From 0a5a7a6f00960cc5c7ea2548782387874bc769ca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 7 Jun 2026 17:23:05 +0000 Subject: [PATCH] build(deps): bump the github-actions-dependencies group across 1 directory with 5 updates Bumps the github-actions-dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `6.0.3` | | [actions/setup-dotnet](https://github.com/actions/setup-dotnet) | `5.2.0` | `5.3.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `6.3.0` | `6.4.0` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `47.0.0` | `47.0.6` | | [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `23.0.0` | `23.2.0` | Updates `actions/checkout` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10) Updates `actions/setup-dotnet` from 5.2.0 to 5.3.0 - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](https://github.com/actions/setup-dotnet/compare/c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7...9a946fdbd5fb07b82b2f5a4466058b876ab72bb2) Updates `actions/setup-node` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/53b83947a5a98c8d113130e565377fae1a50d02f...48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e) Updates `tj-actions/changed-files` from 47.0.0 to 47.0.6 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/24d32ffd492484c1d75e0c0b894501ddb9d30d62...9426d40962ed5378910ee2e21d5f8c6fcbf2dd96) Updates `DavidAnson/markdownlint-cli2-action` from 23.0.0 to 23.2.0 - [Release notes](https://github.com/davidanson/markdownlint-cli2-action/releases) - [Commits](https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...ded1f9488f68a970bc66ea5619e13e9b52e601cd) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-dependencies - dependency-name: actions/setup-dotnet dependency-version: 5.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-dependencies - dependency-name: actions/setup-node dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-dependencies - dependency-name: tj-actions/changed-files dependency-version: 47.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-dependencies - dependency-name: DavidAnson/markdownlint-cli2-action dependency-version: 23.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-dependencies ... Signed-off-by: dependabot[bot] --- .../codeowners-folder-validation.yml | 2 +- .github/workflows/evaluation.yml | 24 +++++++++---------- .github/workflows/gh-aw-upgrade.yml | 2 +- .github/workflows/markdownlint.yml | 6 ++--- .github/workflows/skill-check.yml | 4 ++-- .github/workflows/skill-coverage.yml | 2 +- .github/workflows/skill-validator.yml | 8 +++---- 7 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/codeowners-folder-validation.yml b/.github/workflows/codeowners-folder-validation.yml index 26c4fb7..447d987 100644 --- a/.github/workflows/codeowners-folder-validation.yml +++ b/.github/workflows/codeowners-folder-validation.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false diff --git a/.github/workflows/evaluation.yml b/.github/workflows/evaluation.yml index e0f5ab4..e80c55b 100644 --- a/.github/workflows/evaluation.yml +++ b/.github/workflows/evaluation.yml @@ -75,7 +75,7 @@ jobs: statuses: write steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 persist-credentials: false @@ -137,7 +137,7 @@ jobs: statuses: write steps: - name: Checkout base branch - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: ref: ${{ github.event.pull_request.base.sha }} fetch-depth: 0 @@ -327,7 +327,7 @@ jobs: - name: Checkout repository if: github.event_name != 'schedule' || steps.check-changes.outputs.has_changes == 'true' - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 persist-credentials: false @@ -471,7 +471,7 @@ jobs: # changes are tested. For fork PRs (untrusted), always build from the # base branch to prevent untrusted code from modifying tooling. - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: ref: ${{ needs.gate.outputs.is_fork != 'true' && needs.gate.outputs.head_sha || '' }} persist-credentials: false @@ -489,7 +489,7 @@ jobs: - name: Setup .NET SDK if: steps.cache-validator.outputs.cache-hit != 'true' - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # v5 with: global-json-file: global.json @@ -529,13 +529,13 @@ jobs: steps: - name: Checkout skills content - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: ref: ${{ needs.gate.outputs.head_sha || '' }} persist-credentials: false - name: Setup .NET SDK - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # v5 with: global-json-file: global.json @@ -854,7 +854,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false @@ -986,7 +986,7 @@ jobs: cancel-in-progress: false steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false @@ -1077,7 +1077,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false @@ -1204,11 +1204,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository (for dashboard UI files) - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false - - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 + - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: 20 diff --git a/.github/workflows/gh-aw-upgrade.yml b/.github/workflows/gh-aw-upgrade.yml index b3d5b5a..6a74d17 100644 --- a/.github/workflows/gh-aw-upgrade.yml +++ b/.github/workflows/gh-aw-upgrade.yml @@ -13,7 +13,7 @@ jobs: upgrade: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - name: Install gh-aw CLI run: curl -sL https://raw.githubusercontent.com/github/gh-aw/main/install-gh-aw.sh | bash diff --git a/.github/workflows/markdownlint.yml b/.github/workflows/markdownlint.yml index c3fb945..b35d55e 100644 --- a/.github/workflows/markdownlint.yml +++ b/.github/workflows/markdownlint.yml @@ -19,13 +19,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false fetch-depth: 0 - name: Get changed Markdown files - uses: tj-actions/changed-files@24d32ffd492484c1d75e0c0b894501ddb9d30d62 # v47 + uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6 id: changed-files with: files: "**/*.md" @@ -33,7 +33,7 @@ jobs: - name: Run markdownlint if: steps.changed-files.outputs.any_changed == 'true' - uses: DavidAnson/markdownlint-cli2-action@ce4853d43830c74c1753b39f3cf40f71c2031eb9 # v23 + uses: DavidAnson/markdownlint-cli2-action@ded1f9488f68a970bc66ea5619e13e9b52e601cd # v23 with: globs: ${{ steps.changed-files.outputs.all_changed_files }} separator: "," diff --git a/.github/workflows/skill-check.yml b/.github/workflows/skill-check.yml index c444826..96be53d 100644 --- a/.github/workflows/skill-check.yml +++ b/.github/workflows/skill-check.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false @@ -28,7 +28,7 @@ jobs: - name: Setup .NET SDK if: steps.cache-validator.outputs.cache-hit != 'true' - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # v5 with: global-json-file: global.json diff --git a/.github/workflows/skill-coverage.yml b/.github/workflows/skill-coverage.yml index 6c83fa3..4a40ceb 100644 --- a/.github/workflows/skill-coverage.yml +++ b/.github/workflows/skill-coverage.yml @@ -112,7 +112,7 @@ jobs: # Checkout the default branch for trusted tooling (Measure-SkillCoverage.ps1), # then fetch the PR head into a separate worktree so untrusted code is never executed. - name: Checkout base branch (trusted tooling) - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false diff --git a/.github/workflows/skill-validator.yml b/.github/workflows/skill-validator.yml index 4a63fb2..d6fc950 100644 --- a/.github/workflows/skill-validator.yml +++ b/.github/workflows/skill-validator.yml @@ -26,7 +26,7 @@ jobs: outputs: has_changes: ${{ steps.check.outputs.has_changes }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: fetch-depth: 0 @@ -73,10 +73,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: false - - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5 + - uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # v5 with: global-json-file: global.json @@ -148,7 +148,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 with: persist-credentials: true