Skip to content

ci: Bump actions/checkout from 4 to 7#3

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/checkout-7
Closed

ci: Bump actions/checkout from 4 to 7#3
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/checkout-7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown

Bumps actions/checkout from 4 to 7.

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

v6.0.2

What's Changed

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: actions/checkout@v6...v6.0.1

v6.0.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 29, 2026
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/checkout-7 branch from a71db2f to 3c39480 Compare June 29, 2026 23:41
nathansutton pushed a commit that referenced this pull request Jun 30, 2026
- security.yml: pass GITHUB_TOKEN to gitleaks-action, which now requires
  it to scan pull_request events (fork/Dependabot PRs included). Push
  events were unaffected, so main was green but every PR's secrets check
  failed fast. Keep gitleaks at v2 (v3 has a breaking-change history).
- Bump first-party actions repo-wide: actions/checkout v4->v7,
  astral-sh/setup-uv v5->v7, github/codeql-action v3->v4. Clears the
  Node 20 deprecation warnings. Supersedes Dependabot #1/#2/#3.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@dependabot @github

dependabot Bot commented on behalf of github Jun 30, 2026

Copy link
Copy Markdown
Author

Looks like actions/checkout is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 30, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/actions/checkout-7 branch June 30, 2026 01:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants