chore(deps): update actions/checkout action to v7

[mergeraptor]

This PR contains the following updates:

Package	Type	Update	Change
actions/checkout	action	major	v6.0.3 → v7.0.0
actions/checkout	action	major	v6 → v7

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

actions/checkout (actions/checkout)

v7.0.0

Compare Source

• Block checking out fork PR for pull_request_target and workflow_run by @​aiqiaoy in #​2454
• Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by @​dependabot[bot] in #​2458
• Bump flatted from 3.3.1 to 3.4.2 by @​dependabot[bot] in #​2460
• Bump js-yaml from 4.1.0 to 4.2.0 by @​dependabot[bot] in #​2461
• Bump @​actions/core and @​actions/tool-cache and Remove uuid by @​dependabot[bot] in #​2459
• upgrade module to esm and update dependencies by @​aiqiaoy in #​2463
• Bump the minor-npm-dependencies group across 1 directory with 3 updates by @​dependabot[bot] in #​2462

v7

Compare Source

• Block checking out fork PR for pull_request_target and workflow_run by @​aiqiaoy in #​2454
• Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by @​dependabot[bot] in #​2458
• Bump flatted from 3.3.1 to 3.4.2 by @​dependabot[bot] in #​2460
• Bump js-yaml from 4.1.0 to 4.2.0 by @​dependabot[bot] in #​2461
• Bump @​actions/core and @​actions/tool-cache and Remove uuid by @​dependabot[bot] in #​2459
• upgrade module to esm and update dependencies by @​aiqiaoy in #​2463
• Bump the minor-npm-dependencies group across 1 directory with 3 updates by @​dependabot[bot] in #​2462

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/actions/checkout	9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0	🟢 5.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 2 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected SAST 🟢 8 SAST tool detected but not run on all commits Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches
actions/actions/checkout	9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0	🟢 5.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 2 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected SAST 🟢 8 SAST tool detected but not run on all commits Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches
actions/actions/checkout	9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0	🟢 5.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 2 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected SAST 🟢 8 SAST tool detected but not run on all commits Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches
actions/actions/checkout	9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0	🟢 5.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Maintained ⚠️ 2 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected SAST 🟢 8 SAST tool detected but not run on all commits Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches

Scanned Files

• .github/workflows/reusable-build.yml
• .github/workflows/reusable-renovate.yml
• .github/workflows/update-v1-tag.yml
• .github/workflows/vendor-chunka-files.yml