From 16dd4dc1bd95f9248f744268d84e4d7841d131c6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Jun 2026 03:22:22 +0000 Subject: [PATCH] build: bump actions/checkout from 6.0.3 to 7.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.3 to 7.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/df4cb1c069e1874edd31b4311f1884172cec0e10...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/auto_updates.yml | 2 +- .github/workflows/docker.yml | 2 +- .github/workflows/phylum_analyze_pr.yml | 2 +- .github/workflows/preview.yml | 4 ++-- .github/workflows/release.yml | 6 +++--- .github/workflows/test.yml | 6 +++--- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/auto_updates.yml b/.github/workflows/auto_updates.yml index 50b6919..da88922 100644 --- a/.github/workflows/auto_updates.yml +++ b/.github/workflows/auto_updates.yml @@ -23,7 +23,7 @@ jobs: shell: bash steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 # This GPG key is for the `phylum-bot` account and used in order to ensure commits are signed/verified - name: Import GPG key for bot account diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 9877819..d6637f6 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -68,7 +68,7 @@ jobs: echo "REL_VER_WITHOUT_v=${REL_VER_WITHOUT_v}" >> "${GITHUB_OUTPUT}" - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: # This will ensure the checkout matches the tag for the latest release ref: ${{ steps.get_vers.outputs.REL_VER_WITH_v }} diff --git a/.github/workflows/phylum_analyze_pr.yml b/.github/workflows/phylum_analyze_pr.yml index f573976..f191d6a 100644 --- a/.github/workflows/phylum_analyze_pr.yml +++ b/.github/workflows/phylum_analyze_pr.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - name: Analyze poetry.lock file diff --git a/.github/workflows/preview.yml b/.github/workflows/preview.yml index 4dbeedf..b17bc73 100644 --- a/.github/workflows/preview.yml +++ b/.github/workflows/preview.yml @@ -39,7 +39,7 @@ jobs: next_ver: ${{ steps.dev_ver.outputs.next_ver }} steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: # `python-semantic-release` needs full history to properly determine the next release version fetch-depth: 0 @@ -121,7 +121,7 @@ jobs: artifact: ./build/phylum-ci.exe steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 # Nuitka needs the packaged form and not the editable install Poetry provides # Ref: https://github.com/Nuitka/Nuitka/issues/2965 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1c76ede..6008214 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -41,7 +41,7 @@ jobs: psr_expected_next_ver: ${{ steps.get_vers.outputs.psr_expected_next_ver }} steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: # `python-semantic-release` needs full history to properly determine the next release version fetch-depth: 0 @@ -165,7 +165,7 @@ jobs: artifact: ./build/phylum-ci.exe steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 # Nuitka needs the packaged form and not the editable install Poetry provides # Ref: https://github.com/Nuitka/Nuitka/issues/2965 @@ -276,7 +276,7 @@ jobs: PHYLUM_TOKEN: ${{ secrets.PHYLUM_TOKEN }} steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: # `python-semantic-release` needs full history to properly determine the next release version fetch-depth: 0 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 9f45085..1958f8a 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Install poetry run: | @@ -72,7 +72,7 @@ jobs: python-version: ["3.10", "3.11", "3.12", "3.13"] steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Install poetry run: | @@ -117,7 +117,7 @@ jobs: PHYLUM_TOKEN: ${{ secrets.PHYLUM_TOKEN }} steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Install poetry if: ${{ matrix.build == 'wheel' }}