From 4d1485c76724503c24c484ea7d06842f2026c7e1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 1 Nov 2023 09:59:35 +0000
Subject: [PATCH] =?UTF-8?q?XS=E2=9C=94=20=E2=97=BE=20Bump=20actions/checko?=
=?UTF-8?q?ut=20from=204.1.0=20to=204.1.1=20(#436)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0
to 4.1.1.
Release notes
Sourced from actions/checkout's
releases.
v4.1.1
What's Changed
New Contributors
Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
.github/workflows/build.yml | 14 +++++++-------
.github/workflows/release-phase-1-internal.yml | 2 +-
.github/workflows/release-phase-2.yml | 2 +-
3 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 09a94bdb..ac9df447 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -25,7 +25,7 @@ jobs:
permissions: {}
steps:
- name: Checkout
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: npm – Install
run: npm install
@@ -58,7 +58,7 @@ jobs:
contents: write
steps:
- name: Checkout
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
ref: ${{ github.HEAD_REF }}
token: ${{ secrets.BUILD_UPDATE_CODE_CHECKOUT }}
@@ -112,7 +112,7 @@ jobs:
permissions: {}
steps:
- name: Checkout
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install Node.js
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1
@@ -153,7 +153,7 @@ jobs:
statuses: write
steps:
- name: Checkout
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
@@ -173,7 +173,7 @@ jobs:
permissions: {}
steps:
- name: Checkout
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Validate Markdown Links
uses: gaurav-nelson/github-action-markdown-link-check@d53a906aa6b22b8979d33bc86170567e619495ec # 1.0.15
@@ -315,7 +315,7 @@ jobs:
security-events: write
steps:
- name: Checkout
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Initialize
uses: github/codeql-action/init@ddccb873888234080b77e9bc2d4764d5ccaaccf9 # v2.21.9
@@ -332,7 +332,7 @@ jobs:
permissions: {}
steps:
- name: Checkout
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
diff --git a/.github/workflows/release-phase-1-internal.yml b/.github/workflows/release-phase-1-internal.yml
index 48c54729..b549a95a 100644
--- a/.github/workflows/release-phase-1-internal.yml
+++ b/.github/workflows/release-phase-1-internal.yml
@@ -42,7 +42,7 @@ jobs:
run: '[int]::Parse(${{ inputs.patch }})'
- name: Checkout
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
# Fine-grained Personal Access Token (PAT) with the following permissions for microsoft/PR-Metrics:
# - Read access to Metadata
diff --git a/.github/workflows/release-phase-2.yml b/.github/workflows/release-phase-2.yml
index 3db29e6b..b2127ba1 100644
--- a/.github/workflows/release-phase-2.yml
+++ b/.github/workflows/release-phase-2.yml
@@ -21,7 +21,7 @@ jobs:
permissions: {}
steps:
- name: Checkout
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install Node.js
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1