From 777c31b26fca72bd65b528494ab6b5bf9c6207bc Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 8 Jun 2026 13:35:12 +0000
Subject: [PATCH] ci(deps): bump actions/checkout

Bumps the github-actions group with 1 update in the / directory: [actions/checkout](https://github.com/actions/checkout).


Updates `actions/checkout` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/bos-universal-launchpad-kicker.yml | 4 ++--
 .github/workflows/repo-metadata-sync.yml             | 2 +-
 .github/workflows/self-scan.yml                      | 2 +-
 .github/workflows/tests.yml                          | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/bos-universal-launchpad-kicker.yml b/.github/workflows/bos-universal-launchpad-kicker.yml
index 633e821..4d2402e 100644
--- a/.github/workflows/bos-universal-launchpad-kicker.yml
+++ b/.github/workflows/bos-universal-launchpad-kicker.yml
@@ -58,7 +58,7 @@ jobs:
       cfg: ${{ steps.config.outputs.cfg }}
     steps:
       - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           persist-credentials: false
       - name: Read launchpad config JSON
@@ -79,7 +79,7 @@ jobs:
       SYNC_MANAGED_FILES: ${{ fromJson(needs.parse-config.outputs.cfg).sync_managed_files }}
     steps:
       - name: Checkout
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           persist-credentials: false
           fetch-depth: 0
diff --git a/.github/workflows/repo-metadata-sync.yml b/.github/workflows/repo-metadata-sync.yml
index 54bda29..6103cb0 100644
--- a/.github/workflows/repo-metadata-sync.yml
+++ b/.github/workflows/repo-metadata-sync.yml
@@ -139,7 +139,7 @@ jobs:
 
       - if: steps.token-check.outputs.has_pat == 'true'
         name: Checkout released tree
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           # For `release: published` the tag name resolves to the
           # post-promote main commit (the launchpad tags `main`).
diff --git a/.github/workflows/self-scan.yml b/.github/workflows/self-scan.yml
index 13ab170..b1c2a3c 100644
--- a/.github/workflows/self-scan.yml
+++ b/.github/workflows/self-scan.yml
@@ -115,7 +115,7 @@ jobs:
           - arch: arm64
             runner: ${{ vars.RUNNER_ARM64 }}
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           persist-credentials: false
       - id: mode
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index d39c741..7e622ab 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -79,7 +79,7 @@ jobs:
       matrix:
         python-version: ['3.10', '3.11', '3.12']
     steps:
-      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           persist-credentials: false
       - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0