From af6d59cc039e613f3d0b3d56a85209eebeea7a9a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Jun 2026 14:53:06 +0000 Subject: [PATCH] chore(deps): bump the github-actions-all group across 1 directory with 2 updates Bumps the github-actions-all group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [actions/setup-node](https://github.com/actions/setup-node). Updates `actions/checkout` from 6 to 7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v6...v7) Updates `actions/setup-node` from 4 to 6 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 14 +++++++------- .github/workflows/docker-publish.yml | 2 +- .github/workflows/e2e.yml | 2 +- .github/workflows/preview-smoke.yml | 2 +- .github/workflows/release.yml | 4 ++-- .github/workflows/security.yml | 4 ++-- 6 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2f19788f..a0f54bb9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -43,7 +43,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 5 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -71,7 +71,7 @@ jobs: matrix: shard: [1, 2, 3] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -110,7 +110,7 @@ jobs: timeout-minutes: 10 needs: test steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -147,7 +147,7 @@ jobs: timeout-minutes: 10 needs: [typecheck, coverage] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -173,7 +173,7 @@ jobs: # build artifact compiles under the flag, so a self-host-specific # regression cannot pass CI silently. steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: @@ -242,7 +242,7 @@ jobs: # guard, a Caddyfile parse error) precisely because nothing here built # and ran the image. This job closes that gap. steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Build the self-host image (amd64, native) run: docker build -t feedzero:smoke . diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 47f0a05b..abbb643f 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -56,7 +56,7 @@ jobs: steps: - name: Check out - uses: actions/checkout@v6 + uses: actions/checkout@v7 # Resolve the release version from the trigger and (except for the # SHA-only manual dispatch) refuse to publish if it disagrees with diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 5de6a3e1..319c5af0 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -36,7 +36,7 @@ jobs: matrix: shard: [1, 2, 3, 4, 5, 6] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-node@v6 with: diff --git a/.github/workflows/preview-smoke.yml b/.github/workflows/preview-smoke.yml index 889e9bac..68dab922 100644 --- a/.github/workflows/preview-smoke.yml +++ b/.github/workflows/preview-smoke.yml @@ -46,7 +46,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 5 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: # Check out the SHA Vercel actually deployed, not main HEAD. ref: ${{ github.event.deployment.sha }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 861f9d35..3fada934 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,11 +20,11 @@ jobs: prepare: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: ref: main fetch-depth: 0 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: node-version: 24 - run: npm ci diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 67c67f09..91b5c62b 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -23,7 +23,7 @@ jobs: actions: read contents: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Initialize CodeQL uses: github/codeql-action/init@v4 @@ -46,7 +46,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: # gitleaks history scan needs full git history. fetch-depth: 0