From 7fa08da03202d4e15be8bea9844445d92b7c2c3a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Jun 2026 14:36:16 +0000 Subject: [PATCH 1/2] chore(deps): bump actions/checkout from 6.0.2 to 6.0.3 Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 6.0.3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/build-android.yml | 16 ++++++++-------- .github/workflows/build-cli-tools.yml | 2 +- .github/workflows/build-docs.yml | 2 +- .github/workflows/build-scripts.yml | 2 +- .../pr-dependabot-dependency-guard-update.yml | 2 +- .github/workflows/pr-request-report-labels.yml | 2 +- .github/workflows/quality-checks.yml | 8 ++++---- .github/workflows/quality-markdown.yml | 2 +- .github/workflows/security-codeql.yml | 2 +- .github/workflows/security-fluidscan.yml | 2 +- .github/workflows/security-scorecard.yml | 2 +- .github/workflows/shippable_builds.yml | 6 +++--- .github/workflows/translation-update.yml | 2 +- .github/workflows/validate-gradle.yml | 2 +- .github/workflows/validate-workflows.yml | 2 +- 15 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/build-android.yml b/.github/workflows/build-android.yml index 2d2c3dde4ba..80f33c2a04f 100644 --- a/.github/workflows/build-android.yml +++ b/.github/workflows/build-android.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 @@ -62,7 +62,7 @@ jobs: needs: [build-common] steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 @@ -79,7 +79,7 @@ jobs: needs: [ build-common ] steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 @@ -100,7 +100,7 @@ jobs: needs: [build-common] steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 @@ -117,7 +117,7 @@ jobs: needs: [ build-common ] steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 @@ -142,7 +142,7 @@ jobs: needs: [build-common] steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 @@ -159,7 +159,7 @@ jobs: needs: [build-common] steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 @@ -176,7 +176,7 @@ jobs: needs: [build-common] steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 diff --git a/.github/workflows/build-cli-tools.yml b/.github/workflows/build-cli-tools.yml index 2cba858ed10..ff976cd492f 100644 --- a/.github/workflows/build-cli-tools.yml +++ b/.github/workflows/build-cli-tools.yml @@ -25,7 +25,7 @@ jobs: timeout-minutes: 30 steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml index 43b2080ae13..b918c81bcc7 100644 --- a/.github/workflows/build-docs.yml +++ b/.github/workflows/build-docs.yml @@ -32,7 +32,7 @@ jobs: private-key: ${{ secrets.BOT_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ steps.app-token.outputs.token || github.token }} diff --git a/.github/workflows/build-scripts.yml b/.github/workflows/build-scripts.yml index d1d992c725a..27361b1fc20 100644 --- a/.github/workflows/build-scripts.yml +++ b/.github/workflows/build-scripts.yml @@ -24,7 +24,7 @@ jobs: timeout-minutes: 20 steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 diff --git a/.github/workflows/pr-dependabot-dependency-guard-update.yml b/.github/workflows/pr-dependabot-dependency-guard-update.yml index 81e941c6430..6d07e4fae58 100644 --- a/.github/workflows/pr-dependabot-dependency-guard-update.yml +++ b/.github/workflows/pr-dependabot-dependency-guard-update.yml @@ -40,7 +40,7 @@ jobs: private-key: ${{ secrets.BOT_PRIVATE_KEY }} - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: ref: ${{ github.head_ref }} token: ${{ steps.app-token.outputs.token || github.token }} diff --git a/.github/workflows/pr-request-report-labels.yml b/.github/workflows/pr-request-report-labels.yml index 0068682df0d..1fb80c6fe57 100644 --- a/.github/workflows/pr-request-report-labels.yml +++ b/.github/workflows/pr-request-report-labels.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Validate report label id: validate diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index ee711b4acf0..5f79484e526 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 @@ -48,7 +48,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 @@ -74,7 +74,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 @@ -91,7 +91,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 diff --git a/.github/workflows/quality-markdown.yml b/.github/workflows/quality-markdown.yml index c551c7158f0..ea88a06715c 100644 --- a/.github/workflows/quality-markdown.yml +++ b/.github/workflows/quality-markdown.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Cargo cache uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1.16.1 diff --git a/.github/workflows/security-codeql.yml b/.github/workflows/security-codeql.yml index cd312d0b1eb..34fb72e2cdf 100644 --- a/.github/workflows/security-codeql.yml +++ b/.github/workflows/security-codeql.yml @@ -34,7 +34,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Setup Gradle environment if: matrix.language == 'java-kotlin' diff --git a/.github/workflows/security-fluidscan.yml b/.github/workflows/security-fluidscan.yml index 91d917fbbd0..42404626429 100644 --- a/.github/workflows/security-fluidscan.yml +++ b/.github/workflows/security-fluidscan.yml @@ -20,7 +20,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 with: persist-credentials: false diff --git a/.github/workflows/security-scorecard.yml b/.github/workflows/security-scorecard.yml index 40e0077af96..177ec0408d2 100644 --- a/.github/workflows/security-scorecard.yml +++ b/.github/workflows/security-scorecard.yml @@ -23,7 +23,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false diff --git a/.github/workflows/shippable_builds.yml b/.github/workflows/shippable_builds.yml index 8722f3453ac..97f559028f0 100644 --- a/.github/workflows/shippable_builds.yml +++ b/.github/workflows/shippable_builds.yml @@ -222,7 +222,7 @@ jobs: - name: Checkout repository if: ${{ contains(matrix.releaseTarget, 'github') || needs.dump_config.outputs.releaseType == 'daily' }} - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 token: ${{ steps.app-token.outputs.token || github.token }} @@ -470,7 +470,7 @@ jobs: cat $GITHUB_OUTPUT - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: ref: ${{ steps.sha.outputs.app_sha }} @@ -694,7 +694,7 @@ jobs: cat $GITHUB_OUTPUT - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: ref: ${{ steps.shanotes.outputs.app_sha }} diff --git a/.github/workflows/translation-update.yml b/.github/workflows/translation-update.yml index 9e70ffca04e..fdaac17332e 100644 --- a/.github/workflows/translation-update.yml +++ b/.github/workflows/translation-update.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 diff --git a/.github/workflows/validate-gradle.yml b/.github/workflows/validate-gradle.yml index 72a21930cc3..d095d17a4dd 100644 --- a/.github/workflows/validate-gradle.yml +++ b/.github/workflows/validate-gradle.yml @@ -12,5 +12,5 @@ jobs: name: Validate Gradle Wrapper runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: gradle/actions/wrapper-validation@0723195856401067f7a2779048b490ace7a47d7c # v5.0.2 diff --git a/.github/workflows/validate-workflows.yml b/.github/workflows/validate-workflows.yml index 5793dedc05e..430ab5a1347 100644 --- a/.github/workflows/validate-workflows.yml +++ b/.github/workflows/validate-workflows.yml @@ -21,7 +21,7 @@ jobs: validate-workflows: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Ensure GitHub actions are SHA pinned env: From 48abb17c7c1abe924ed3cc9afb5ae6c652abfe70 Mon Sep 17 00:00:00 2001 From: Corey Bryant Date: Wed, 17 Jun 2026 17:10:19 -0400 Subject: [PATCH 2/2] Update checkout action version in workflow --- .github/workflows/security-fluidscan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/security-fluidscan.yml b/.github/workflows/security-fluidscan.yml index 42404626429..7400e1139bb 100644 --- a/.github/workflows/security-fluidscan.yml +++ b/.github/workflows/security-fluidscan.yml @@ -20,7 +20,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false