Skip to content

Bump actions/checkout from 6 to 7#2090

Merged
stevepiercy merged 2 commits into
6.0from
dependabot/github_actions/actions/checkout-7
Jul 8, 2026
Merged

Bump actions/checkout from 6 to 7#2090
stevepiercy merged 2 commits into
6.0from
dependabot/github_actions/actions/checkout-7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/checkout from 6 to 7.

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

v6.0.2

What's Changed

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: actions/checkout@v6...v6.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 22, 2026
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 22, 2026
@stevepiercy stevepiercy marked this pull request as draft June 22, 2026 19:56
@stevepiercy

Copy link
Copy Markdown
Member

Important

DO NOT MERGE

A check for changes to GitHub workflows needs to be added before this is merged.

Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v6...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/checkout-7 branch from f14b93d to ff409e6 Compare June 23, 2026 21:26
@github-project-automation github-project-automation Bot moved this from New to Approved in Plone Documentation Jul 8, 2026
@stevepiercy

Copy link
Copy Markdown
Member

A check for changes to GitHub workflows needs to be added before this is merged.

To clarify, from https://github.com/actions/checkout#whats-new

Safer fork pull request handling: checkout now refuses to check out fork pull request code by default when the workflow is triggered by pull_request_target or workflow_run. These triggers run with the base repository's GITHUB_TOKEN, secrets, and runner access, where executing a fork's code commonly leads to "pwn request" vulnerabilities.

I removed the affected file that could have blocked the run in #2091.

There's still some work to do, which I updated in https://community.plone.org/t/remove-rtd-pr-preview-build-workflow-file-and-a-warning-about-github-actions-v7/23083.

@stevepiercy stevepiercy marked this pull request as ready for review July 8, 2026 22:35
@stevepiercy stevepiercy merged commit 3e04888 into 6.0 Jul 8, 2026
3 checks passed
@stevepiercy stevepiercy deleted the dependabot/github_actions/actions/checkout-7 branch July 8, 2026 22:36
@github-project-automation github-project-automation Bot moved this from Approved to Done in Plone Documentation Jul 8, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

2 participants