Merge pull request #636 from dependabot/dependabot/github_actions/actions/checkout-5

Bump actions/checkout from 4 to 5
2026-03-12 18:07:12 -04:00 · 2025-10-10 13:19:23 -07:00
parent fc6f54062b a62b0915e2
commit 46afdda46f
7 changed files with 9 additions and 9 deletions
--- a/.github/workflows/check-uncommitted.yml
+++ b/.github/workflows/check-uncommitted.yml
@@ -13,7 +13,7 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5

      - uses: actions/setup-node@v4
        with:
@@ -33,7 +33,7 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5

      - name: Compare the expected vs actual files
        run: test -z "$(git status --porcelain)"
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -13,7 +13,7 @@ jobs:
    name: CI
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v5

    - uses: actions/setup-node@v4
      with:
--- a/.github/workflows/dependabot-auto-merge.yml
+++ b/.github/workflows/dependabot-auto-merge.yml
@@ -14,7 +14,7 @@ jobs:
          app-id: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_APP_ID }}
          private-key: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_PRIVATE_KEY }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5

      - name: Auto-merge
        run: gh pr merge --auto --merge '${{ github.event.pull_request.html_url }}'
--- a/.github/workflows/dependabot-build.yml
+++ b/.github/workflows/dependabot-build.yml
@@ -16,7 +16,7 @@ jobs:
      dependency-type: ${{ steps.dependabot-metadata.outputs.dependency-type }}
      package-ecosystem: ${{ steps.dependabot-metadata.outputs.package-ecosystem }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5

      - name: Fetch dependabot metadata
        id: dependabot-metadata
@@ -36,7 +36,7 @@ jobs:
          app-id: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_APP_ID }}
          private-key: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_PRIVATE_KEY }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          # Check out using an app token so any pushed changes will trigger checkruns
          token: ${{ steps.generate_token.outputs.token }}
--- a/.github/workflows/release-bump-version.yml
+++ b/.github/workflows/release-bump-version.yml
@@ -27,7 +27,7 @@ jobs:
          app-id: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_APP_ID }}
          private-key: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_PRIVATE_KEY }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          # Ensure we start from main in case the workflow is run from a branch
          ref: "main"
--- a/.github/workflows/release-move-tracking-tag.yml
+++ b/.github/workflows/release-move-tracking-tag.yml
@@ -43,7 +43,7 @@ jobs:
          app-id: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_APP_ID }}
          private-key: ${{ secrets.FETCH_METADATA_ACTION_AUTOMATION_PRIVATE_KEY }}

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          token: ${{ steps.generate_token.outputs.token }}

--- a/.github/workflows/release-publish-package.yml
+++ b/.github/workflows/release-publish-package.yml
@@ -14,7 +14,7 @@ jobs:
      packages: write

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      
      - name: Publish
        id: publish