From 96caf9223dc98e46ad16056a543cea5b218d073c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Jan 2026 18:49:51 +0000 Subject: [PATCH] Bump actions/checkout from 6.0.1 to 6.0.2 Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.1 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/.github_test.yml | 2 +- .github/workflows/release.yml | 4 ++-- .github/workflows/sync-default-branch.yml | 2 +- .github/workflows/sync-major-version.yml | 2 +- .github/workflows/test.yml | 8 ++++---- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/.github_test.yml b/.github/workflows/.github_test.yml index 36d8c21..f801ab6 100644 --- a/.github/workflows/.github_test.yml +++ b/.github/workflows/.github_test.yml @@ -46,7 +46,7 @@ jobs: steps: - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: { egress-policy: audit } - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: repository: nodenv/${{ matrix.repo }} persist-credentials: false diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 35da9c4..abb6de2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -30,7 +30,7 @@ jobs: steps: - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: { egress-policy: audit } - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: { persist-credentials: false } # TODO exit this job differently than success if release already exists - name: gh release create @@ -64,7 +64,7 @@ jobs: steps: - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: { egress-policy: audit } - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: { persist-credentials: false } - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: # FIXME https://github.com/actions/setup-node/pull/129 diff --git a/.github/workflows/sync-default-branch.yml b/.github/workflows/sync-default-branch.yml index 1c898fa..3aaa2fb 100644 --- a/.github/workflows/sync-default-branch.yml +++ b/.github/workflows/sync-default-branch.yml @@ -10,7 +10,7 @@ jobs: steps: - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: { egress-policy: audit } - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: true # need creds for subsequent git ops diff --git a/.github/workflows/sync-major-version.yml b/.github/workflows/sync-major-version.yml index 6f21ee3..a8bc684 100644 --- a/.github/workflows/sync-major-version.yml +++ b/.github/workflows/sync-major-version.yml @@ -11,7 +11,7 @@ jobs: steps: - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: { egress-policy: audit } - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: true # need creds for subsequent git ops diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a6b3e60..bbcbc90 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -24,7 +24,7 @@ jobs: steps: - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: { egress-policy: audit } - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: { persist-credentials: false } - run: npm cit env: @@ -37,7 +37,7 @@ jobs: steps: - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: { egress-policy: audit } - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: { fetch-depth: 0, persist-credentials: false } - uses: super-linter/super-linter/slim@d5b0a2ab116623730dd094f15ddc1b6b25bf7b99 # v8.3.2 env: @@ -61,7 +61,7 @@ jobs: api.github.com:443 api.securityscorecards.dev:443 github.com:443 - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: { persist-credentials: false } - uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2 @@ -72,7 +72,7 @@ jobs: steps: - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: { egress-policy: audit } - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: { persist-credentials: false } - uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: