build(deps): bump actions/checkout from 4 to 5 #2504
Conversation
dependabot
bot
added
dependencies
dependabot
bot
added
dependencies
dependabot
bot
force-pushed
the
dependabot/github_actions/actions/checkout-5
branch
from
116ef07 to
0bcd868
Compare
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/github_actions/actions/checkout-5
branch
from
0bcd868 to
3a46ed8
Compare
![codacy-production[bot]](https://avatars.githubusercontent.com/in/56611?s=60&v=4){kind=small}
There was a problem hiding this comment.
Dependabot updated actions/checkout from v4 to v6 across multiple GitHub Actions workflows. This is a straightforward dependency bump but has a notable compatibility requirement (actions/checkout v5+ requires runner >= v2.327.1 per PR description). Verify runner compatibility and any behavioral changes (node runtime bumps, defaults for submodules, fetch-depth, workspace behavior) before merging.
Confirm your self-hosted runners (if any) meet the minimum GitHub Actions runner version required by the new checkout (release notes mention a minimum for v5+). If not, schedule runner upgrades or pin to a compatible checkout version.
Review workflows that rely on checkout defaults (fetch-depth, submodule handling, path/working-directory behavior). New major versions sometimes change defaults — explicitly set options you rely on to avoid subtle CI regressions.
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
| uses: actions/checkout@v6 |
There was a problem hiding this comment.
You updated the checkout action to v6 here. Ensure your runners meet the minimum compatible runner version (v2.327.1+ for v5+, per release notes) and that any assumptions about checkout behavior (fetch-depth, LFS, submodules) are explicit if required.
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| uses: actions/checkout@v6 |
There was a problem hiding this comment.
Checkout bumped to v6 — same note: verify runner compatibility and submodule/fetch behavior if this job expects full history or specific refs.
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| uses: actions/checkout@v6 |
There was a problem hiding this comment.
Checkout bumped to v6 for scheduled jobs. Ensure any actions consuming the workspace are compatible with checkout v6 and that self-hosted runners are upgraded if used.
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| uses: actions/checkout@v6 |
There was a problem hiding this comment.
Another checkout update to v6 in this workflow — confirm runner version and behavior expectations before merging.
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| uses: actions/checkout@v6 |
There was a problem hiding this comment.
And here — checkout moved to v6. Review downstream steps that may depend on previous checkout semantics (e.g., caching, LFS, submodules).
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v4 | ||
| uses: actions/checkout@v6 |
There was a problem hiding this comment.
Value updated to actions/checkout@v6. Confirm token/submodule settings remain appropriate and runners meet the required minimum version.
Bumps actions/checkout from 4 to 5.
Release notes
Sourced from actions/checkout's releases.
... (truncated)
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
08c6903Prepare v5.0.0 release (#2238)9f26565Update actions checkout to use node 24 (#2226)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)