From f25d65d768522daac006a04ef146051165f9722c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 17 Jul 2026 13:23:35 +0000 Subject: [PATCH] build(deps): Bump actions/checkout from 4.1.0 to 7.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 7.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/commit_checks.yaml | 4 ++-- .github/workflows/pr_validation.yml | 2 +- .github/workflows/publish.yml | 2 +- .github/workflows/security.yml | 6 +++--- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/commit_checks.yaml b/.github/workflows/commit_checks.yaml index 0027d62..c60d665 100644 --- a/.github/workflows/commit_checks.yaml +++ b/.github/workflows/commit_checks.yaml @@ -14,7 +14,7 @@ jobs: pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v7 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6 with: python-version: '3.13' # Specify a Python version explicitly @@ -35,7 +35,7 @@ jobs: APIKEY: ${{ secrets.APIKEY }} DOMAIN: ${{ secrets.DOMAIN }} steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v7 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: fetch-depth: 0 # Required for setuptools-scm diff --git a/.github/workflows/pr_validation.yml b/.github/workflows/pr_validation.yml index 09218fd..9c5b2cb 100644 --- a/.github/workflows/pr_validation.yml +++ b/.github/workflows/pr_validation.yml @@ -11,7 +11,7 @@ jobs: validate: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v7 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: fetch-depth: 0 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c71ee14..f1edea5 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -18,7 +18,7 @@ jobs: contents: read steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v7 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: fetch-depth: 0 diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 476756b..d3fd468 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -15,7 +15,7 @@ jobs: static-analysis: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v4 - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v5 with: python-version: "3.13" @@ -35,7 +35,7 @@ jobs: # Skip any PR created by dependabot to avoid permission issues (Per Semgrep docs) if: (github.actor != 'dependabot[bot]') steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v4 - name: Run Semgrep CE scan run: >- semgrep scan @@ -49,7 +49,7 @@ jobs: pip-audit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v4 - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v5 with: { python-version: "3.13" } - run: python -m pip install --upgrade pip