From af0ae74ed2d6722c39d0555d3a15e91b5c61ed45 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Apr 2026 22:12:28 +0000 Subject: [PATCH] build(deps): bump actions/checkout from 4 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 12 ++++++------ .github/workflows/codeql.yml | 2 +- .github/workflows/commitlint.yml | 2 +- .github/workflows/sbom.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d3a3fa67..9f6d0aaa 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -17,7 +17,7 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: jdx/mise-action@v2 - run: pnpm install --frozen-lockfile --ignore-scripts - run: pnpm exec biome ci . @@ -25,7 +25,7 @@ jobs: typecheck: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: jdx/mise-action@v2 - run: pnpm install --frozen-lockfile --ignore-scripts - run: pnpm -r exec tsc --noEmit @@ -37,7 +37,7 @@ jobs: os: [ubuntu-latest, macos-latest, windows-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: jdx/mise-action@v2 - name: Ensure node-gyp is available for native tree-sitter build run: npm i -g node-gyp @@ -47,7 +47,7 @@ jobs: sarif-validate: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: jdx/mise-action@v2 - run: pnpm install --frozen-lockfile --ignore-scripts - run: pnpm -F @opencodehub/sarif build @@ -56,13 +56,13 @@ jobs: banned-strings: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - run: bash scripts/check-banned-strings.sh licenses: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: jdx/mise-action@v2 - run: pnpm install --frozen-lockfile --ignore-scripts - name: license allowlist diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d3459f38..f507e22a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -23,7 +23,7 @@ jobs: matrix: language: [javascript-typescript, python] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml index 3c1d0e6e..6d136225 100644 --- a/.github/workflows/commitlint.yml +++ b/.github/workflows/commitlint.yml @@ -12,7 +12,7 @@ jobs: commitlint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - uses: jdx/mise-action@v2 diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml index b809bc78..4d6afbc1 100644 --- a/.github/workflows/sbom.yml +++ b/.github/workflows/sbom.yml @@ -12,7 +12,7 @@ jobs: sbom: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: jdx/mise-action@v2 - run: pnpm install --frozen-lockfile --ignore-scripts - name: Generate CycloneDX SBOM diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 52ff8896..ff3600a1 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -19,7 +19,7 @@ jobs: contents: read actions: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: persist-credentials: false - uses: ossf/scorecard-action@v2.4.0