build(deps): bump actions/checkout from 4 to 6

dependabot[bot] · web-flow · commit f4d4349d6350 · 2026-03-09T06:18:38.000Z
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml
@@ -33,7 +33,7 @@ jobs:
       image-tag: ${{ steps.meta.outputs.tag }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       # ── Image tag: short SHA ──────────────────────────────────────────────
       - name: Set image tag
@@ -79,7 +79,7 @@ jobs:
 
     steps:
       - name: Checkout tenant-gitops-be808f
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           repository: bcgov-c/tenant-gitops-be808f
           token: ${{ secrets.GITOPS_PAT }}
diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml
@@ -41,7 +41,7 @@ jobs:
           --health-retries=5
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Setup .NET 10
         uses: actions/setup-dotnet@v4
@@ -65,7 +65,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Setup Node 22
         uses: actions/setup-node@v4
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -36,7 +36,7 @@ jobs:
         language: [csharp, javascript-typescript]
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v3
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -23,7 +23,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Dependency Review
         uses: actions/dependency-review-action@v4
diff --git a/.github/workflows/secrets-scan.yml b/.github/workflows/secrets-scan.yml
@@ -31,7 +31,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           fetch-depth: 0   # full history required for --log-opts scanning
 
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
@@ -32,7 +32,7 @@ jobs:
     if: github.event_name == 'pull_request'
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Run Trivy filesystem scan
         uses: aquasecurity/trivy-action@0.28.0
@@ -59,7 +59,7 @@ jobs:
     if: github.event_name == 'push' && github.ref == 'refs/heads/develop'
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Set image tag
         id: tag
