From f0b969933dbbb88a18220744ff77ccb697e0d55a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Jul 2026 19:53:01 +0000 Subject: [PATCH] chore(deps): bump actions/checkout from 6 to 7 Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/audit-required-checks.yml | 6 +++--- .github/workflows/claude-adversarial-review.yml | 2 +- .github/workflows/claude-author-automerge.yml | 2 +- .github/workflows/claude-review.yml | 2 +- .github/workflows/codex-review.yml | 2 +- .github/workflows/coverage-floor.yml | 2 +- .github/workflows/lint.yml | 6 +++--- .github/workflows/openapi-types-drift.yml | 6 +++--- .github/workflows/pr-classify.yml | 2 +- .github/workflows/prettier-autofix.yml | 2 +- .github/workflows/regression-convention.yml | 2 +- .github/workflows/tests-runner.yml | 8 ++++---- .github/workflows/tty-tests.yml | 2 +- .github/workflows/verifier-on-high-risk.yml | 4 ++-- 14 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/audit-required-checks.yml b/.github/workflows/audit-required-checks.yml index e6d1ea8..886149c 100644 --- a/.github/workflows/audit-required-checks.yml +++ b/.github/workflows/audit-required-checks.yml @@ -48,7 +48,7 @@ jobs: outputs: digest_path: per-org-digest-topcoder1.md steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Run fleet audit (topcoder1) env: @@ -89,7 +89,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 15 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Run fleet audit (whois-api-llc) env: @@ -126,7 +126,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 5 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/download-artifact@v8 continue-on-error: true # tolerate jobs that failed before uploading diff --git a/.github/workflows/claude-adversarial-review.yml b/.github/workflows/claude-adversarial-review.yml index 49e8267..194fc9b 100644 --- a/.github/workflows/claude-adversarial-review.yml +++ b/.github/workflows/claude-adversarial-review.yml @@ -32,7 +32,7 @@ jobs: id-token: write steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: ${{ inputs.checkout_depth }} diff --git a/.github/workflows/claude-author-automerge.yml b/.github/workflows/claude-author-automerge.yml index 1e72018..5f12db9 100644 --- a/.github/workflows/claude-author-automerge.yml +++ b/.github/workflows/claude-author-automerge.yml @@ -145,7 +145,7 @@ jobs: # path still work. steps: - name: Checkout PR head - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/claude-review.yml b/.github/workflows/claude-review.yml index bc2dd41..e7169d4 100644 --- a/.github/workflows/claude-review.yml +++ b/.github/workflows/claude-review.yml @@ -31,7 +31,7 @@ jobs: id-token: write steps: - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: ${{ inputs.checkout_depth }} diff --git a/.github/workflows/codex-review.yml b/.github/workflows/codex-review.yml index 4506175..d5be5b5 100644 --- a/.github/workflows/codex-review.yml +++ b/.github/workflows/codex-review.yml @@ -29,7 +29,7 @@ jobs: pull-requests: write steps: - name: Checkout (full history for diff against base) - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 diff --git a/.github/workflows/coverage-floor.yml b/.github/workflows/coverage-floor.yml index 8005eda..8e7407c 100644 --- a/.github/workflows/coverage-floor.yml +++ b/.github/workflows/coverage-floor.yml @@ -217,7 +217,7 @@ jobs: --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: fetch-depth: 0 # PR branch ref so seed-mode push targets the right branch. diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 09d2646..11f3b67 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -122,7 +122,7 @@ jobs: if: ${{ format('{0}', inputs.run_actionlint) != 'false' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Download actionlint id: get_actionlint @@ -165,7 +165,7 @@ jobs: # startup_failure if exceeded by the caller's grant. pull-requests: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -394,7 +394,7 @@ jobs: if: ${{ format('{0}', inputs.run_shellcheck_scripts) == 'true' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Run shellcheck # Ubuntu runners ship with shellcheck preinstalled, so no install diff --git a/.github/workflows/openapi-types-drift.yml b/.github/workflows/openapi-types-drift.yml index 40a62d8..12d95dd 100644 --- a/.github/workflows/openapi-types-drift.yml +++ b/.github/workflows/openapi-types-drift.yml @@ -123,7 +123,7 @@ jobs: pull-requests: write steps: - name: Checkout consumer repo (PR head) - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 1 path: consumer @@ -137,7 +137,7 @@ jobs: set -euo pipefail case "$REV_SOURCE" in head) - # Empty rev means actions/checkout@v6 uses the default branch of + # Empty rev means actions/checkout@v7 uses the default branch of # the contracts repo (equivalent to omitting `ref:`). Passing the # literal string "HEAD" would be treated as a branch/tag name, # which fails on repos that have no branch named "HEAD". @@ -307,7 +307,7 @@ jobs: esac - name: Checkout contracts repo - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: repository: ${{ inputs.contracts_repo }} # Empty string here (contracts_rev_source=head) means actions/checkout diff --git a/.github/workflows/pr-classify.yml b/.github/workflows/pr-classify.yml index ff45014..de8690c 100644 --- a/.github/workflows/pr-classify.yml +++ b/.github/workflows/pr-classify.yml @@ -46,7 +46,7 @@ jobs: class: ${{ steps.compute.outputs.class }} steps: - name: Checkout caller repo - uses: actions/checkout@v6 + uses: actions/checkout@v7 - name: Verify risk-paths.yml exists run: | diff --git a/.github/workflows/prettier-autofix.yml b/.github/workflows/prettier-autofix.yml index b381c4b..75315fa 100644 --- a/.github/workflows/prettier-autofix.yml +++ b/.github/workflows/prettier-autofix.yml @@ -95,7 +95,7 @@ jobs: pull-requests: read steps: - name: Checkout PR head with PAT - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: # Check out the PR's head ref (not the merge commit) so our push # writes back to the same branch the PR is tracking. diff --git a/.github/workflows/regression-convention.yml b/.github/workflows/regression-convention.yml index 7c55dde..a4f5994 100644 --- a/.github/workflows/regression-convention.yml +++ b/.github/workflows/regression-convention.yml @@ -70,7 +70,7 @@ jobs: # no-op (no diff to enforce against). if: github.event_name == 'pull_request' steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/tests-runner.yml b/.github/workflows/tests-runner.yml index 2427898..0cb3c4a 100644 --- a/.github/workflows/tests-runner.yml +++ b/.github/workflows/tests-runner.yml @@ -93,7 +93,7 @@ jobs: runner: ${{ steps.d.outputs.runner }} go_version: ${{ steps.d.outputs.go_version }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - id: d env: # `inputs.X` is empty on pull_request/push triggers (only populated @@ -154,7 +154,7 @@ jobs: if: needs.detect.outputs.language == 'python' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-python@v6 with: python-version: ${{ inputs.python_version || '3.13' }} @@ -228,7 +228,7 @@ jobs: if: needs.detect.outputs.language == 'go' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-go@v6 with: go-version: ${{ needs.detect.outputs.go_version }} @@ -251,7 +251,7 @@ jobs: if: needs.detect.outputs.language == 'js' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: node-version: ${{ inputs.node_version || '20' }} diff --git a/.github/workflows/tty-tests.yml b/.github/workflows/tty-tests.yml index 848384f..d56473b 100644 --- a/.github/workflows/tty-tests.yml +++ b/.github/workflows/tty-tests.yml @@ -65,7 +65,7 @@ jobs: env: TERM: xterm-256color steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Detect tty fixtures id: detect diff --git a/.github/workflows/verifier-on-high-risk.yml b/.github/workflows/verifier-on-high-risk.yml index a42cdb7..bdbb89b 100644 --- a/.github/workflows/verifier-on-high-risk.yml +++ b/.github/workflows/verifier-on-high-risk.yml @@ -82,7 +82,7 @@ jobs: fi - name: Checkout caller code - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -116,7 +116,7 @@ jobs: echo "Changed paths:"; cat changed-paths.txt - name: Checkout ci-workflows at pinned SHA (composite action source) - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: repository: topcoder1/ci-workflows ref: ${{ inputs.ci_workflows_sha }}