From 859d676112c0a3d2b607cc6a84877898a7485c49 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Aug 2025 14:06:10 +0000 Subject: [PATCH] Bump actions/checkout Bumps the github-actions-version-updates group with 1 update in the /.github/workflows directory: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 4 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-version-updates ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yaml | 24 +++++++++---------- .github/workflows/documentation-roulette.yaml | 2 +- .../workflows/helm-charts-release-ghcr.yaml | 2 +- .github/workflows/helm-charts-release.yaml | 2 +- .github/workflows/helm-docs.yaml | 2 +- .github/workflows/label-commenter.yml | 2 +- .github/workflows/license-check.yaml | 2 +- .github/workflows/mega-linter.yml | 2 +- .github/workflows/move-bot-pr-to-review.yaml | 2 +- .github/workflows/release-build.yaml | 20 ++++++++-------- .github/workflows/scb-bot.yaml | 2 +- 11 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 52872579b3..3b7456fcb4 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -34,7 +34,7 @@ jobs: name: "Unit Test | Node.js Scanner Test Helpers" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Install bun uses: oven-sh/setup-bun@v2 @@ -50,7 +50,7 @@ jobs: name: "Setup Kind & Kubectl & Helm & Task" runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Install Kind run: | @@ -108,7 +108,7 @@ jobs: needs: - k8s-setup steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Download Helm uses: actions/download-artifact@v5 with: @@ -147,7 +147,7 @@ jobs: matrix: unit: ["persistence-defectdojo"] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Set up JDK 17 @@ -188,7 +188,7 @@ jobs: component: ["operator", "lurker"] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Go Setup uses: actions/setup-go@v5 @@ -227,7 +227,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Go Setup uses: actions/setup-go@v5 @@ -267,7 +267,7 @@ jobs: - k8s-setup steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup Python Version uses: actions/setup-python@v5 @@ -344,7 +344,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Go Setup uses: actions/setup-go@v5 @@ -388,7 +388,7 @@ jobs: - hook-sdk steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Build Image working-directory: ./${{ matrix.sdk }}/nodejs @@ -438,7 +438,7 @@ jobs: - zap-automation-framework steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Install bun uses: oven-sh/setup-bun@v2 @@ -591,7 +591,7 @@ jobs: # - persistence-static-report (WIP) steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Install bun uses: oven-sh/setup-bun@v2 @@ -725,7 +725,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 diff --git a/.github/workflows/documentation-roulette.yaml b/.github/workflows/documentation-roulette.yaml index 0bc09da5d2..a90057b716 100644 --- a/.github/workflows/documentation-roulette.yaml +++ b/.github/workflows/documentation-roulette.yaml @@ -17,7 +17,7 @@ jobs: if: github.repository == 'secureCodeBox/secureCodeBox' steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 # Request team members with the GitHub API using their gh cli - name: Fetch core-team members diff --git a/.github/workflows/helm-charts-release-ghcr.yaml b/.github/workflows/helm-charts-release-ghcr.yaml index 5896cd4db4..b6690c2ae6 100644 --- a/.github/workflows/helm-charts-release-ghcr.yaml +++ b/.github/workflows/helm-charts-release-ghcr.yaml @@ -18,7 +18,7 @@ jobs: contents: read packages: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Parse Release Version run: | diff --git a/.github/workflows/helm-charts-release.yaml b/.github/workflows/helm-charts-release.yaml index 20aa6640ca..a82b6e254f 100644 --- a/.github/workflows/helm-charts-release.yaml +++ b/.github/workflows/helm-charts-release.yaml @@ -14,7 +14,7 @@ jobs: name: Package and Publish runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: "Install yq" run: | sudo snap install yq diff --git a/.github/workflows/helm-docs.yaml b/.github/workflows/helm-docs.yaml index 98963d41e4..40186ca986 100644 --- a/.github/workflows/helm-docs.yaml +++ b/.github/workflows/helm-docs.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-24.04 if: github.repository == 'secureCodeBox/secureCodeBox' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: ref: ${{ github.head_ref }} token: ${{ secrets.SCB_BOT_USER_TOKEN }} diff --git a/.github/workflows/label-commenter.yml b/.github/workflows/label-commenter.yml index f92609a5cc..b683271843 100644 --- a/.github/workflows/label-commenter.yml +++ b/.github/workflows/label-commenter.yml @@ -19,7 +19,7 @@ jobs: comment: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Label Commenter uses: peaceiris/actions-label-commenter@v1.10.0 with: diff --git a/.github/workflows/license-check.yaml b/.github/workflows/license-check.yaml index 4ed1e1ad44..01c899daec 100644 --- a/.github/workflows/license-check.yaml +++ b/.github/workflows/license-check.yaml @@ -16,7 +16,7 @@ jobs: if: github.repository == 'secureCodeBox/secureCodeBox' steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: REUSE Compliance Check uses: fsfe/reuse-action@v5 diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index c38b90efa3..1e3b3b7926 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -33,7 +33,7 @@ jobs: steps: # Git Checkout - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} fetch-depth: 0 diff --git a/.github/workflows/move-bot-pr-to-review.yaml b/.github/workflows/move-bot-pr-to-review.yaml index b2365c5680..40790abcf5 100644 --- a/.github/workflows/move-bot-pr-to-review.yaml +++ b/.github/workflows/move-bot-pr-to-review.yaml @@ -15,7 +15,7 @@ jobs: # only run if the branch starts with 'dependabot/' or 'dependencies/upgrading' if: startsWith(github.head_ref, 'dependabot/') || startsWith(github.head_ref, 'dependencies/upgrading') steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Add bot PR to project run: | diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml index 45e65ac545..8a364b8576 100644 --- a/.github/workflows/release-build.yaml +++ b/.github/workflows/release-build.yaml @@ -28,7 +28,7 @@ jobs: component: ["operator", "lurker"] steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Docker Meta id: docker_meta @@ -75,7 +75,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Docker Meta id: docker_meta @@ -122,7 +122,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Docker Meta id: docker_meta @@ -175,7 +175,7 @@ jobs: - hook-sdk steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Docker Meta id: docker_meta @@ -228,7 +228,7 @@ jobs: - update-field-hook steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Docker Meta id: docker_meta @@ -282,7 +282,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Docker Meta id: docker_meta @@ -344,7 +344,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Docker Meta id: docker_meta @@ -419,7 +419,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set ENV Var with Scanner Version uses: mikefarah/yq@v4.47.1 @@ -489,7 +489,7 @@ jobs: - test-scan steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Docker Meta id: docker_meta @@ -549,7 +549,7 @@ jobs: - old-wordpress steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set ENV Var with Demo-Target Version uses: mikefarah/yq@v4.47.1 diff --git a/.github/workflows/scb-bot.yaml b/.github/workflows/scb-bot.yaml index 7b284c1dbd..b744714f04 100644 --- a/.github/workflows/scb-bot.yaml +++ b/.github/workflows/scb-bot.yaml @@ -43,7 +43,7 @@ jobs: - zap-automation-framework # missing scanners are : nmap, nikto steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - name: Import GPG key uses: crazy-max/ghaction-import-gpg@v6