From 9af10849bd64a5bac62c08f1624f2d08d38e362d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 29 May 2026 14:48:53 +0000
Subject: [PATCH] Bump the actions group across 1 directory with 5 updates

Bumps the actions group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |
| [generoi/github-actions](https://github.com/generoi/github-actions) | `1` | `2` |
| [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) | `20` | `21` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` |
| [actions/setup-node](https://github.com/actions/setup-node) | `6.3.0` | `6.4.0` |



Updates `actions/checkout` from 4 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

Updates `generoi/github-actions` from 1 to 2
- [Commits](https://github.com/generoi/github-actions/compare/v1...v2)

Updates `dawidd6/action-download-artifact` from 20 to 21
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](https://github.com/dawidd6/action-download-artifact/compare/8305c0f1062bb0d184d09ef4493ecb9288447732...b6e2e70617bc3265edd6dab6c906732b2f1ae151)

Updates `actions/upload-artifact` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a)

Updates `actions/setup-node` from 6.3.0 to 6.4.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/53b83947a5a98c8d113130e565377fae1a50d02f...48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-node
  dependency-version: 6.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: dawidd6/action-download-artifact
  dependency-version: '21'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: generoi/github-actions
  dependency-version: '2'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/codex.yml                 | 8 ++++----
 .github/workflows/composer-update-tests.yml | 2 +-
 .github/workflows/deploy.yml                | 4 ++--
 .github/workflows/e2e.yml                   | 4 ++--
 .github/workflows/sync-db.yml               | 8 ++++----
 .github/workflows/test.yml                  | 4 ++--
 .github/workflows/vulnerability-scan.yml    | 2 +-
 7 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/codex.yml b/.github/workflows/codex.yml
index 90e4bb9..9a13157 100644
--- a/.github/workflows/codex.yml
+++ b/.github/workflows/codex.yml
@@ -24,7 +24,7 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
       - name: Setup project
-        uses: generoi/github-actions/setup@v1
+        uses: generoi/github-actions/setup@v2
         with:
           npm_fontawesome_auth_token: ${{ secrets.NPM_FONTAWESOME_AUTH_TOKEN }}
           packagist_github_token: ${{ secrets.PACKAGIST_GITHUB_TOKEN }}
@@ -33,10 +33,10 @@ jobs:
         run: composer install:development
 
       - name: Setup DDEV
-        uses: generoi/github-actions/setup-ddev@v1
+        uses: generoi/github-actions/setup-ddev@v2
 
       - name: Download database artifact
-        uses: dawidd6/action-download-artifact@8305c0f1062bb0d184d09ef4493ecb9288447732 # v20
+        uses: dawidd6/action-download-artifact@b6e2e70617bc3265edd6dab6c906732b2f1ae151 # v21
         with:
           workflow: sync-db.yml
           name: sanitized-db
@@ -91,7 +91,7 @@ jobs:
 
       - name: Upload artifacts
         if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
         with:
           name: codex-artifacts
           path: artifacts/
diff --git a/.github/workflows/composer-update-tests.yml b/.github/workflows/composer-update-tests.yml
index 7724786..7fc7853 100644
--- a/.github/workflows/composer-update-tests.yml
+++ b/.github/workflows/composer-update-tests.yml
@@ -19,7 +19,7 @@ jobs:
     name: Run composer-update tests
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       # The PHP helper tests run the real helpers and bootstrap composer/semver
       # into a temp vendor dir. jq, git and bash are preinstalled on the runner.
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 690094c..a6cc742 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -35,12 +35,12 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Start SSH agent
-        uses: generoi/github-actions/ssh-agent@v1
+        uses: generoi/github-actions/ssh-agent@v2
         with:
           ssh-private-key: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY }}
 
       - name: Setup project
-        uses: generoi/github-actions/setup@v1
+        uses: generoi/github-actions/setup@v2
         with:
           npm_fontawesome_auth_token: ${{ secrets.NPM_FONTAWESOME_AUTH_TOKEN }}
           packagist_github_token: ${{ secrets.PACKAGIST_GITHUB_TOKEN }}
diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
index 3134ff7..39a5e7b 100644
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -16,7 +16,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Setup Node
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6
         with:
           node-version-file: .nvmrc
           cache: 'npm'
@@ -32,7 +32,7 @@ jobs:
 
       - name: Upload test results
         if: always()
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           name: e2e-test-results
           path: test-results/
diff --git a/.github/workflows/sync-db.yml b/.github/workflows/sync-db.yml
index 316132a..12012c8 100644
--- a/.github/workflows/sync-db.yml
+++ b/.github/workflows/sync-db.yml
@@ -23,12 +23,12 @@ jobs:
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
-      - uses: generoi/github-actions/ssh-agent@v1
+      - uses: generoi/github-actions/ssh-agent@v2
         with:
           ssh-private-key: ${{ secrets.DEPLOY_SSH_PRIVATE_KEY }}
 
       - name: Setup project
-        uses: generoi/github-actions/setup@v1
+        uses: generoi/github-actions/setup@v2
         with:
           npm_fontawesome_auth_token: ${{ secrets.NPM_FONTAWESOME_AUTH_TOKEN }}
           packagist_github_token: ${{ secrets.PACKAGIST_GITHUB_TOKEN }}
@@ -40,7 +40,7 @@ jobs:
         run: ssh-keyscan -p $(./vendor/bin/robo config env.@production.port || echo 22) $(./vendor/bin/robo config env.@production.host) >> ~/.ssh/known_hosts
 
       - name: Setup DDEV
-        uses: generoi/github-actions/setup-ddev@v1
+        uses: generoi/github-actions/setup-ddev@v2
 
       - name: Pull database from production
         run: ./vendor/bin/robo db:pull @production
@@ -61,7 +61,7 @@ jobs:
             -pass env:DB_ARTIFACT_KEY
 
       - name: Upload sanitized DB artifact
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7
         with:
           name: sanitized-db
           path: .github/fixtures/sanitized-db.sql.gz.enc
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index 8f68bae..6e45c9c 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -38,7 +38,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Setup project
-        uses: generoi/github-actions/setup@v1
+        uses: generoi/github-actions/setup@v2
         with:
           npm_fontawesome_auth_token: ${{ secrets.NPM_FONTAWESOME_AUTH_TOKEN }}
           packagist_github_token: ${{ secrets.PACKAGIST_GITHUB_TOKEN }}
@@ -51,7 +51,7 @@ jobs:
         run: composer ci --no-interaction
 
       - name: Install WordPress
-        uses: generoi/github-actions/install-wordpress@v1
+        uses: generoi/github-actions/install-wordpress@v2
         with:
           multisite: ${{ inputs.multisite }}
           activate_plugins: ${{ inputs.activate_plugins }}
diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml
index e19d9db..afad513 100644
--- a/.github/workflows/vulnerability-scan.yml
+++ b/.github/workflows/vulnerability-scan.yml
@@ -47,7 +47,7 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Setup project
-        uses: generoi/github-actions/setup@v1
+        uses: generoi/github-actions/setup@v2
         with:
           npm_fontawesome_auth_token: ${{ secrets.NPM_FONTAWESOME_AUTH_TOKEN }}
           packagist_github_token: ${{ secrets.PACKAGIST_GITHUB_TOKEN }}