chore(deps): bump actions/checkout from 5.0.1 to 6.0.2#23
chore(deps): bump actions/checkout from 5.0.1 to 6.0.2#23dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.1 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@93cb6ef...de0fac2) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
There was a problem hiding this comment.
Pull request overview
Updates GitHub Actions workflows to use a newer pinned commit for actions/checkout, aligning repository checkout behavior with actions/checkout v6.0.2.
Changes:
- Bump
actions/checkoutpin from v5.0.1 to v6.0.2 in the publish-on-tag workflow (both checkout steps). - Bump
actions/checkoutpin from v5.0.1 to v6.0.2 in the deploy-docs workflow. - Bump
actions/checkoutpin from v5.0.1 to v6.0.2 in the chores-pages workflow.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| .github/workflows/publish-on-tag.yml | Updates actions/checkout to the v6.0.2 pinned SHA in release/publish jobs. |
| .github/workflows/deploy-docs.yml | Updates actions/checkout to the v6.0.2 pinned SHA for docs build workflow. |
| .github/workflows/chores-pages.yml | Updates actions/checkout to the v6.0.2 pinned SHA for scheduled Pages config checks. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| - name: Checkout repository | ||
| uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 | ||
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | ||
| with: | ||
| fetch-depth: 0 |
There was a problem hiding this comment.
This PR updates actions/checkout to v6.0.2 in this workflow, but the repo still has reusable workflows that are invoked by publish-on-tag.yml (e.g. .github/workflows/reusable/reusable-npm-publish.yml and reusable-deploy-docs.yml) pinned to the old v5.0.1 SHA. That means the overall release pipeline still runs actions/checkout v5 in those jobs, which is inconsistent with the PR’s stated purpose; please bump those references too (or adjust the PR title/description if the partial bump is intentional).
Bumps actions/checkout from 5.0.1 to 6.0.2.
Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
de0fac2Fix tag handling: preserve annotations and explicit fetch-tags (#2356)064fe7fAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...8e8c483Clarify v6 README (#2328)033fa0dAdd worktree support for persist-credentials includeIf (#2327)c2d88d3Update all references from v5 and v4 to v6 (#2314)1af3b93update readme/changelog for v6 (#2311)71cf226v6-beta (#2298)069c695Persist creds to a separate file (#2286)ff7abcdUpdate README to include Node.js 24 support details and requirements (#2248)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)