diff --git a/.github/workflows/agents-71-codex-belt-dispatcher.yml b/.github/workflows/agents-71-codex-belt-dispatcher.yml index ebba3756e..5a77d0e95 100644 --- a/.github/workflows/agents-71-codex-belt-dispatcher.yml +++ b/.github/workflows/agents-71-codex-belt-dispatcher.yml @@ -167,7 +167,7 @@ jobs: echo "dry_run=${{ inputs.dry_run }}" >>"$GITHUB_OUTPUT" - name: Checkout repo (for retry helpers) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ env.GH_DISPATCH_TOKEN }} fetch-depth: 1 @@ -183,7 +183,7 @@ jobs: uses: ./.github/actions/resolve-default-branch - name: Checkout (for retry helpers) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: repository: stranske/Workflows ref: ${{ steps.workflows_ref.outputs.ref }} @@ -293,7 +293,7 @@ jobs: - name: Checkout default branch if: ${{ steps.pick.outputs.issue != '' && steps.mode.outputs.dry_run != 'true' }} - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ steps.pick.outputs.base }} token: ${{ env.GH_DISPATCH_TOKEN }} diff --git a/.github/workflows/agents-72-codex-belt-worker.yml b/.github/workflows/agents-72-codex-belt-worker.yml index 247dba74c..c5bc007f8 100644 --- a/.github/workflows/agents-72-codex-belt-worker.yml +++ b/.github/workflows/agents-72-codex-belt-worker.yml @@ -290,7 +290,7 @@ jobs: .write(); - name: Checkout repo (for retry helpers) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ env.GH_BELT_TOKEN }} fetch-depth: 1 @@ -306,7 +306,7 @@ jobs: uses: ./.github/actions/resolve-default-branch - name: Checkout Workflows scripts - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: repository: stranske/Workflows ref: ${{ steps.workflows_ref.outputs.ref }} @@ -569,7 +569,7 @@ jobs: - name: Checkout branch if: ${{ steps.parallel.outputs.allowed == 'true' && (inputs.keepalive != true || steps.keepalive_gate.outputs.action != 'skip') }} - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ steps.ctx.outputs.branch }} token: ${{ env.GH_BELT_TOKEN }} @@ -577,7 +577,7 @@ jobs: - name: Checkout belt tooling if: ${{ steps.parallel.outputs.allowed == 'true' && (inputs.keepalive != true || steps.keepalive_gate.outputs.action != 'skip') }} - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: repository: stranske/Workflows ref: ${{ steps.workflows_ref.outputs.ref }} diff --git a/.github/workflows/agents-73-codex-belt-conveyor.yml b/.github/workflows/agents-73-codex-belt-conveyor.yml index 0e36b16a1..f2e3a3540 100644 --- a/.github/workflows/agents-73-codex-belt-conveyor.yml +++ b/.github/workflows/agents-73-codex-belt-conveyor.yml @@ -184,7 +184,7 @@ jobs: } >>"$GITHUB_OUTPUT" - name: Checkout retry helpers - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/actions/setup-api-client diff --git a/.github/workflows/agents-80-pr-event-hub.yml b/.github/workflows/agents-80-pr-event-hub.yml index 443d0d543..dae18757a 100644 --- a/.github/workflows/agents-80-pr-event-hub.yml +++ b/.github/workflows/agents-80-pr-event-hub.yml @@ -72,7 +72,7 @@ jobs: should_run: ${{ steps.eligibility.outputs.should-run || 'false' }} steps: - name: Checkout eligibility action - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: >- ${{ github.event.pull_request.base.sha || @@ -252,7 +252,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout scripts - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/scripts/error_classifier.js @@ -314,7 +314,7 @@ jobs: - name: Checkout repository if: steps.check-merged.outputs.merged == 'true' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: repository: stranske/Workflows token: ${{ secrets.SERVICE_BOT_PAT || github.token }} diff --git a/.github/workflows/agents-81-gate-followups.yml b/.github/workflows/agents-81-gate-followups.yml index 3ef2bc8f2..ce45bb64c 100644 --- a/.github/workflows/agents-81-gate-followups.yml +++ b/.github/workflows/agents-81-gate-followups.yml @@ -81,7 +81,7 @@ jobs: fingerprint_current_hash: ${{ steps.fingerprint.outputs.current_hash }} steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup API client uses: ./.github/actions/setup-api-client @@ -381,7 +381,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup API client uses: ./.github/actions/setup-api-client @@ -483,7 +483,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout runner library - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | scripts/runner_lib @@ -544,7 +544,7 @@ jobs: environment: agent-standard steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup API client uses: ./.github/actions/setup-api-client @@ -843,7 +843,7 @@ jobs: dispatch_reason: ${{ steps.runner_dispatch.outputs.reason }} steps: - name: Checkout (for security gate + agent registry) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/actions/setup-api-client @@ -1280,7 +1280,7 @@ jobs: environment: agent-standard steps: - name: Checkout (for retry helpers) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/scripts/github-api-with-retry.js @@ -1350,7 +1350,7 @@ jobs: environment: agent-standard steps: - name: Checkout (for retry helpers) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/scripts/github-api-with-retry.js @@ -1548,7 +1548,7 @@ jobs: steps: # Do not remove checkout; the retry helper is required. - name: Checkout (for retry helpers) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/scripts/github-api-with-retry.js diff --git a/.github/workflows/agents-auto-label.yml b/.github/workflows/agents-auto-label.yml index dadeb0f27..c812ddde1 100644 --- a/.github/workflows/agents-auto-label.yml +++ b/.github/workflows/agents-auto-label.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Checkout eligibility action - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: >- ${{ github.event.pull_request.base.sha || @@ -54,7 +54,7 @@ jobs: - name: Checkout repository if: steps.eligibility.outputs.should-run == 'true' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup API client if: steps.eligibility.outputs.should-run == 'true' diff --git a/.github/workflows/agents-auto-pilot.yml b/.github/workflows/agents-auto-pilot.yml index 38699e494..280ce3488 100644 --- a/.github/workflows/agents-auto-pilot.yml +++ b/.github/workflows/agents-auto-pilot.yml @@ -71,7 +71,7 @@ jobs: proceed: ${{ steps.eligibility.outputs.should-run }} steps: - name: Checkout eligibility action - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: >- ${{ github.event.pull_request.base.sha || @@ -155,7 +155,7 @@ jobs: - name: Checkout repository if: steps.check_enabled.outputs.enabled == 'true' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ steps.app_token.outputs.token || github.token }} @@ -181,7 +181,7 @@ jobs: - name: Checkout Workflows scripts if: steps.check_enabled.outputs.enabled == 'true' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ steps.app_token.outputs.token || github.token }} repository: stranske/Workflows diff --git a/.github/workflows/agents-autofix-dispatcher.yml b/.github/workflows/agents-autofix-dispatcher.yml index dce21a1bc..f4e5d03ef 100644 --- a/.github/workflows/agents-autofix-dispatcher.yml +++ b/.github/workflows/agents-autofix-dispatcher.yml @@ -28,7 +28,7 @@ jobs: owner: ${{ github.repository_owner }} - name: Checkout workflow helpers - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ steps.app_token.outputs.token || github.token }} sparse-checkout: | diff --git a/.github/workflows/agents-capability-check.yml b/.github/workflows/agents-capability-check.yml index 69cc77fb0..3f04e8fb9 100644 --- a/.github/workflows/agents-capability-check.yml +++ b/.github/workflows/agents-capability-check.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup API client uses: ./.github/actions/setup-api-client diff --git a/.github/workflows/agents-decompose.yml b/.github/workflows/agents-decompose.yml index b8a987d8a..20e3575d8 100644 --- a/.github/workflows/agents-decompose.yml +++ b/.github/workflows/agents-decompose.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup API client uses: ./.github/actions/setup-api-client diff --git a/.github/workflows/agents-dedup.yml b/.github/workflows/agents-dedup.yml index 1ed5f2a42..65dfd5293 100644 --- a/.github/workflows/agents-dedup.yml +++ b/.github/workflows/agents-dedup.yml @@ -29,7 +29,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup API client uses: ./.github/actions/setup-api-client diff --git a/.github/workflows/agents-guard.yml b/.github/workflows/agents-guard.yml index 25e7885c9..42ca4222d 100644 --- a/.github/workflows/agents-guard.yml +++ b/.github/workflows/agents-guard.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout eligibility action - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: >- ${{ github.event.pull_request.base.sha || @@ -67,7 +67,7 @@ jobs: if: >- steps.eligibility.outputs.should-run == 'true' && github.event_name == 'pull_request_target' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ github.event.pull_request.base.sha }} sparse-checkout-cone-mode: false @@ -138,7 +138,7 @@ jobs: if: >- steps.eligibility.outputs.should-run == 'true' && github.event_name == 'pull_request' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout-cone-mode: false sparse-checkout: | diff --git a/.github/workflows/agents-issue-optimizer.yml b/.github/workflows/agents-issue-optimizer.yml index d329dd005..c03346396 100644 --- a/.github/workflows/agents-issue-optimizer.yml +++ b/.github/workflows/agents-issue-optimizer.yml @@ -117,11 +117,11 @@ jobs: - name: Checkout repository if: steps.check.outputs.should_run == 'true' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Checkout Workflows repository for scripts if: steps.check.outputs.should_run == 'true' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: repository: stranske/Workflows path: workflows-scripts diff --git a/.github/workflows/agents-keepalive-loop-reporter.yml b/.github/workflows/agents-keepalive-loop-reporter.yml index dbb7a015e..9c1578615 100644 --- a/.github/workflows/agents-keepalive-loop-reporter.yml +++ b/.github/workflows/agents-keepalive-loop-reporter.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout keepalive scripts - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/scripts diff --git a/.github/workflows/agents-verifier.yml b/.github/workflows/agents-verifier.yml index 7f5eaba3c..92fa65e2b 100644 --- a/.github/workflows/agents-verifier.yml +++ b/.github/workflows/agents-verifier.yml @@ -86,7 +86,7 @@ jobs: fingerprint_current_hash: ${{ steps.fingerprint.outputs.current_hash }} steps: - name: Checkout retry helpers - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/actions/setup-api-client @@ -330,7 +330,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout state fingerprint helper - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: scripts/state_fingerprint.py sparse-checkout-cone-mode: false diff --git a/.github/workflows/agents-verify-to-new-pr.yml b/.github/workflows/agents-verify-to-new-pr.yml index 33568b439..1c62224b6 100644 --- a/.github/workflows/agents-verify-to-new-pr.yml +++ b/.github/workflows/agents-verify-to-new-pr.yml @@ -66,7 +66,7 @@ jobs: - name: Checkout repository if: steps.check-merged.outputs.merged == 'true' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: repository: stranske/Workflows token: ${{ steps.select-token.outputs.token }} diff --git a/.github/workflows/agents-weekly-metrics.yml b/.github/workflows/agents-weekly-metrics.yml index 5b40bc1f6..1e401d551 100644 --- a/.github/workflows/agents-weekly-metrics.yml +++ b/.github/workflows/agents-weekly-metrics.yml @@ -27,7 +27,7 @@ jobs: owner: ${{ github.repository_owner }} - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ steps.app_token.outputs.token || github.token }} diff --git a/.github/workflows/autofix.yml b/.github/workflows/autofix.yml index c808c2b2b..910abcd27 100644 --- a/.github/workflows/autofix.yml +++ b/.github/workflows/autofix.yml @@ -67,7 +67,7 @@ jobs: dispatch_reason: ${{ steps.runner_dispatch.outputs.reason }} steps: - name: Checkout eligibility action - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: >- ${{ github.event.pull_request.base.sha || @@ -91,7 +91,7 @@ jobs: - name: Checkout for API helpers if: steps.eligibility.outputs.should-run == 'true' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/actions/setup-api-client @@ -518,7 +518,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout runner library - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | scripts/runner_lib diff --git a/.github/workflows/backplane-conformance.yml b/.github/workflows/backplane-conformance.yml index 6c46b7a99..75b958f84 100644 --- a/.github/workflows/backplane-conformance.yml +++ b/.github/workflows/backplane-conformance.yml @@ -25,7 +25,7 @@ jobs: run_json: artifacts/reference/run.json manifest: artifacts/reference/manifest.json steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6 with: python-version: '3.14' diff --git a/.github/workflows/baseline-report.yml b/.github/workflows/baseline-report.yml index 9a02106b4..3af169303 100644 --- a/.github/workflows/baseline-report.yml +++ b/.github/workflows/baseline-report.yml @@ -25,7 +25,7 @@ jobs: refresh: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: token: ${{ secrets.ACTIONS_BOT_PAT || secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f5ceb63aa..0ed332280 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -40,7 +40,7 @@ jobs: name: Runtime CI runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Python uses: actions/setup-python@v6 diff --git a/.github/workflows/cross-repo-smoke.yml b/.github/workflows/cross-repo-smoke.yml index cbfb7b972..44e680551 100644 --- a/.github/workflows/cross-repo-smoke.yml +++ b/.github/workflows/cross-repo-smoke.yml @@ -29,12 +29,12 @@ jobs: timeout-minutes: 25 steps: - name: Checkout trip-planner (PR head) - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: path: trip-planner - name: Checkout Travel-Plan-Permission at pinned ref - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: repository: stranske/Travel-Plan-Permission ref: ${{ env.TPP_PINNED_REF }} diff --git a/.github/workflows/maint-76-claude-code-review.yml b/.github/workflows/maint-76-claude-code-review.yml index 72f6d340c..f441b4047 100644 --- a/.github/workflows/maint-76-claude-code-review.yml +++ b/.github/workflows/maint-76-claude-code-review.yml @@ -26,7 +26,7 @@ jobs: reason: ${{ steps.resolve.outputs.reason }} steps: - name: Checkout (for API wrappers) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/actions/setup-api-client @@ -114,7 +114,7 @@ jobs: workflow_unchanged: ${{ steps.workflow-integrity.outputs.workflow_unchanged }} steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 @@ -182,7 +182,7 @@ jobs: id-token: write steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 diff --git a/.github/workflows/maint-coverage-guard.yml b/.github/workflows/maint-coverage-guard.yml index 1c904998b..6006fa2e0 100644 --- a/.github/workflows/maint-coverage-guard.yml +++ b/.github/workflows/maint-coverage-guard.yml @@ -33,7 +33,7 @@ jobs: private-key: ${{ secrets.WORKFLOWS_APP_PRIVATE_KEY || 'dummy' }} - name: Checkout retry helpers - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ steps.app_token.outputs.token || github.token }} sparse-checkout: | @@ -118,7 +118,7 @@ jobs: owner: ${{ github.repository_owner }} - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Locate latest Gate workflow run id: discover diff --git a/.github/workflows/maint-dependabot-auto-lock.yml b/.github/workflows/maint-dependabot-auto-lock.yml index 6380f0357..97bf6343d 100644 --- a/.github/workflows/maint-dependabot-auto-lock.yml +++ b/.github/workflows/maint-dependabot-auto-lock.yml @@ -20,7 +20,7 @@ jobs: if: github.actor == 'dependabot[bot]' steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: ref: ${{ github.head_ref }} token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/pr-00-gate.yml b/.github/workflows/pr-00-gate.yml index 4aef411f2..a706ff4df 100644 --- a/.github/workflows/pr-00-gate.yml +++ b/.github/workflows/pr-00-gate.yml @@ -48,7 +48,7 @@ jobs: classification_rationale: ${{ steps.classify.outputs.classification-rationale || 'path classifier unavailable' }} steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v7 - name: Classify changed paths id: classify @@ -92,7 +92,7 @@ jobs: if: ${{ needs.detect.outputs.is_docs_only != 'true' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Set up Python uses: actions/setup-python@v6 @@ -129,7 +129,7 @@ jobs: description: ${{ steps.summarize.outputs.description }} steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: sparse-checkout: | .github/scripts diff --git a/.github/workflows/reusable-pr-context.yml b/.github/workflows/reusable-pr-context.yml index 9fe45c0b8..6625901e7 100644 --- a/.github/workflows/reusable-pr-context.yml +++ b/.github/workflows/reusable-pr-context.yml @@ -135,7 +135,7 @@ jobs: steps: - name: Checkout (for scripts) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | .github/scripts