From c9b8bd2c0ee019fa9b5f51ed1327a9bfe33a8a07 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Jun 2026 02:54:17 +0000 Subject: [PATCH] Bump actions/checkout from 6.0.3 to 7.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.3 to 7.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/df4cb1c069e1874edd31b4311f1884172cec0e10...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 10 +++++----- .github/workflows/cve-monitor.yml | 4 ++-- .github/workflows/publish.yml | 8 ++++---- .github/workflows/release.yml | 2 +- .github/workflows/tag-release.yml | 2 +- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c09146a..5f563c6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,7 +12,7 @@ jobs: container: ghcr.io/knight-owl-dev/ci-tools:latest steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Lint run: make lint @@ -23,7 +23,7 @@ jobs: container: ghcr.io/knight-owl-dev/ci-tools:latest steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 # The default BATS_RUNNER docker-runs the ci-tools image for local # macOS users who may not have bats installed. In CI we're already @@ -40,7 +40,7 @@ jobs: images: ${{ steps.list.outputs.images }} steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: List distributable images id: list @@ -61,7 +61,7 @@ jobs: arch: [amd64, arm64] steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 # Version is a placeholder — CI exercises the packaging pipeline, # not a real release. The publish workflow uses each image's version. @@ -109,7 +109,7 @@ jobs: steps: - name: Checkout (for verify script) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: scripts sparse-checkout-cone-mode: false diff --git a/.github/workflows/cve-monitor.yml b/.github/workflows/cve-monitor.yml index c6f5fdb..b1c1d5b 100644 --- a/.github/workflows/cve-monitor.yml +++ b/.github/workflows/cve-monitor.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: List published images id: list @@ -53,7 +53,7 @@ jobs: steps: - name: Checkout # Sparse checkout: per-image .trivyignore.yaml and the issue body template. - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | images/${{ matrix.image }}/.trivyignore.yaml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 75511fb..230d61b 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -16,7 +16,7 @@ jobs: distributable: ${{ steps.compute.outputs.distributable }} steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Validate release tag # Strict vN.N.N only. The tag is the release version; the release PR @@ -46,7 +46,7 @@ jobs: image: ${{ fromJSON(needs.matrix.outputs.images) }} steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Load build args id: args @@ -146,7 +146,7 @@ jobs: image: ${{ fromJSON(needs.matrix.outputs.distributable) }} steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Extract release version id: version @@ -187,7 +187,7 @@ jobs: contents: write steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Determine packaging set id: pkg diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fdf5c13..f81c284 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 # full history + tags for the per-image diff base persist-credentials: false diff --git a/.github/workflows/tag-release.yml b/.github/workflows/tag-release.yml index 4372b32..74a467a 100644 --- a/.github/workflows/tag-release.yml +++ b/.github/workflows/tag-release.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout merge commit - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ github.event.pull_request.merge_commit_sha }} persist-credentials: false