Skip to content

chore(deps): bump the github-actions group across 1 directory with 4 updates#3085

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-49b2b0c8f1
Open

chore(deps): bump the github-actions group across 1 directory with 4 updates#3085
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-49b2b0c8f1

chore(deps): bump the github-actions group across 1 directory with 4 …

7abcfa5
Select commit
Loading
Failed to load commit list.
Claude / Claude Code Review completed Jul 10, 2026 in 11m 28s

Code review found 1 important issue

Found 2 candidates, confirmed 1. See review comments for details.

Details

Severity Count
🔴 Important 1
🟡 Nit 0
🟣 Pre-existing 0
Severity File:Line Issue
🔴 Important .github/workflows/docs-preview.yml:119-122 checkout v7.0.0 breaks fork-PR docs-preview checkout under pull_request_target

Annotations

Check failure on line 122 in .github/workflows/docs-preview.yml

See this annotation in the file changed.

@claude claude / Claude Code Review

checkout v7.0.0 breaks fork-PR docs-preview checkout under pull_request_target

actions/checkout v7.0.0's breaking change (actions/checkout#2454) refuses to check out fork-PR code from a `pull_request_target`-triggered workflow unless the new `allow-unsafe-pr-checkout: true` input is set, so this bump deterministically breaks the docs-preview build for every admin-authorized fork PR — the checkout step throws and the comment job posts a false "Preview build failed" comment. Since this workflow already implements the isolation the guard enforces (admin-gated authorize, secre