From 30db438a474f0d9a236ae68bd8d7c72b4ac7debb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Nov 2025 05:14:50 +0000 Subject: [PATCH] chore(deps): Bump actions/checkout from 4.2.2 to 6.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 6.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...1af3b93b6815bc44a9784bd300feb67ff0d1eeb3) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/phase_1_keycloak.yml | 6 +++--- .github/workflows/phase_1_python.yml | 10 +++++----- .github/workflows/phase_2_harbor.yml | 6 +++--- .github/workflows/phase_2_kubectl.yml | 6 +++--- .github/workflows/phase_3_yocto.yml | 6 +++--- .github/workflows/scorecard.yml | 2 +- 6 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/phase_1_keycloak.yml b/.github/workflows/phase_1_keycloak.yml index 6377018..af86856 100644 --- a/.github/workflows/phase_1_keycloak.yml +++ b/.github/workflows/phase_1_keycloak.yml @@ -65,7 +65,7 @@ jobs: needs: Generate steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download all workflow run artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 @@ -131,7 +131,7 @@ jobs: needs: Augment steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download all workflow run artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 @@ -184,7 +184,7 @@ jobs: needs: Enrich runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download SBOMs uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 diff --git a/.github/workflows/phase_1_python.yml b/.github/workflows/phase_1_python.yml index 3dc7a1d..2cddb70 100644 --- a/.github/workflows/phase_1_python.yml +++ b/.github/workflows/phase_1_python.yml @@ -20,7 +20,7 @@ jobs: name: "Generate Container SBOM" runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 # We're using native docker build here rather # than 'docker/build-push-action' to make the run @@ -68,7 +68,7 @@ jobs: name: "Generate Application SBOM" runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Install Trivy run: | @@ -111,7 +111,7 @@ jobs: needs: [Generate_Container, Generate_Application] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download all workflow run artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 @@ -222,7 +222,7 @@ jobs: runs-on: ubuntu-latest needs: [Augment] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download all workflow run artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 @@ -259,7 +259,7 @@ jobs: needs: Enrich runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download SBOMs uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 diff --git a/.github/workflows/phase_2_harbor.yml b/.github/workflows/phase_2_harbor.yml index c334f55..899ef6e 100644 --- a/.github/workflows/phase_2_harbor.yml +++ b/.github/workflows/phase_2_harbor.yml @@ -72,7 +72,7 @@ jobs: needs: Generate steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download all workflow run artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 @@ -141,7 +141,7 @@ jobs: needs: Augment steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Enrich Download all workflow run artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 @@ -199,7 +199,7 @@ jobs: needs: Enrich runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download SBOMs uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 diff --git a/.github/workflows/phase_2_kubectl.yml b/.github/workflows/phase_2_kubectl.yml index c7db56e..7eace36 100644 --- a/.github/workflows/phase_2_kubectl.yml +++ b/.github/workflows/phase_2_kubectl.yml @@ -65,7 +65,7 @@ jobs: needs: Generate steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download all workflow run artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 @@ -131,7 +131,7 @@ jobs: needs: Augment steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download all workflow run artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 @@ -184,7 +184,7 @@ jobs: needs: Enrich runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download SBOMs uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 diff --git a/.github/workflows/phase_3_yocto.yml b/.github/workflows/phase_3_yocto.yml index 1765961..08415fa 100644 --- a/.github/workflows/phase_3_yocto.yml +++ b/.github/workflows/phase_3_yocto.yml @@ -47,7 +47,7 @@ jobs: needs: Generate steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download all workflow run artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 @@ -67,7 +67,7 @@ jobs: needs: Augment steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download all workflow run artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 @@ -86,7 +86,7 @@ jobs: needs: Enrich runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v4 - name: Download SBOMs uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8fa11c1..9f05d13 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -32,7 +32,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: persist-credentials: false