Skip to content

Commit a012edd

Browse files
chore(deps): update actions/checkout action to v7 (#373)
This PR contains the following updates: | Package | Type | Update | Change | | --- ## Generated Summary - Upgraded GitHub Actions checkout from version v6.0.3 to v7.0.0 across all workflows. - Updated .github/workflows/meta-sync-labels.yaml to use the new checkout action commit. - Modified .github/workflows/renovate.yaml to reference the updated checkout commit. - Revised .github/workflows/rigging_pr_description.yml to apply the checkout update for proper diffing. - Adjusted .github/workflows/semgrep.yaml to utilize the latest checkout version for enhanced token handling. This summary was generated with ❤️ by [rigging](https://docs.dreadnode.io/rigging/) | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | `v6.0.3` → `v7.0.0` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v7.0.0`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700) [Compare Source](https://redirect.github.com/actions/checkout/compare/v7.0.0...v7.0.0) - Block checking out fork PR for pull\_request\_target and workflow\_run by [@&#8203;aiqiaoy](https://redirect.github.com/aiqiaoy) in [#&#8203;2454](https://redirect.github.com/actions/checkout/pull/2454) - Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&#8203;2458](https://redirect.github.com/actions/checkout/pull/2458) - Bump flatted from 3.3.1 to 3.4.2 by [@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&#8203;2460](https://redirect.github.com/actions/checkout/pull/2460) - Bump js-yaml from 4.1.0 to 4.2.0 by [@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&#8203;2461](https://redirect.github.com/actions/checkout/pull/2461) - Bump [@&#8203;actions/core](https://redirect.github.com/actions/core) and [@&#8203;actions/tool-cache](https://redirect.github.com/actions/tool-cache) and Remove uuid by [@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&#8203;2459](https://redirect.github.com/actions/checkout/pull/2459) - upgrade module to esm and update dependencies by [@&#8203;aiqiaoy](https://redirect.github.com/aiqiaoy) in [#&#8203;2463](https://redirect.github.com/actions/checkout/pull/2463) - Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&#8203;2462](https://redirect.github.com/actions/checkout/pull/2462) ### [`v7`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700) [Compare Source](https://redirect.github.com/actions/checkout/compare/v6.0.3...v7.0.0) - Block checking out fork PR for pull\_request\_target and workflow\_run by [@&#8203;aiqiaoy](https://redirect.github.com/aiqiaoy) in [#&#8203;2454](https://redirect.github.com/actions/checkout/pull/2454) - Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&#8203;2458](https://redirect.github.com/actions/checkout/pull/2458) - Bump flatted from 3.3.1 to 3.4.2 by [@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&#8203;2460](https://redirect.github.com/actions/checkout/pull/2460) - Bump js-yaml from 4.1.0 to 4.2.0 by [@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&#8203;2461](https://redirect.github.com/actions/checkout/pull/2461) - Bump [@&#8203;actions/core](https://redirect.github.com/actions/core) and [@&#8203;actions/tool-cache](https://redirect.github.com/actions/tool-cache) and Remove uuid by [@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&#8203;2459](https://redirect.github.com/actions/checkout/pull/2459) - upgrade module to esm and update dependencies by [@&#8203;aiqiaoy](https://redirect.github.com/aiqiaoy) in [#&#8203;2463](https://redirect.github.com/actions/checkout/pull/2463) - Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@&#8203;dependabot](https://redirect.github.com/dependabot)\[bot] in [#&#8203;2462](https://redirect.github.com/actions/checkout/pull/2462) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMzEuMiIsInVwZGF0ZWRJblZlciI6IjQzLjIzMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
2 parents d3fe202 + ba4c9aa commit a012edd

4 files changed

Lines changed: 4 additions & 4 deletions

File tree

.github/workflows/meta-sync-labels.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ jobs:
2525
private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
2626

2727
- name: Set up git repository
28-
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
28+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2929
with:
3030
token: "${{ steps.app-token.outputs.token }}"
3131

.github/workflows/renovate.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,7 @@ jobs:
5959
private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}"
6060

6161
- name: Checkout
62-
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
62+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
6363
with:
6464
token: "${{ steps.app-token.outputs.token }}"
6565

.github/workflows/rigging_pr_description.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ jobs:
1313
contents: read
1414

1515
steps:
16-
- uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
16+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
1717
with:
1818
fetch-depth: 0 # full history for proper diffing
1919

.github/workflows/semgrep.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ jobs:
3838

3939
steps:
4040
- name: Set up git repository
41-
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
41+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
4242
with:
4343
token: ${{ secrets.GITHUB_TOKEN }}
4444

0 commit comments

Comments
 (0)