Skip to content

ci(deps): bump actions/checkout from 5.0.1 to 6.0.2#185

Merged
EffortlessSteven merged 1 commit into
mainfrom
dependabot/github_actions/actions/checkout-6.0.2
May 11, 2026
Merged

ci(deps): bump actions/checkout from 5.0.1 to 6.0.2#185
EffortlessSteven merged 1 commit into
mainfrom
dependabot/github_actions/actions/checkout-6.0.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 11, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/checkout from 5.0.1 to 6.0.2.

Release notes

Sourced from actions/checkout's releases.

v6.0.2

What's Changed

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: actions/checkout@v6...v6.0.1

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

Commits

@dependabot @github

dependabot Bot commented on behalf of github May 11, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@factory-droid

factory-droid Bot commented May 11, 2026

Copy link
Copy Markdown

Droid encountered an error —— View job


Droid is reviewing code and running a security check…

@EffortlessSteven

Copy link
Copy Markdown
Member

@dependabot rebase

Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.1 to 6.0.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](actions/checkout@v5.0.1...v6.0.2)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/checkout-6.0.2 branch from 8149bf6 to 3d18fe4 Compare May 11, 2026 18:50
@factory-droid

factory-droid Bot commented May 11, 2026

Copy link
Copy Markdown

Droid finished @dependabot[bot]'s task —— View job


Droid Review CompleteView review

Assessment: approved

This is a straightforward Dependabot dependency bump updating actions/checkout from v5 to v6.0.2 across all workflow files. The SHA pinning in the three droid workflows is intentionally more secure (maintaining the existing pattern from v5), and the semver tag pinning in other workflows is consistent with standard practice. No functional, correctness, or security issues identified.

@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/checkout-6.0.2 branch from 8149bf6 to 3d18fe4 Compare May 11, 2026 18:52

@factory-droid factory-droid Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

approved

@EffortlessSteven EffortlessSteven merged commit d967dcf into main May 11, 2026
21 checks passed
@EffortlessSteven EffortlessSteven deleted the dependabot/github_actions/actions/checkout-6.0.2 branch May 11, 2026 19:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant