From 4b71e6044201bd2eee37c6137384832eeeb175a0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Mar 2026 12:50:42 +0000 Subject: [PATCH] chore(ci): bump actions/checkout from 4 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci-bootstrap.yml | 10 +++++----- .github/workflows/ci-cd-pipeline.yml | 12 ++++++------ .github/workflows/ci-cd.yaml | 10 +++++----- .github/workflows/ci-gap-closure.yml | 12 ++++++------ .github/workflows/ci-unified.yml | 20 ++++++++++---------- .github/workflows/ci.yml | 12 ++++++------ .github/workflows/container-scan.yml | 14 +++++++------- .github/workflows/dast-pipeline.yml | 4 ++-- .github/workflows/dependency-check.yml | 8 ++++---- .github/workflows/dependency-review.yml | 2 +- .github/workflows/deploy-cloud-run-gap.yml | 2 +- .github/workflows/deploy-cloud-run.yml | 2 +- .github/workflows/deploy-edge.yml | 2 +- .github/workflows/deploy-full.yml | 12 ++++++------ .github/workflows/deploy.yml | 10 +++++----- .github/workflows/dvc-hydrate.yml | 2 +- .github/workflows/heady-cicd.yml | 8 ++++---- .github/workflows/heady-validator.yml | 12 ++++++------ .github/workflows/headybuddy-android.yml | 8 ++++---- .github/workflows/learning-pipeline.yml | 2 +- .github/workflows/liquid-deploy.yml | 6 +++--- .github/workflows/performance-baseline.yml | 2 +- .github/workflows/pilot-cicd.yml | 10 +++++----- .github/workflows/pre-deploy-check.yml | 2 +- .github/workflows/production-deploy.yml | 4 ++-- .github/workflows/promote-to-main.yml | 4 ++-- .github/workflows/promote-to-staging.yml | 2 +- .github/workflows/quality-gates.yml | 8 ++++---- .github/workflows/rollback.yml | 2 +- .github/workflows/sast-pipeline.yml | 12 ++++++------ .github/workflows/secret-scan.yml | 2 +- .github/workflows/secret-scanning.yml | 2 +- .github/workflows/security-gate.yml | 4 ++-- .github/workflows/security-scan.yml | 12 ++++++------ .github/workflows/self-healing.yml | 4 ++-- .github/workflows/turbo-ci.yml | 4 ++-- 36 files changed, 122 insertions(+), 122 deletions(-) diff --git a/.github/workflows/ci-bootstrap.yml b/.github/workflows/ci-bootstrap.yml index 479dd49ae..0fd6a9341 100644 --- a/.github/workflows/ci-bootstrap.yml +++ b/.github/workflows/ci-bootstrap.yml @@ -27,7 +27,7 @@ jobs: name: Security Gates runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 @@ -57,7 +57,7 @@ jobs: name: Lint & Test runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: @@ -79,7 +79,7 @@ jobs: id-token: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to Google Cloud uses: google-github-actions/auth@v2 @@ -142,7 +142,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: @@ -171,7 +171,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: diff --git a/.github/workflows/ci-cd-pipeline.yml b/.github/workflows/ci-cd-pipeline.yml index 0e7ffebea..7141ff054 100644 --- a/.github/workflows/ci-cd-pipeline.yml +++ b/.github/workflows/ci-cd-pipeline.yml @@ -39,7 +39,7 @@ jobs: has_merge_conflicts: ${{ steps.conflict_check.outputs.has_conflicts }} phi_math_valid: ${{ steps.phi_check.outputs.valid }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 @@ -105,7 +105,7 @@ jobs: runs-on: ubuntu-latest needs: preflight steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: @@ -145,7 +145,7 @@ jobs: contents: read packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Log in to Container Registry uses: docker/login-action@v3 @@ -192,7 +192,7 @@ jobs: - heady-buddy-portal steps: - name: Checkout site repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: HeadyConnection/${{ matrix.site }} token: ${{ secrets.HEADY_PAT }} @@ -248,7 +248,7 @@ jobs: if: github.event_name == 'push' && github.ref == 'refs/heads/main' environment: staging steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Push to Staging run: | @@ -281,7 +281,7 @@ jobs: name: production url: https://headysystems.com steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Push to Production run: | diff --git a/.github/workflows/ci-cd.yaml b/.github/workflows/ci-cd.yaml index 5e43e123c..4ed661574 100644 --- a/.github/workflows/ci-cd.yaml +++ b/.github/workflows/ci-cd.yaml @@ -47,7 +47,7 @@ jobs: timeout-minutes: 10 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: @@ -80,7 +80,7 @@ jobs: needs: lint-test steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 @@ -129,7 +129,7 @@ jobs: digest: ${{ steps.build-push.outputs.digest }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to GCP uses: google-github-actions/auth@v2 @@ -179,7 +179,7 @@ jobs: id-token: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to GCP uses: google-github-actions/auth@v2 @@ -236,7 +236,7 @@ jobs: (github.event.inputs.deploy_target == 'cloudflare' || github.event.inputs.deploy_target == 'all') steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: diff --git a/.github/workflows/ci-gap-closure.yml b/.github/workflows/ci-gap-closure.yml index f02b77686..012c8d388 100644 --- a/.github/workflows/ci-gap-closure.yml +++ b/.github/workflows/ci-gap-closure.yml @@ -33,7 +33,7 @@ jobs: name: 'ยง7 Systematic Scan' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: 'STEP 2 โ€” Localhost contamination (ZERO TOLERANCE)' run: | @@ -94,7 +94,7 @@ jobs: runs-on: ubuntu-latest needs: [systematic-scan] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: pnpm/action-setup@v4 with: @@ -121,7 +121,7 @@ jobs: runs-on: ubuntu-latest needs: [systematic-scan] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: pnpm/action-setup@v4 with: @@ -164,7 +164,7 @@ jobs: runs-on: ubuntu-latest needs: [lint] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: pnpm/action-setup@v4 with: @@ -217,7 +217,7 @@ jobs: --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: pnpm/action-setup@v4 with: @@ -254,7 +254,7 @@ jobs: contents: read id-token: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to GCP uses: google-github-actions/auth@v2 diff --git a/.github/workflows/ci-unified.yml b/.github/workflows/ci-unified.yml index 968543565..475ae5ee8 100644 --- a/.github/workflows/ci-unified.yml +++ b/.github/workflows/ci-unified.yml @@ -48,7 +48,7 @@ jobs: should_deploy: ${{ steps.check.outputs.should_deploy }} deploy_target: ${{ steps.check.outputs.deploy_target }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - id: check run: | if [[ "${{ github.ref }}" == "refs/heads/production" && "${{ github.event_name }}" == "push" ]]; then @@ -72,7 +72,7 @@ jobs: name: "Stage 1: Security Gates" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 @@ -118,7 +118,7 @@ jobs: name: "Stage 2: Code Quality" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -139,7 +139,7 @@ jobs: runs-on: ubuntu-latest needs: [quality] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -164,7 +164,7 @@ jobs: name: "Stage 3b: Python Tests" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION }} @@ -180,7 +180,7 @@ jobs: runs-on: ubuntu-latest needs: [quality] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -200,7 +200,7 @@ jobs: runs-on: ubuntu-latest needs: [test-node, security, validate] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -223,7 +223,7 @@ jobs: contents: read id-token: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to Google Cloud uses: google-github-actions/auth@v2 with: @@ -261,7 +261,7 @@ jobs: needs: [build, preflight] if: needs.preflight.outputs.should_deploy == 'true' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -287,7 +287,7 @@ jobs: needs: [deploy-cloud-run] if: always() && needs.deploy-cloud-run.result == 'success' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ddd01d1c1..47d2f8824 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,7 +19,7 @@ jobs: name: Code Quality runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -34,7 +34,7 @@ jobs: name: Security Audit runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -59,7 +59,7 @@ jobs: runs-on: ubuntu-latest needs: [lint] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -82,7 +82,7 @@ jobs: name: Python Tests runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-python@v5 with: python-version: ${{ env.PYTHON_VERSION }} @@ -95,7 +95,7 @@ jobs: runs-on: ubuntu-latest needs: [test, security] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -111,7 +111,7 @@ jobs: if: github.ref == 'refs/heads/production' && github.event_name == 'push' environment: production steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: google-github-actions/auth@v2 with: credentials_json: ${{ secrets.GCP_SA_KEY }} diff --git a/.github/workflows/container-scan.yml b/.github/workflows/container-scan.yml index 97fa1aedf..167466c9e 100644 --- a/.github/workflows/container-scan.yml +++ b/.github/workflows/container-scan.yml @@ -47,7 +47,7 @@ jobs: dockerfiles: ${{ steps.find.outputs.dockerfiles }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Find all Dockerfiles id: find @@ -70,7 +70,7 @@ jobs: timeout-minutes: 15 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Run Trivy filesystem scan uses: aquasecurity/trivy-action@master @@ -132,7 +132,7 @@ jobs: dockerfile: ${{ fromJson(needs.discover-dockerfiles.outputs.dockerfiles) }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -199,7 +199,7 @@ jobs: if: needs.discover-dockerfiles.outputs.dockerfiles != '[]' steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Run hadolint on all Dockerfiles uses: hadolint/hadolint-action@v3.1.0 @@ -249,7 +249,7 @@ jobs: if: needs.discover-dockerfiles.outputs.dockerfiles != '[]' steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check base image freshness run: | @@ -309,7 +309,7 @@ jobs: if: needs.discover-dockerfiles.outputs.dockerfiles != '[]' steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Verify Dockerfiles use non-root user id: check @@ -370,7 +370,7 @@ jobs: timeout-minutes: 5 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Verify .dockerignore covers sensitive paths run: | diff --git a/.github/workflows/dast-pipeline.yml b/.github/workflows/dast-pipeline.yml index c4ed5310f..d25d0bd32 100644 --- a/.github/workflows/dast-pipeline.yml +++ b/.github/workflows/dast-pipeline.yml @@ -87,7 +87,7 @@ jobs: needs: setup steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Create ZAP config run: | @@ -181,7 +181,7 @@ jobs: needs: setup steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install Nuclei run: | diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml index 5f66683b7..6f3f9bff4 100644 --- a/.github/workflows/dependency-check.yml +++ b/.github/workflows/dependency-check.yml @@ -52,7 +52,7 @@ jobs: timeout-minutes: 15 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js uses: actions/setup-node@v4 @@ -85,7 +85,7 @@ jobs: high_count: ${{ steps.audit.outputs.high }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js uses: actions/setup-node@v4 @@ -140,7 +140,7 @@ jobs: violations: ${{ steps.check.outputs.violations }} steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js uses: actions/setup-node@v4 @@ -212,7 +212,7 @@ jobs: dockerfile: Dockerfile.mcp steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check if Dockerfile exists id: check_dockerfile diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index bf9541dc4..476086b11 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -18,7 +18,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Dependency Review uses: actions/dependency-review-action@v4 diff --git a/.github/workflows/deploy-cloud-run-gap.yml b/.github/workflows/deploy-cloud-run-gap.yml index df3fe9872..4f1e77503 100644 --- a/.github/workflows/deploy-cloud-run-gap.yml +++ b/.github/workflows/deploy-cloud-run-gap.yml @@ -38,7 +38,7 @@ jobs: id-token: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to GCP uses: google-github-actions/auth@v2 diff --git a/.github/workflows/deploy-cloud-run.yml b/.github/workflows/deploy-cloud-run.yml index 0010c4085..b0a9acd55 100644 --- a/.github/workflows/deploy-cloud-run.yml +++ b/.github/workflows/deploy-cloud-run.yml @@ -9,7 +9,7 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: google-github-actions/auth@v2 with: credentials_json: '${{ secrets.GCP_SA_KEY }}' diff --git a/.github/workflows/deploy-edge.yml b/.github/workflows/deploy-edge.yml index 4b46addba..af0e160a7 100644 --- a/.github/workflows/deploy-edge.yml +++ b/.github/workflows/deploy-edge.yml @@ -8,7 +8,7 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: pnpm/action-setup@v4 with: version: 10.6.0 diff --git a/.github/workflows/deploy-full.yml b/.github/workflows/deploy-full.yml index 53df189c5..19bfc716e 100644 --- a/.github/workflows/deploy-full.yml +++ b/.github/workflows/deploy-full.yml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-latest continue-on-error: true steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 @@ -62,7 +62,7 @@ jobs: name: ๐Ÿงฌ Validate Monorepo runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -106,7 +106,7 @@ jobs: runs-on: ubuntu-latest continue-on-error: true steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -141,7 +141,7 @@ jobs: contents: read id-token: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to Google Cloud uses: google-github-actions/auth@v2 continue-on-error: true @@ -250,7 +250,7 @@ jobs: continue-on-error: true if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -284,7 +284,7 @@ jobs: continue-on-error: true if: github.event_name == 'push' || github.event_name == 'workflow_dispatch' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Deploy Edge Proxy continue-on-error: true env: diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 3f03d9a4e..491a3114c 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -61,7 +61,7 @@ jobs: name: Security Scan runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 @@ -91,7 +91,7 @@ jobs: needs: security-scan runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -118,7 +118,7 @@ jobs: image_tag: ${{ steps.meta.outputs.tags }} image_digest: ${{ steps.build.outputs.digest }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to GCP uses: google-github-actions/auth@v2 @@ -173,7 +173,7 @@ jobs: runs-on: ubuntu-latest environment: production steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to GCP uses: google-github-actions/auth@v2 @@ -251,7 +251,7 @@ jobs: (github.event.inputs.target == 'all' || github.event.inputs.target == 'edge' || github.event.inputs.target == '') runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: diff --git a/.github/workflows/dvc-hydrate.yml b/.github/workflows/dvc-hydrate.yml index e886fe066..938272cf6 100644 --- a/.github/workflows/dvc-hydrate.yml +++ b/.github/workflows/dvc-hydrate.yml @@ -8,7 +8,7 @@ jobs: hydrate: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: { fetch-depth: 0 } - uses: actions/setup-python@v5 with: { python-version: "3.11" } diff --git a/.github/workflows/heady-cicd.yml b/.github/workflows/heady-cicd.yml index be317cc16..7ba52f0f9 100644 --- a/.github/workflows/heady-cicd.yml +++ b/.github/workflows/heady-cicd.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup Node.js uses: actions/setup-node@v4 @@ -47,7 +47,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: TruffleHog Secrets Scan uses: trufflesecurity/trufflehog@main @@ -71,7 +71,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Deploy to Cloudflare uses: cloudflare/wrangler-action@v3 @@ -87,7 +87,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to Google Cloud uses: google-github-actions/auth@v2 diff --git a/.github/workflows/heady-validator.yml b/.github/workflows/heady-validator.yml index e871fdcef..b24bb5c24 100644 --- a/.github/workflows/heady-validator.yml +++ b/.github/workflows/heady-validator.yml @@ -51,7 +51,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -78,7 +78,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 15 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -194,7 +194,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Scan for Secrets run: | echo "Scanning for hardcoded secrets..." @@ -254,7 +254,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 20 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Validate Dockerfiles Exist run: | SERVICES_WITH_DOCKER=0 @@ -303,7 +303,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 5 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} @@ -359,7 +359,7 @@ jobs: needs: [lint-and-typecheck, unit-tests, security-scan] timeout-minutes: 10 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: ${{ env.NODE_VERSION }} diff --git a/.github/workflows/headybuddy-android.yml b/.github/workflows/headybuddy-android.yml index 1f78d9938..55b9a7e03 100644 --- a/.github/workflows/headybuddy-android.yml +++ b/.github/workflows/headybuddy-android.yml @@ -18,7 +18,7 @@ jobs: static-analysis: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-java@v4 with: distribution: temurin @@ -53,7 +53,7 @@ jobs: runs-on: ubuntu-latest needs: static-analysis steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-java@v4 with: distribution: temurin @@ -86,7 +86,7 @@ jobs: runs-on: macos-latest needs: unit-tests steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-java@v4 with: distribution: temurin @@ -120,7 +120,7 @@ jobs: needs: instrumented-tests if: github.event_name == 'push' && github.ref == 'refs/heads/main' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-java@v4 with: distribution: temurin diff --git a/.github/workflows/learning-pipeline.yml b/.github/workflows/learning-pipeline.yml index 493d35ec4..dfe30d982 100644 --- a/.github/workflows/learning-pipeline.yml +++ b/.github/workflows/learning-pipeline.yml @@ -6,5 +6,5 @@ jobs: learning: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - run: echo "Run learning lane, summary generation, and pattern promotion" diff --git a/.github/workflows/liquid-deploy.yml b/.github/workflows/liquid-deploy.yml index 2a999621e..fa570d2b0 100644 --- a/.github/workflows/liquid-deploy.yml +++ b/.github/workflows/liquid-deploy.yml @@ -54,7 +54,7 @@ jobs: steps: - name: Checkout monorepo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 2 # Need previous commit for diff @@ -127,13 +127,13 @@ jobs: steps: - name: Checkout monorepo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 1 path: monorepo - name: Checkout vertical repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: ${{ matrix.repo }} token: ${{ secrets.HEADY_BOT_TOKEN }} diff --git a/.github/workflows/performance-baseline.yml b/.github/workflows/performance-baseline.yml index ec991da72..28b0ef8eb 100644 --- a/.github/workflows/performance-baseline.yml +++ b/.github/workflows/performance-baseline.yml @@ -83,7 +83,7 @@ jobs: steps: # โ”€โ”€ 1. Checkout target branch โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€ - name: Checkout ${{ env.TARGET_BRANCH }} - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ env.TARGET_BRANCH }} fetch-depth: 1 diff --git a/.github/workflows/pilot-cicd.yml b/.github/workflows/pilot-cicd.yml index 2e846c948..e2408c364 100644 --- a/.github/workflows/pilot-cicd.yml +++ b/.github/workflows/pilot-cicd.yml @@ -15,7 +15,7 @@ jobs: name: Lint & Type Check runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: '20' @@ -28,7 +28,7 @@ jobs: name: Unit & Integration Tests runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: '20' @@ -40,7 +40,7 @@ jobs: name: Security Scan runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Run Snyk uses: snyk/actions/node@master env: @@ -52,7 +52,7 @@ jobs: needs: [lint, test, security] if: github.ref == 'refs/heads/pilot' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: docker/setup-buildx-action@v3 - uses: docker/login-action@v3 with: @@ -76,7 +76,7 @@ jobs: name: pilot url: https://pilot.headyme.com steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: azure/setup-kubectl@v3 - name: Configure kubectl diff --git a/.github/workflows/pre-deploy-check.yml b/.github/workflows/pre-deploy-check.yml index a49eb9b7b..72d435d73 100644 --- a/.github/workflows/pre-deploy-check.yml +++ b/.github/workflows/pre-deploy-check.yml @@ -7,7 +7,7 @@ jobs: validate: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: pnpm/action-setup@v4 with: version: 10.6.0 diff --git a/.github/workflows/production-deploy.yml b/.github/workflows/production-deploy.yml index c2b0aa114..fb8e2ed56 100644 --- a/.github/workflows/production-deploy.yml +++ b/.github/workflows/production-deploy.yml @@ -225,7 +225,7 @@ jobs: revision: ${{ steps.deploy.outputs.revision }} rollback-revision: ${{ steps.get-current.outputs.revision }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to Google Cloud uses: google-github-actions/auth@v2 @@ -378,7 +378,7 @@ jobs: needs: [deploy] if: failure() && needs.deploy.result == 'failure' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Authenticate to Google Cloud uses: google-github-actions/auth@v2 diff --git a/.github/workflows/promote-to-main.yml b/.github/workflows/promote-to-main.yml index 34bd3fed3..24f268f95 100644 --- a/.github/workflows/promote-to-main.yml +++ b/.github/workflows/promote-to-main.yml @@ -44,7 +44,7 @@ jobs: steps: - name: Checkout current repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -186,7 +186,7 @@ jobs: steps: - name: Checkout current repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/promote-to-staging.yml b/.github/workflows/promote-to-staging.yml index 133640121..fdbbe5e13 100644 --- a/.github/workflows/promote-to-staging.yml +++ b/.github/workflows/promote-to-staging.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout current repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/quality-gates.yml b/.github/workflows/quality-gates.yml index 1de53d7e5..bb54a1a29 100644 --- a/.github/workflows/quality-gates.yml +++ b/.github/workflows/quality-gates.yml @@ -15,7 +15,7 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: "22" @@ -47,7 +47,7 @@ jobs: --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: "22" @@ -62,7 +62,7 @@ jobs: security-scan: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: "22" @@ -76,7 +76,7 @@ jobs: runs-on: ubuntu-latest if: contains(github.event.pull_request.labels.*.name, 'ai-change') steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/setup-node@v4 with: node-version: "22" diff --git a/.github/workflows/rollback.yml b/.github/workflows/rollback.yml index 038a20599..0a90b2b30 100644 --- a/.github/workflows/rollback.yml +++ b/.github/workflows/rollback.yml @@ -62,7 +62,7 @@ jobs: steps: # โ”€โ”€ 1. Checkout for scripts โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€ - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 1 diff --git a/.github/workflows/sast-pipeline.yml b/.github/workflows/sast-pipeline.yml index 0d7a89b7c..d41953350 100644 --- a/.github/workflows/sast-pipeline.yml +++ b/.github/workflows/sast-pipeline.yml @@ -51,7 +51,7 @@ jobs: language: [ javascript, typescript ] steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -108,7 +108,7 @@ jobs: image: returntocorp/semgrep:latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Run Semgrep (OSS ruleset + custom rules) env: @@ -162,7 +162,7 @@ jobs: timeout-minutes: 15 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js uses: actions/setup-node@v4 @@ -236,7 +236,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js uses: actions/setup-node@v4 @@ -281,7 +281,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 # Full history for git log scanning @@ -324,7 +324,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js uses: actions/setup-node@v4 diff --git a/.github/workflows/secret-scan.yml b/.github/workflows/secret-scan.yml index d9be53504..fab277714 100644 --- a/.github/workflows/secret-scan.yml +++ b/.github/workflows/secret-scan.yml @@ -13,7 +13,7 @@ jobs: secret-scan: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Check for blocked file extensions run: | diff --git a/.github/workflows/secret-scanning.yml b/.github/workflows/secret-scanning.yml index e336b281c..981a517ed 100644 --- a/.github/workflows/secret-scanning.yml +++ b/.github/workflows/secret-scanning.yml @@ -12,7 +12,7 @@ jobs: secret-scan: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/security-gate.yml b/.github/workflows/security-gate.yml index 93f7b4acc..43b509784 100644 --- a/.github/workflows/security-gate.yml +++ b/.github/workflows/security-gate.yml @@ -181,7 +181,7 @@ jobs: secrets_count: ${{ steps.gitleaks.outputs.count }} steps: - name: Checkout PR - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} @@ -231,7 +231,7 @@ jobs: violations_json: ${{ steps.check.outputs.violations_json }} steps: - name: Checkout PR - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index fe3269c81..46911cf95 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -35,7 +35,7 @@ jobs: language: [javascript] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Initialize CodeQL uses: github/codeql-action/init@v4 @@ -67,7 +67,7 @@ jobs: timeout-minutes: 15 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js uses: actions/setup-node@v4 @@ -108,7 +108,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -156,7 +156,7 @@ jobs: if: github.event_name == 'push' && github.ref == 'refs/heads/main' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Build Docker image run: docker build -t heady-scan:${{ github.sha }} . @@ -183,7 +183,7 @@ jobs: timeout-minutes: 15 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Run Semgrep uses: returntocorp/semgrep-action@v1 @@ -211,7 +211,7 @@ jobs: timeout-minutes: 10 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js uses: actions/setup-node@v4 diff --git a/.github/workflows/self-healing.yml b/.github/workflows/self-healing.yml index 92e63edfd..829bd9495 100644 --- a/.github/workflows/self-healing.yml +++ b/.github/workflows/self-healing.yml @@ -124,7 +124,7 @@ jobs: steps: - name: Checkout source - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node ${{ env.NODE_VERSION }} uses: actions/setup-node@v4 @@ -315,7 +315,7 @@ jobs: steps: - name: Checkout source - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Authenticate to Google Cloud uses: google-github-actions/auth@v2 diff --git a/.github/workflows/turbo-ci.yml b/.github/workflows/turbo-ci.yml index 082d7c3b0..5f714171b 100644 --- a/.github/workflows/turbo-ci.yml +++ b/.github/workflows/turbo-ci.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 # Full history for turbo --filter @@ -60,7 +60,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Authenticate to GCP uses: google-github-actions/auth@v2