From 0264c343777b2a74925c5d593af7b39386400e7d Mon Sep 17 00:00:00 2001 From: GrantBirki Date: Wed, 26 Nov 2025 14:02:00 -0800 Subject: [PATCH] update actions/checkout from vX to v6 across workflow files and documentation --- .../workflows/actions-config-validation.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/copilot-setup-steps.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/package-check.yml | 2 +- .github/workflows/test.yml | 2 +- .../workflows/update-latest-release-tag.yml | 2 +- README.md | 4 ++-- docs/deploying-commit-SHAs.md | 4 ++-- docs/examples.md | 22 +++++++++---------- docs/merge-commit-strategy.md | 2 +- 11 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/actions-config-validation.yml b/.github/workflows/actions-config-validation.yml index fd6fa306..db8dc732 100644 --- a/.github/workflows/actions-config-validation.yml +++ b/.github/workflows/actions-config-validation.yml @@ -14,7 +14,7 @@ jobs: actions-config-validation: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 2188b13b..bad94777 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -26,7 +26,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index a39dc4d2..cf186608 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -12,7 +12,7 @@ jobs: contents: read steps: - name: checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 44e89552..d46cc104 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -12,7 +12,7 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/package-check.yml b/.github/workflows/package-check.yml index 5f5e044d..a3d35fdb 100644 --- a/.github/workflows/package-check.yml +++ b/.github/workflows/package-check.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0be5714d..68e454e6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -12,7 +12,7 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/update-latest-release-tag.yml b/.github/workflows/update-latest-release-tag.yml index d8d95ae7..06e60c6c 100644 --- a/.github/workflows/update-latest-release-tag.yml +++ b/.github/workflows/update-latest-release-tag.yml @@ -20,7 +20,7 @@ jobs: tag: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/README.md b/README.md index 7095645c..710d21ae 100644 --- a/README.md +++ b/README.md @@ -109,7 +109,7 @@ jobs: # Checkout your project's repository based on the commit SHA provided by the branch-deploy step # It is important to only ever operate on the commit SHA (where possible) as commit SHA's are immutable and you know exactly what you are deploying - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: ref: ${{ steps.branch-deploy.outputs.sha }} @@ -205,7 +205,7 @@ jobs: runs-on: ubuntu-latest steps: # Checkout your projects repository - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 ``` Sets up your `demo` job, uses an ubuntu runner, and checks out your repo - Just some standard setup for a general Action. We also add an `if:` statement here to only run this workflow on pull request comments to make it a little cleaner diff --git a/docs/deploying-commit-SHAs.md b/docs/deploying-commit-SHAs.md index ca5b3c01..5b50a3d6 100644 --- a/docs/deploying-commit-SHAs.md +++ b/docs/deploying-commit-SHAs.md @@ -11,7 +11,7 @@ Instead of this: - name: checkout if: steps.branch-deploy.outputs.continue == 'true' - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ steps.branch-deploy.outputs.ref }} # <-- This is the branch name, can be risky ``` @@ -25,7 +25,7 @@ Do this: - name: checkout if: steps.branch-deploy.outputs.continue == 'true' - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ steps.branch-deploy.outputs.sha }} # <-- uses an exact commit SHA - safe! ``` diff --git a/docs/examples.md b/docs/examples.md index 1a3f6545..195aa48c 100644 --- a/docs/examples.md +++ b/docs/examples.md @@ -57,7 +57,7 @@ jobs: uses: github/branch-deploy@vX.X.X # If the branch-deploy Action was triggered, checkout our branch - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: ref: ${{ steps.branch-deploy.outputs.sha }} @@ -121,7 +121,7 @@ jobs: # If the branch-deploy Action was triggered, checkout our branch - name: Checkout if: steps.branch-deploy.outputs.continue == 'true' - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ steps.branch-deploy.outputs.sha }} @@ -220,7 +220,7 @@ jobs: # If the branch-deploy Action was triggered, checkout our branch - name: Checkout if: steps.branch-deploy.outputs.continue == 'true' - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ steps.branch-deploy.outputs.sha }} @@ -273,7 +273,7 @@ jobs: # If the branch-deploy Action was triggered, checkout our branch - name: Checkout if: steps.branch-deploy.outputs.continue == 'true' - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ steps.branch-deploy.outputs.sha }} @@ -329,7 +329,7 @@ jobs: # If the branch-deploy Action was triggered, checkout our branch - name: Checkout if: ${{ steps.branch-deploy.outputs.continue == 'true' }} - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ steps.branch-deploy.outputs.sha }} @@ -384,7 +384,7 @@ jobs: # If the branch-deploy Action was triggered, checkout our branch - name: Checkout if: ${{ steps.branch-deploy.outputs.continue == 'true' }} - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ steps.branch-deploy.outputs.sha }} @@ -466,7 +466,7 @@ jobs: # If the branch-deploy Action was triggered, checkout our branch - name: Checkout if: ${{ steps.branch-deploy.outputs.continue == 'true' }} - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ steps.branch-deploy.outputs.sha }} @@ -547,7 +547,7 @@ jobs: steps: # checkout the project's repository based on the commit SHA provided by the branch-deploy step - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ needs.trigger.outputs.sha }} @@ -732,7 +732,7 @@ jobs: steps: # checkout the project's repository based on the commit SHA provided by the branch-deploy step - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ needs.trigger.outputs.sha }} @@ -970,7 +970,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ needs.trigger.outputs.sha }} @@ -1195,7 +1195,7 @@ jobs: steps: - name: Checkout id: checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ needs.start.outputs.sha }} diff --git a/docs/merge-commit-strategy.md b/docs/merge-commit-strategy.md index 18932712..a1393e67 100644 --- a/docs/merge-commit-strategy.md +++ b/docs/merge-commit-strategy.md @@ -63,7 +63,7 @@ jobs: # Otherwise, all subsequent steps will be skipped # Check out the repository - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 if: ${{ steps.deployment-check.outputs.continue == 'true' }} # only run if the Action returned 'true' for the 'continue' output with: ref: ${{ steps.deployment-check.outputs.sha }} # checkout the EXACT sha of the default branch for deployment (latest commit on the default branch)