Bump actions/checkout from 5 to 6

[dependabot]

Bumps actions/checkout from 5 to 6.

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248
• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• v6-beta by @​ericsciple in actions/checkout#2298
• update readme/changelog for v6 by @​ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

V6.0.0

• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248

V5.0.1

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

V5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

V4.3.1

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

V4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695

... (truncated)

Commits

• 1af3b93 update readme/changelog for v6 (#2311)
• 71cf226 v6-beta (#2298)
• 069c695 Persist creds to a separate file (#2286)
• ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🚀 Deployment Status: Building 🔵

🔗 Quick Actions:

• 📊 Watch build progress
• 🔄 Restart build

---

📝 Recent Change Summary

Latest commit: a6bb49c - Bump actions/checkout from 5 to 6
Build started: 2025-11-24 06:41:57 UTC

---

📊 Overall Progress

Branch: dependabot/github_actions/actions/checkout-6
Status: 🔵 Building in progress
Preview URL (after completion): https://litlfred.github.io/sgex/dependabot-github_actions-actions-checkout-6/

---

💡 Build started for commit a6bb49c. Will update when complete.

[github-actions]

❌ Dependency Security Check Failed

  **Installation Error:** Unable to install dependencies due to version conflicts.
  
  ```
  Security audit could not be completed due to dependency installation failure.
  ```
  
  ---
  
  ### ❌ Security Status: CHECK FAILED
  
  **Action Required:** Please resolve dependency conflicts before security audit can run.
  
  **How to fix:**
  1. The workflow will be updated to use `--legacy-peer-deps` flag
  2. If issues persist, check for TypeScript version conflicts in package.json
  3. Consider updating peer dependencies to compatible versions
  
  **Need help?** Check the [npm dependency resolution documentation](https://docs.npmjs.com/cli/v8/configuring-npm/package-json#peerdependencies) for more details.

[github-actions]

🔍 Framework Compliance Report

Generated: 2025-11-24 06:41:56 UTC
Status: Action Required

📊 Summary

Status	Count	Percentage
🟢 Compliant	2/22	9%
🟠 Partial	20/22	91%
🔴 Non-compliant	0/22	0%

📦 Nested Layouts (4 components)

• 🟠 QuestionnaireEditor (5 layouts)
• 🟠 ActorEditor (3 layouts)
• 🟠 DocumentationViewer (3 layouts)
• 🟠 PagesManager (2 layouts)

---

⚠️ Recommendations

Consider addressing partial compliance issues to improve code quality.

📚 Resources:

• Page Framework Documentation
• View Full Workflow Logs

💡 This comment is automatically updated when compliance checks run.

[github-actions]

🚀 Deployment Status: Successfully Deployed 🟢

📊 Deployment Information

Workflow: Deploy Feature Branch (🔀 Pull Request)
Action ID: 19625656930
Commit: f2fe10b (view changes)
Workflow Step: Successfully Deployed

🌐 Preview URLs

🔗 Quick Actions

📦 Build Artifacts Status

Artifact	Status	Description	Type
workflow-event-log	🟢 Available	GitHub event metadata with links	.log
build-logs	🟢 Available	Complete timestamped build output	.txt
webpack-stats	🟢 Available	Webpack compilation statistics	.json
bundle-report	🟢 Available	Bundle size analysis and recommendations	.txt
build-step-log	🟢 Available	Build step console output	.log
bundle-analysis-step-log	🟢 Available	Bundle analysis console output	.log

🟢 All artifacts available! Click artifact names above or visit workflow artifacts section.

How to download:

1. Click any artifact name in the table above
2. Or visit the workflow run page and scroll to "Artifacts"
3. Each artifact contains a single log file (no zip extraction needed)

---

📊 Overall Progress

Branch: dependabot/github_actions/actions/checkout-6
Status: 🟢 Live and accessible
Status: Deployment complete - site is ready for testing

---

📋 Deployment Timeline

• 2025-11-24 06:42:01 UTC - 🟢 Build Started - Initializing
• 2025-11-24 06:42:20 UTC - 🟢 Environment Setup Complete - In progress
• 2025-11-24 06:42:21 UTC - 🟢 Building Application - In progress
• 2025-11-24 06:43:49 UTC - 🟢 Deploying to GitHub Pages - In progress
• 2025-11-24 06:43:54 UTC - 🟢 Verifying Deployment - In progress
• 2025-11-24 06:48:56 UTC - 🟢 Successfully Deployed - Site is live

---

💡 This comment is automatically updated as the deployment progresses.

[github-actions]

🔒 Security Check Report

🟢 4 passed • 🟡 2 warnings • 🔴 1 failed

Security Checks

Check	Status	Details
NPM Audit	🔴	3 vulnerabilities found (Critical: 0, High: 1, Moderate: 2, Low: 0)
Outdated Dependencies	🟡	16 outdated packages (1 major versions behind)
ESLint Security	🟢	No security-related linting issues
Security Headers	🟡	Some security headers missing in source
License Compliance	🟢	No problematic licenses detected
Secret Scanning	🟢	No potential secrets detected in code
Framework Compliance	🟢	Framework compliance checks passed

🔍 Action Items

❌ NPM Audit - 3 vulnerabilities found (Critical: 0, High: 1, Moderate: 2, Low: 0)

Details:

• Critical: 0
• High: 1
• Moderate: 2
• Low: 0

Recommendation: Run npm audit fix to automatically fix vulnerabilities

⚠️ Outdated Dependencies - 16 outdated packages (1 major versions behind)

Details:
Major version updates needed for:

• react-syntax-highlighter

Recommendation: Review outdated packages and update where possible

⚠️ Security Headers - Some security headers missing in source

Details:

Recommendation: Ensure all security headers are properly defined

---

❌ Security Status: ACTION REQUIRED

Security issues were detected that need to be addressed before merging.

Last checked: Mon, 24 Nov 2025 06:42:09 GMT

---

This security check is automatically run on every PR build. Learn more about our security checks