chore(deps): update namespacelabs/nscloud-checkout-action action to v9

[NumaryBot]

This PR contains the following updates:

Package	Type	Update	Change
namespacelabs/nscloud-checkout-action	action	major	v8 -> v9

---

Release Notes

namespacelabs/nscloud-checkout-action (namespacelabs/nscloud-checkout-action)

v9

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[coderabbitai]

Warning

Review limit reached

@NumaryBot, we couldn't start this review because you've used your available PR reviews for now.

Your plan currently allows 1 review/hour. Refill in 59 minutes and 54 seconds.

Your organization has run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After more review capacity refills, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than trial, open-source, and free plans. In all cases, review capacity refills continuously over time.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 5feb56b7-2ef7-492c-a041-973e82b30d80

📥 Commits

Reviewing files that changed from the base of the PR and between d3b5273 and 97b1c38.

📒 Files selected for processing (2)

• .github/workflows/main.yml
• .github/workflows/releases.yml

📝 Walkthrough

Walkthrough

The pull request updates the GitHub Actions workflows to use version v9 of the namespacelabs/nscloud-checkout-action instead of v8. The change is applied consistently across four jobs in the main workflow and one step in the release workflow, with no changes to job structure or release logic.

Changes

Checkout Action Version Update

Layer / File(s)	Summary
Update nscloud-checkout-action from v8 to v9 .github/workflows/main.yml, .github/workflows/releases.yml	The namespacelabs/nscloud-checkout-action is updated to @v9 in the Dirty, Tests, GoReleaser, and Deploy jobs within the main workflow, and in the release workflow. All other workflow configuration remains unchanged.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A rabbit hops through workflows so fine,
Bumping versions, line by line!
From v8 to v9 we leap,
Actions checked out, promises we keep.
~Thump thump 🐇

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: updating the namespacelabs/nscloud-checkout-action dependency from v8 to v9 across workflow files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/major-github-actions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

.github/workflows/main.yml (1)

30-30: ⚡ Quick win

Consider pinning actions to commit SHA for supply chain security.

The action references use mutable tags (@v9) rather than immutable commit SHAs. While this makes updates easier, pinning to a specific commit hash provides stronger supply chain security guarantees by preventing tag hijacking or unexpected changes.

Also applies to: 55-55, 71-71, 105-105

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/main.yml at line 30, Replace mutable action tags with
immutable commit SHAs: find every usage of
namespacelabs/nscloud-checkout-action@v9 (and any other actions in this workflow
currently referenced by tags) and pin them to a specific commit SHA (e.g.,
namespacelabs/nscloud-checkout-action@<commit-sha>) by updating the uses lines
to the corresponding commit hash from the action repo; ensure you update all
occurrences referenced in the workflow so each uses entry references an exact
commit SHA instead of a floating tag.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/main.yml:
- Line 30: The workflow references an invalid release tag for the action:
replace all occurrences of the string 'namespacelabs/nscloud-checkout-action@v9'
with a valid release tag (e.g., 'namespacelabs/nscloud-checkout-action@v8' or
better, pin to the exact published version like
'namespacelabs/nscloud-checkout-action@v8.1.1'); update every instance of that
action reference in the workflow file(s) so the action can be resolved at
runtime and re-run CI to verify.

---

Nitpick comments:
In @.github/workflows/main.yml:
- Line 30: Replace mutable action tags with immutable commit SHAs: find every
usage of namespacelabs/nscloud-checkout-action@v9 (and any other actions in this
workflow currently referenced by tags) and pin them to a specific commit SHA
(e.g., namespacelabs/nscloud-checkout-action@<commit-sha>) by updating the uses
lines to the corresponding commit hash from the action repo; ensure you update
all occurrences referenced in the workflow so each uses entry references an
exact commit SHA instead of a floating tag.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: fde2fefa-7015-4972-9ac1-37e05811d45b

📥 Commits

Reviewing files that changed from the base of the PR and between 3806a8b and d3b5273.

📒 Files selected for processing (2)

• .github/workflows/main.yml
• .github/workflows/releases.yml

[coderabbitai]

⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

🧩 Analysis chain

🌐 Web query:

namespacelabs/nscloud-checkout-action v9 release notes breaking changes from v8

💡 Result:

As of May 22, 2026, there is no v9 release for the namespacelabs/nscloud-checkout-action. The most recent version of this action is v8.1.1, released on March 19, 2026 [1]. The nscloud-checkout-action repository remains on the v8 release line [1]. Because no v9 release exists, there are no documented breaking changes or release notes for a v9 version. If you are seeing references to a "v9" in other contexts, they may be related to other software projects, such as the Grok V9 AI model or Mureka V9 music generation tool [2][3], which are distinct from this GitHub action. Top results: [1] [4] [5]

Citations:

• 1: https://github.com/namespacelabs/nscloud-checkout-action
• 2: https://www.digg.com/ai/irwowrco?rank=1
• 3: https://m.163.com/dy/article/KSLFK6E00511AQHO.html
• 4: https://github.com/namespacelabs/nscloud-checkout-action/pulls
• 5: https://namespace.so/docs/reference/github-actions/nscloud-checkout-action

---

Fix/verify invalid namespacelabs/nscloud-checkout-action@v9 tag

The workflow bumps namespacelabs/nscloud-checkout-action from @v8 to @v9 (e.g., line 30 and similarly at 55/71/105), but there are no v9 releases/tags documented for this action—latest is v8.1.1—so the workflow may fail at runtime because the @v9 reference can’t be resolved. Update to a valid v8 tag (or pin to the exact released version) and then re-check any v8→new changes as applicable.

🧰 Tools

🪛 zizmor (1.25.2)

[error] 30-30: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)

(unpinned-uses)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/main.yml at line 30, The workflow references an invalid
release tag for the action: replace all occurrences of the string
'namespacelabs/nscloud-checkout-action@v9' with a valid release tag (e.g.,
'namespacelabs/nscloud-checkout-action@v8' or better, pin to the exact published
version like 'namespacelabs/nscloud-checkout-action@v8.1.1'); update every
instance of that action reference in the workflow file(s) so the action can be
resolved at runtime and re-run CI to verify.

[NumaryBot]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: undefined

Command failed: just pre-commit
go: downloading github.com/formancehq/go-libs/v5 v5.1.1-0.20260522083443-d2a60ed2e0dd
go: downloading golang.org/x/sys v0.43.0
go: downloading golang.org/x/crypto v0.50.0
go: downloading golang.org/x/net v0.53.0
go: downloading github.com/formancehq/go-libs/v5 v5.1.1-0.20260522083443-d2a60ed2e0dd
go: github.com/formancehq/auth/cmd imports
	github.com/formancehq/go-libs/v5/pkg/fx/messagingfx: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/cmd imports
	github.com/formancehq/go-libs/v5/pkg/messaging/publish: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/cmd imports
	github.com/formancehq/go-libs/v5/pkg/observe/log: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/api imports
	github.com/formancehq/go-libs/v5/pkg/audit/httpaudit: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/cmd imports
	github.com/zitadel/logging tested by
	github.com/zitadel/logging.test imports
	gopkg.in/yaml.v2: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/cmd imports
	go.uber.org/fx tested by
	go.uber.org/fx.test imports
	go.uber.org/goleak: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/cmd imports
	gopkg.in/yaml.v3 tested by
	gopkg.in/yaml.v3.test imports
	gopkg.in/check.v1: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/api imports
	github.com/zitadel/oidc/v2/pkg/op tested by
	github.com/zitadel/oidc/v2/pkg/op.test imports
	github.com/golang/mock/gomock: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/oidc imports
	github.com/zitadel/oidc/v2/pkg/client tested by
	github.com/zitadel/oidc/v2/pkg/client.test imports
	github.com/jeremija/gosubmit: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/storage/sqlstorage imports
	github.com/formancehq/go-libs/v3/migrations tested by
	github.com/formancehq/go-libs/v3/migrations.test imports
	github.com/uptrace/bun/extra/bundebug: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/oidc imports
	github.com/zitadel/oidc/v2/pkg/http imports
	github.com/gorilla/securecookie tested by
	github.com/gorilla/securecookie.test imports
	github.com/google/gofuzz: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/testserver imports
	github.com/onsi/ginkgo/v2 imports
	github.com/onsi/ginkgo/v2/reporters tested by
	github.com/onsi/ginkgo/v2/reporters.test imports
	github.com/gkampitakis/go-snaps/snaps: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/testserver imports
	github.com/onsi/ginkgo/v2 imports
	github.com/onsi/ginkgo/v2/reporters tested by
	github.com/onsi/ginkgo/v2/reporters.test imports
	github.com/joshdk/go-junit: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/testserver imports
	github.com/onsi/ginkgo/v2 imports
	github.com/onsi/ginkgo/v2/reporters tested by
	github.com/onsi/ginkgo/v2/reporters.test imports
	github.com/mfridman/tparse/parse: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/api tested by
	github.com/formancehq/auth/pkg/api.test imports
	github.com/formancehq/go-libs/v3/testing/docker imports
	github.com/ory/dockertest/v3 tested by
	github.com/ory/dockertest/v3.test imports
	github.com/lib/pq: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/cmd imports
	github.com/formancehq/go-libs/v3/otlp/otlpmetrics imports
	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc imports
	google.golang.org/grpc/status tested by
	google.golang.org/grpc/status.test imports
	google.golang.org/grpc/testdata/grpc_testing_not_regenerated imports
	github.com/golang/protobuf/proto: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/api tested by
	github.com/formancehq/auth/pkg/api.test imports
	github.com/formancehq/go-libs/v3/testing/docker imports
	github.com/ory/dockertest/v3 imports
	github.com/ory/dockertest/v3/docker/opts imports
	github.com/docker/cli/cli/compose/loader tested by
	github.com/docker/cli/cli/compose/loader.test imports
	gotest.tools/v3/assert: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/api tested by
	github.com/formancehq/auth/pkg/api.test imports
	github.com/formancehq/go-libs/v3/testing/docker imports
	github.com/ory/dockertest/v3 imports
	github.com/ory/dockertest/v3/docker/opts imports
	github.com/docker/cli/cli/compose/loader tested by
	github.com/docker/cli/cli/compose/loader.test imports
	gotest.tools/v3/assert/cmp: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/api tested by
	github.com/formancehq/auth/pkg/api.test imports
	github.com/formancehq/go-libs/v3/testing/docker imports
	github.com/ory/dockertest/v3 imports
	github.com/ory/dockertest/v3/docker/opts imports
	github.com/docker/cli/cli/compose/loader tested by
	github.com/docker/cli/cli/compose/loader.test imports
	gotest.tools/v3/golden: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/api tested by
	github.com/formancehq/auth/pkg/api.test imports
	github.com/formancehq/go-libs/v3/testing/docker imports
	github.com/ory/dockertest/v3 imports
	github.com/ory/dockertest/v3/docker/opts imports
	github.com/docker/cli/cli/compose/loader tested by
	github.com/docker/cli/cli/compose/loader.test imports
	gotest.tools/v3/skip: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/api tested by
	github.com/formancehq/auth/pkg/api.test imports
	github.com/formancehq/go-libs/v3/testing/docker imports
	github.com/ory/dockertest/v3/docker imports
	github.com/ory/dockertest/v3/docker/pkg/jsonmessage imports
	github.com/moby/term tested by
	github.com/moby/term.test imports
	github.com/creack/pty: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/cmd imports
	github.com/formancehq/go-libs/v3/otlp/otlpmetrics imports
	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc imports
	google.golang.org/grpc imports
	google.golang.org/grpc/balancer/roundrobin imports
	google.golang.org/grpc/balancer/endpointsharding tested by
	google.golang.org/grpc/balancer/endpointsharding.test imports
	google.golang.org/grpc/internal/testutils/roundrobin imports
	gonum.org/v1/gonum/stat/distuv: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/api tested by
	github.com/formancehq/auth/pkg/api.test imports
	github.com/formancehq/go-libs/v3/testing/docker imports
	github.com/ory/dockertest/v3 imports
	github.com/ory/dockertest/v3/docker/opts imports
	github.com/docker/cli/cli/compose/loader imports
	github.com/docker/cli/opts tested by
	github.com/docker/cli/opts.test imports
	gotest.tools/v3/fs: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
go: github.com/formancehq/auth/pkg/api tested by
	github.com/formancehq/auth/pkg/api.test imports
	github.com/formancehq/go-libs/v3/testing/docker imports
	github.com/ory/dockertest/v3 imports
	github.com/ory/dockertest/v3/docker/opts imports
	github.com/docker/cli/cli/compose/loader imports
	github.com/docker/cli/opts imports
	github.com/moby/moby/client imports
	github.com/moby/moby/api/types/plugin tested by
	github.com/moby/moby/api/types/plugin.test imports
	pgregory.net/rapid: github.com/formancehq/go-libs/v5@v5.1.1-0.20260522083443-d2a60ed2e0dd: invalid version: unknown revision d2a60ed2e0dd
error: Recipe `tidy` failed on line 13 with exit code 1