From add4cde2f15727c103bf80bc9ec4bacf960499e4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Sep 2025 07:22:01 +0000 Subject: [PATCH] chore: bump actions/checkout from 4.2.2 to 5.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/cicd.yml | 18 +++++++++--------- .github/workflows/codeql.yml | 2 +- .github/workflows/document-validation.yml | 6 +++--- .github/workflows/generate-release.yml | 4 ++-- .github/workflows/repository-validation.yml | 6 +++--- .github/workflows/security-hardening.yml | 2 +- 6 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 5c61c41..a19a7f1 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -43,7 +43,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Run Shellcheck run: bash <(curl -s https://raw.githubusercontent.com/CICDToolbox/shellcheck/master/pipeline.sh) @@ -52,7 +52,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Run JSON Lint run: bash <(curl -s https://raw.githubusercontent.com/CICDToolbox/json-lint/master/pipeline.sh) @@ -66,7 +66,7 @@ jobs: python-versions: ${{ fromJson(needs.get-python-versions.outputs.version-matrix) }} steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - name: Set up Python ${{ matrix.python-versions }} uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 with: @@ -84,7 +84,7 @@ jobs: python-versions: ${{ fromJson(needs.get-python-versions.outputs.version-matrix) }} steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Python ${{ matrix.python-versions }} uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 with: @@ -102,7 +102,7 @@ jobs: python-versions: ${{ fromJson(needs.get-python-versions.outputs.version-matrix) }} steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Python ${{ matrix.python-versions }} uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 with: @@ -120,7 +120,7 @@ jobs: python-versions: ${{ fromJson(needs.get-python-versions.outputs.version-matrix) }} steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Python ${{ matrix.python-versions }} uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 with: @@ -138,7 +138,7 @@ jobs: python-versions: ${{ fromJson(needs.get-python-versions.outputs.version-matrix) }} steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Python ${{ matrix.python-versions }} uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 with: @@ -156,7 +156,7 @@ jobs: python-versions: ${{ fromJson(needs.get-python-versions.outputs.version-matrix) }} steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Python ${{ matrix.python-versions }} uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 with: @@ -179,6 +179,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Check Job Statuses run: .github/scripts/check-jobs.sh '${{ toJson(needs) }}' diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 654762e..d5a869f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Initialize CodeQL uses: github/codeql-action/init@8fcfedf57053e09257688fce7a0beeb18b1b9ae3 # v2.17.2 diff --git a/.github/workflows/document-validation.yml b/.github/workflows/document-validation.yml index e73779d..bd2067b 100644 --- a/.github/workflows/document-validation.yml +++ b/.github/workflows/document-validation.yml @@ -55,7 +55,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the Repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup Ruby ${{ needs.get-ruby-version.outputs.version }} uses: ruby/setup-ruby@44511735964dcb71245e7e55f72539531f7bc0eb # v1.257.0 @@ -74,7 +74,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the Repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup Node ${{ needs.get-node-version.outputs.version }} uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 @@ -96,7 +96,7 @@ jobs: steps: - name: Checkout the Repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Check Job Statuses run: .github/scripts/check-jobs.sh '${{ toJson(needs) }}' diff --git a/.github/workflows/generate-release.yml b/.github/workflows/generate-release.yml index 4b5afc0..a0757ca 100644 --- a/.github/workflows/generate-release.yml +++ b/.github/workflows/generate-release.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Checkout the repository # Using a specific SHA for the checkout action ensures the action version is stable and secure. - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 - name: Set the release version @@ -44,7 +44,7 @@ jobs: - set-release-version steps: - name: Checkout the repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 - name: Generate changelog diff --git a/.github/workflows/repository-validation.yml b/.github/workflows/repository-validation.yml index bc57d32..fe426c2 100644 --- a/.github/workflows/repository-validation.yml +++ b/.github/workflows/repository-validation.yml @@ -58,7 +58,7 @@ jobs: steps: - name: Checkout the Repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup Go ${{ needs.get-go-version.outputs.version }} uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # V5.4.0 @@ -74,7 +74,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the Repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Python ${{ needs.get-python-version.outputs.version }} uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # V5.6.0 @@ -94,7 +94,7 @@ jobs: steps: - name: Checkout the Repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Check Job Statuses run: .github/scripts/check-jobs.sh '${{ toJson(needs) }}' diff --git a/.github/workflows/security-hardening.yml b/.github/workflows/security-hardening.yml index 0dcac91..aff5c83 100644 --- a/.github/workflows/security-hardening.yml +++ b/.github/workflows/security-hardening.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout code # Use a specific SHA to checkout the code, ensuring the action is secure and hasn't been tampered with. - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Ensure SHA pinned actions # Utilize a community GitHub Action to verify all used actions are pinned to a SHA for enhanced security. uses: zgosalvez/github-actions-ensure-sha-pinned-actions@2d6823da4039243036c86d76f503c84e2ded2517 # v3.0.24