workflows/conftest.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Install conftest run: |- diff --git a/.github/workflows/external-message.yml b/.github/workflows/external-message.yml index 9a6d12d5202..e9ef0ce13d5 100644 --- a/.github/workflows/external-message.yml +++ b/.github/workflows/external-message.yml @@ -25,7 +25,7 @@ jobs: if: "${{ github.event.pull_request.head.repo.fork }}" steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Delete old comments env: diff --git a/.github/workflows/maintainer-approval.yml b/.github/workflows/maintainer-approval.yml index 12b5659ef01..9af75f2e288 100644 --- a/.github/workflows/maintainer-approval.yml +++ b/.github/workflows/maintainer-approval.yml @@ -56,7 +56,7 @@ jobs: checks: write contents: read steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ github.event.pull_request.base.sha }} persist-credentials: false diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index f80cfba7adc..2e89a51544d 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -37,7 +37,7 @@ jobs: targets: ${{ steps.mask1.outputs.targets || steps.mask2.outputs.targets || steps.mask3.outputs.targets }} steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 @@ -130,7 +130,7 @@ jobs: steps: - name: Checkout repository and submodules - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup build environment uses: ./.github/actions/setup-build-environment @@ -203,7 +203,7 @@ jobs: steps: - name: Checkout repository and submodules - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup build environment uses: ./.github/actions/setup-build-environment @@ -255,7 +255,7 @@ jobs: steps: - name: Checkout repository and submodules - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup build environment uses: ./.github/actions/setup-build-environment @@ -307,7 +307,7 @@ jobs: steps: - name: Checkout repository and submodules - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup build environment uses: ./.github/actions/setup-build-environment @@ -359,7 +359,7 @@ jobs: steps: - name: Checkout repository and submodules - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup build environment uses: ./.github/actions/setup-build-environment @@ -410,7 +410,7 @@ jobs: steps: - name: Checkout repository and submodules - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 # Dedicated cache-key so this job's Go cache doesn't evict the primary # test caches from the 10 GB GHA quota. diff --git a/.github/workflows/python_push.yml b/.github/workflows/python_push.yml index be62bcd22be..e5f99c4fd0d 100644 --- a/.github/workflows/python_push.yml +++ b/.github/workflows/python_push.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout repository and submodules - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 @@ -52,7 +52,7 @@ jobs: steps: - name: Checkout repository and submodules - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 @@ -73,7 +73,7 @@ jobs: steps: - name: Checkout repository and submodules - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index d262fe08574..270e1d34a39 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 fetch-tags: true @@ -45,7 +45,7 @@ jobs: # composite actions (e.g. setup-jfrog) and the goreleaser config are # available even when the built ref is an older tag that predates them. - name: Checkout workflow ref for local actions - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ github.sha }} path: .workflow-actions @@ -148,7 +148,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 fetch-tags: true @@ -158,7 +158,7 @@ jobs: # composite actions (e.g. setup-jfrog) and the goreleaser config are # available even when the built ref is an older tag that predates them. - name: Checkout workflow ref for local actions - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ github.sha }} path: .workflow-actions diff --git a/.github/workflows/release-docker.yml b/.github/workflows/release-docker.yml index 74366224105..361d881f53d 100644 --- a/.github/workflows/release-docker.yml +++ b/.github/workflows/release-docker.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Checkout repository at release tag - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ inputs.tag }} diff --git a/.github/workflows/test-owners-scripts.yml b/.github/workflows/test-owners-scripts.yml index 9538eb5178b..b80c6fdc26b 100644 --- a/.github/workflows/test-owners-scripts.yml +++ b/.github/workflows/test-owners-scripts.yml @@ -19,7 +19,7 @@ jobs: steps: # Full checkout (no sparse-checkout): `owners.js validate` verifies that # every OWNERS path exists in the tree, so it needs the whole repo. - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Run OWNERS script tests run: node --test .github/scripts/owners.test.js .github/workflows/maintainer-approval.test.js - name: Validate OWNERS and OWNERTEAMS diff --git a/.github/workflows/update-schema-docs.yml b/.github/workflows/update-schema-docs.yml index a3e67fff28b..e057d601317 100644 --- a/.github/workflows/update-schema-docs.yml +++ b/.github/workflows/update-schema-docs.yml @@ -29,7 +29,7 @@ jobs: steps: - name: Checkout main - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: # Regen runs against `main`. fetch-depth: 0 + fetch-tags: true ensure # since_version.go can resolve `git show :bundle/schema/jsonschema.json`