From da1d1e31f9a097ada8cde96bfa491d3048e9e677 Mon Sep 17 00:00:00 2001 From: Floatpane Bot Date: Sat, 20 Jun 2026 23:02:43 +0400 Subject: [PATCH] chore(deps): actions/checkout ^ v7.0.0 (#1490) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## What? This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://redirect.github.com/actions/checkout) | action | major | `v6` → `v7` | --- ### Release Notes
actions/checkout (actions/checkout) ### [`v7.0.0`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700) [Compare Source](https://redirect.github.com/actions/checkout/compare/v7.0.0...v7.0.0) - Block checking out fork PR for pull\_request\_target and workflow\_run by [@​aiqiaoy](https://redirect.github.com/aiqiaoy) in [#​2454](https://redirect.github.com/actions/checkout/pull/2454) - Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2458](https://redirect.github.com/actions/checkout/pull/2458) - Bump flatted from 3.3.1 to 3.4.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2460](https://redirect.github.com/actions/checkout/pull/2460) - Bump js-yaml from 4.1.0 to 4.2.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2461](https://redirect.github.com/actions/checkout/pull/2461) - Bump [@​actions/core](https://redirect.github.com/actions/core) and [@​actions/tool-cache](https://redirect.github.com/actions/tool-cache) and Remove uuid by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2459](https://redirect.github.com/actions/checkout/pull/2459) - upgrade module to esm and update dependencies by [@​aiqiaoy](https://redirect.github.com/aiqiaoy) in [#​2463](https://redirect.github.com/actions/checkout/pull/2463) - Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2462](https://redirect.github.com/actions/checkout/pull/2462) ### [`v7`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700) [Compare Source](https://redirect.github.com/actions/checkout/compare/v6.0.3...v7.0.0) - Block checking out fork PR for pull\_request\_target and workflow\_run by [@​aiqiaoy](https://redirect.github.com/aiqiaoy) in [#​2454](https://redirect.github.com/actions/checkout/pull/2454) - Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2458](https://redirect.github.com/actions/checkout/pull/2458) - Bump flatted from 3.3.1 to 3.4.2 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2460](https://redirect.github.com/actions/checkout/pull/2460) - Bump js-yaml from 4.1.0 to 4.2.0 by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2461](https://redirect.github.com/actions/checkout/pull/2461) - Bump [@​actions/core](https://redirect.github.com/actions/core) and [@​actions/tool-cache](https://redirect.github.com/actions/tool-cache) and Remove uuid by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2459](https://redirect.github.com/actions/checkout/pull/2459) - upgrade module to esm and update dependencies by [@​aiqiaoy](https://redirect.github.com/aiqiaoy) in [#​2463](https://redirect.github.com/actions/checkout/pull/2463) - Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​2462](https://redirect.github.com/actions/checkout/pull/2462)
## Why? Automated dependency update via Renovate. --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://redirect.github.com/renovatebot/renovate). --- .github/workflows/backport.yml | 2 +- .github/workflows/benchmarks.yml | 2 +- .github/workflows/bot-build.yml | 2 +- .github/workflows/ci.yml | 18 +++++++++--------- .github/workflows/demo.yml | 2 +- .github/workflows/integration.yml | 6 +++--- .github/workflows/label-sync.yml | 2 +- .github/workflows/labeler-backfill.yml | 2 +- .github/workflows/labeler.yml | 2 +- .github/workflows/nightly.yml | 4 ++-- .github/workflows/nixpkgs-bump.yml | 2 +- .github/workflows/release-rc.yml | 6 +++--- .github/workflows/release.yml | 4 ++-- .github/workflows/renovate.yml | 2 +- .github/workflows/screenshots.yml | 2 +- .github/workflows/security.yml | 8 ++++---- .github/workflows/static.yml | 2 +- .github/workflows/sync-gomod2nix.yml | 2 +- .github/workflows/update-flake.yml | 2 +- 19 files changed, 36 insertions(+), 36 deletions(-) diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml index e9a0702ed7d61b77b9f7c86503d92c5458c2ee3e..64439102b9154d3f4c3a56458aadaaeffafd004a 100644 --- a/.github/workflows/backport.yml +++ b/.github/workflows/backport.yml @@ -58,7 +58,7 @@ jobs: - name: Checkout if: steps.pr.outputs.run == 'true' - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 ref: release/v1 diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index 834909702748fcedbb411a48ade91b2869084bd2..bfc2fae722651a5348a0a2a4babfd75c1dc3faa2 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -15,7 +15,7 @@ jobs: timeout-minutes: 30 steps: - name: Checkout PR - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 diff --git a/.github/workflows/bot-build.yml b/.github/workflows/bot-build.yml index 1ab5b930095f4117d96fb15820b267ec74e51b1b..403c0ce64a43851f826067e8bfb6d3128b3bc7b4 100644 --- a/.github/workflows/bot-build.yml +++ b/.github/workflows/bot-build.yml @@ -68,7 +68,7 @@ jobs: core.setOutput('repo', pr.head.repo.full_name); - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: repository: ${{ steps.pr.outputs.repo }} ref: ${{ steps.pr.outputs.ref }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cc6ff705a5adce8c3bb37fb025bc339d3d308f32..bf72b380724b052b0b163bc5ccfb874840a456c4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,7 @@ jobs: matrix: os: [ubuntu-latest, windows-latest, macos-latest] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Go uses: actions/setup-go@v6 @@ -37,7 +37,7 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Go uses: actions/setup-go@v6 @@ -69,7 +69,7 @@ jobs: mod-tidy: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Go uses: actions/setup-go@v6 @@ -91,7 +91,7 @@ jobs: run: working-directory: docs steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Node.js uses: actions/setup-node@v6 @@ -109,7 +109,7 @@ jobs: snap: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Validate snapcraft.yaml run: | @@ -149,7 +149,7 @@ jobs: flatpak: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Install dependencies run: | @@ -191,7 +191,7 @@ jobs: nix: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Install Nix uses: cachix/install-nix-action@v31 @@ -204,7 +204,7 @@ jobs: lua-plugins: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Install Lua run: sudo apt-get update && sudo apt-get install -y lua5.4 @@ -223,7 +223,7 @@ jobs: goreleaser: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: fetch-depth: 0 diff --git a/.github/workflows/demo.yml b/.github/workflows/demo.yml index 472a5e0c32fbc5ace93e59884af2e9afce1fe813..98b0af42ffe5f4d059fee8de4d4fa4d3ffdd4c65 100644 --- a/.github/workflows/demo.yml +++ b/.github/workflows/demo.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: persist-credentials: false diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index 4c8458416c87e8a4ff4fd2075ec2e2d9c186a0b2..cf35cd835aab810664c78ce6d1d48992fb081112 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -30,7 +30,7 @@ jobs: # The runner step below polls /api/service/readiness externally instead. steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Go uses: actions/setup-go@v6 @@ -70,7 +70,7 @@ jobs: matrix: os: [ubuntu-latest, macos-latest, windows-latest] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Go uses: actions/setup-go@v6 @@ -89,7 +89,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 15 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Go uses: actions/setup-go@v6 diff --git a/.github/workflows/label-sync.yml b/.github/workflows/label-sync.yml index e630e45de8da030da78577143b69bc8a6f697bbd..c940dde410b72e0b638ea28b85c9a61294913d4d 100644 --- a/.github/workflows/label-sync.yml +++ b/.github/workflows/label-sync.yml @@ -26,7 +26,7 @@ jobs: LABELS_FILE: .github/labels.yml PRUNE: ${{ github.event.inputs.prune || 'false' }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Upsert labels run: | diff --git a/.github/workflows/labeler-backfill.yml b/.github/workflows/labeler-backfill.yml index 6e8261a842950200e2106483a182102809dc21d7..f2701ac20ce63e7a2588aa4385d56887d7f9ccab 100644 --- a/.github/workflows/labeler-backfill.yml +++ b/.github/workflows/labeler-backfill.yml @@ -42,7 +42,7 @@ jobs: env: GH_TOKEN: ${{ secrets.HOMEBREW_GITHUB_TOKEN }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Collect open PR numbers id: prs diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 41f13e873431181b23e5ac776daf2d86db849270..1d73f33d353d4338666a9e8993e78ef28952ac16 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -18,7 +18,7 @@ jobs: pull-requests: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Apply Labels (issues — includes area/*) if: github.event_name == 'issues' diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index b80afe8ebe3b821dc1ce7a365c06e8294d31b33a..d9399a2160c5d201c3a27cbe9c94b10b19ea0656 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -14,7 +14,7 @@ jobs: runs-on: macos-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -303,7 +303,7 @@ jobs: runner: ubuntu-24.04-arm steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 diff --git a/.github/workflows/nixpkgs-bump.yml b/.github/workflows/nixpkgs-bump.yml index 7851a0ecea532288fd7093caddde8f0f0ccd3ed3..475e7344078475a681c652254194e6e9dbf83526 100644 --- a/.github/workflows/nixpkgs-bump.yml +++ b/.github/workflows/nixpkgs-bump.yml @@ -49,7 +49,7 @@ jobs: - name: Checkout nixpkgs fork if: steps.ver.outputs.skip != 'true' - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: repository: floatpane/nixpkgs token: ${{ secrets.HOMEBREW_GITHUB_TOKEN }} diff --git a/.github/workflows/release-rc.yml b/.github/workflows/release-rc.yml index 54869c5afb687e9dd27262df4baba097c3d21e24..44af0d3ba482c4be0725b81616cdbb8255dadbc6 100644 --- a/.github/workflows/release-rc.yml +++ b/.github/workflows/release-rc.yml @@ -34,7 +34,7 @@ jobs: exit 1 - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -79,7 +79,7 @@ jobs: runs-on: macos-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 ref: ${{ needs.tag.outputs.tag }} @@ -190,7 +190,7 @@ jobs: runner: ubuntu-24.04-arm steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 ref: ${{ needs.tag.outputs.tag }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b61ca2f1d7ce05013035fff00a3db3ce31ff95a0..3f9fb7cfbd8954a825b6bad62a3742e5a18e0bbc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,7 +13,7 @@ jobs: runs-on: macos-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 @@ -132,7 +132,7 @@ jobs: runner: ubuntu-24.04-arm steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 735379463601878e4e2039ae5b99187038660128..72bf0ef3a40866380b1d4732801ed265ba6a66aa 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 - name: Run Renovate diff --git a/.github/workflows/screenshots.yml b/.github/workflows/screenshots.yml index 977f6eef1781b8472c24c9c99e7a774adfd8bcf5..a71bd771133c6c4f4840977ac17ed1d692a3d2d5 100644 --- a/.github/workflows/screenshots.yml +++ b/.github/workflows/screenshots.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: ref: master persist-credentials: false diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 6942434d3106410016bd74d6eed9ac08dad297a1..a8ec1593715fb0973ddbe6fceb7e90e112c53380 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -19,7 +19,7 @@ jobs: name: govulncheck runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Go uses: actions/setup-go@v6 @@ -38,7 +38,7 @@ jobs: name: gosec runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Go uses: actions/setup-go@v6 @@ -66,7 +66,7 @@ jobs: name: trivy runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Trivy filesystem scan uses: aquasecurity/trivy-action@master @@ -104,7 +104,7 @@ jobs: actions: read contents: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Go uses: actions/setup-go@v6 diff --git a/.github/workflows/static.yml b/.github/workflows/static.yml index fee90ec702f43fdc05897591488527c4dceba246..87ef36ef6f5ccdf590bcea86e6f94040becbae3c 100644 --- a/.github/workflows/static.yml +++ b/.github/workflows/static.yml @@ -32,7 +32,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 - name: Install Flatpak Builder run: | diff --git a/.github/workflows/sync-gomod2nix.yml b/.github/workflows/sync-gomod2nix.yml index ce812bcd8aa426e2e50197bbc92f22e82b026093..b8fb59f723cc37c2f3c7ec078bc2e34d3600d537 100644 --- a/.github/workflows/sync-gomod2nix.yml +++ b/.github/workflows/sync-gomod2nix.yml @@ -16,7 +16,7 @@ jobs: sync: runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 - name: Install Nix uses: cachix/install-nix-action@8aa03977d8d733052d78f4e008a241fd1dbf36b3 # v31 diff --git a/.github/workflows/update-flake.yml b/.github/workflows/update-flake.yml index 577d06fb8f7eb5c39839106b1b79afd3c4efce43..b11355c851633851370bc8194b8ec9181c7db3ec 100644 --- a/.github/workflows/update-flake.yml +++ b/.github/workflows/update-flake.yml @@ -14,7 +14,7 @@ jobs: update: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: DeterminateSystems/nix-installer-action@main