From 2afcee1bf5117964923326852432378492ae665f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Jun 2026 10:03:33 +0000 Subject: [PATCH 1/2] Bump actions/checkout from 6 to 7 Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/certsummary-deploy.yaml | 2 +- .github/workflows/codeql-javascript-typescript.yml | 2 +- .github/workflows/zizmor.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/certsummary-deploy.yaml b/.github/workflows/certsummary-deploy.yaml index ed3e6d2..1458461 100644 --- a/.github/workflows/certsummary-deploy.yaml +++ b/.github/workflows/certsummary-deploy.yaml @@ -21,7 +21,7 @@ jobs: WEBSITE: ${{ secrets.WEBSITE }} steps: - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: persist-credentials: false diff --git a/.github/workflows/codeql-javascript-typescript.yml b/.github/workflows/codeql-javascript-typescript.yml index e8c3ba6..a73f735 100644 --- a/.github/workflows/codeql-javascript-typescript.yml +++ b/.github/workflows/codeql-javascript-typescript.yml @@ -55,7 +55,7 @@ jobs: # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: persist-credentials: false diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index e922181..607c75e 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -23,7 +23,7 @@ jobs: actions: read steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false From 3de6f75437e1f1a7daf9a633caf01856c460c1b1 Mon Sep 17 00:00:00 2001 From: Jared Hatfield Date: Sat, 20 Jun 2026 15:07:36 +0000 Subject: [PATCH 2/2] Pin actions/checkout to SHA for v7.0.0 --- .github/workflows/certsummary-deploy.yaml | 2 +- .github/workflows/codeql-javascript-typescript.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/certsummary-deploy.yaml b/.github/workflows/certsummary-deploy.yaml index 1458461..724fc66 100644 --- a/.github/workflows/certsummary-deploy.yaml +++ b/.github/workflows/certsummary-deploy.yaml @@ -21,7 +21,7 @@ jobs: WEBSITE: ${{ secrets.WEBSITE }} steps: - name: Checkout code - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/codeql-javascript-typescript.yml b/.github/workflows/codeql-javascript-typescript.yml index a73f735..a27c4ba 100644 --- a/.github/workflows/codeql-javascript-typescript.yml +++ b/.github/workflows/codeql-javascript-typescript.yml @@ -55,7 +55,7 @@ jobs: # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages steps: - name: Checkout repository - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false