From 97e6d46806c4674a675d3526c6d61d48245a20b0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Feb 2026 21:56:29 +0000 Subject: [PATCH] Bump actions/checkout from 4.2.2 to 6.0.2 in /.github/workflows Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.2.2...de0fac2e4500dabe0009e67214ff5f5447ce83dd) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 2 +- .github/workflows/devskim.yml | 2 +- .github/workflows/njsscan.yml | 2 +- .github/workflows/node.js.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/snyk-infrastructure.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 138445b..a4c84ea 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Checkout repository # Pinned SHA (v4.2.2 equivalent) - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Initialize CodeQL # Pinned SHA (v3 equivalent) diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index f685fde..42b06b4 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Checkout code # Pinned to specific SHA for immutable security - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@4b5047945a44163b94642a1cecc0d93a3f428cc6 diff --git a/.github/workflows/njsscan.yml b/.github/workflows/njsscan.yml index 0ec991c..9cb8a8f 100644 --- a/.github/workflows/njsscan.yml +++ b/.github/workflows/njsscan.yml @@ -25,7 +25,7 @@ jobs: name: njsscan code scanning steps: - name: Checkout the code - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: nodejsscan scan id: njsscan uses: ajinabraham/njsscan-action@7237412fdd36af517e2745077cedbf9d6900d711 diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml index f14dde0..a1135a6 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/node.js.yml @@ -22,7 +22,7 @@ jobs: node-version: [22.x, 24.x] steps: - - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 with: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 649f2ef..caae6f1 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -21,7 +21,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: persist-credentials: false diff --git a/.github/workflows/snyk-infrastructure.yml b/.github/workflows/snyk-infrastructure.yml index 0d67901..82bb340 100644 --- a/.github/workflows/snyk-infrastructure.yml +++ b/.github/workflows/snyk-infrastructure.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Setup Node.js uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238