From 6f93584c2bfff34ebbfcabd12977a4c9c92c3382 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Jun 2026 11:07:56 +0000 Subject: [PATCH] Bump actions/checkout from 4.2.2 to 6.0.3 in /.github/workflows Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 6.0.3. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4.2.2...v6.0.3) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 2 +- .github/workflows/devskim.yml | 2 +- .github/workflows/njsscan.yml | 2 +- .github/workflows/node.js.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/snyk-infrastructure.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 0eb2073..b4780c7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Checkout repository # Pinned SHA (v4.2.2 equivalent) - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 - name: Initialize CodeQL # Pinned SHA (v3 equivalent) diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index 2428e20..ea0132b 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Checkout code # Pinned to specific SHA for immutable security - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@4b5047945a44163b94642a1cecc0d93a3f428cc6 diff --git a/.github/workflows/njsscan.yml b/.github/workflows/njsscan.yml index e52caf1..c0bd9fc 100644 --- a/.github/workflows/njsscan.yml +++ b/.github/workflows/njsscan.yml @@ -25,7 +25,7 @@ jobs: name: njsscan code scanning steps: - name: Checkout the code - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: nodejsscan scan id: njsscan uses: ajinabraham/njsscan-action@7237412fdd36af517e2745077cedbf9d6900d711 diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml index f14dde0..fcd4abe 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/node.js.yml @@ -22,7 +22,7 @@ jobs: node-version: [22.x, 24.x] steps: - - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 with: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index acf89a5..85c638a 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -21,7 +21,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 with: persist-credentials: false diff --git a/.github/workflows/snyk-infrastructure.yml b/.github/workflows/snyk-infrastructure.yml index dd61a24..e0a1b05 100644 --- a/.github/workflows/snyk-infrastructure.yml +++ b/.github/workflows/snyk-infrastructure.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node.js uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238