Skip to content

build(deps): bump actions/checkout from 5 to 6 #355

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hanabi1224 merged 1 commit into from
Nov 24, 2025
Merged

build(deps): bump actions/checkout from 5 to 6 #355

hanabi1224 merged 1 commit into from
Nov 24, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 24, 2025
edited by coderabbitai bot
Loading

Bumps actions/checkout from 5 to 6.

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

V6.0.0

V5.0.1

V5.0.0

V4.3.1

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

  • Chores
    • Updated CI/CD workflow configurations to use the latest version of the Git checkout tool across all automated processes for improved stability and compatibility.

✏️ Tip: You can customize this high-level summary in your review settings.

@dependabot
build(deps): bump actions/checkout from 5 to 6
b68df1b 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 24, 2025
@dependabot dependabot bot requested a review from a team as a code owner November 24, 2025 01:11
@dependabot dependabot bot added the github_actions Pull requests that update GitHub Actions code label Nov 24, 2025
@dependabot dependabot bot requested a review from hanabi1224 November 24, 2025 01:11
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Nov 24, 2025
edited
Loading

Walkthrough

Updates GitHub Actions checkout action from v5 to v6 across four CI/CD workflow files. No behavioral changes to workflow logic, steps, or error handling—only dependency version bumps applied consistently.

Changes

Cohort / File(s) Summary
GitHub Actions checkout version bump
.github/workflows/codecov.yml, .github/workflows/deploy.yml, .github/workflows/e2e.yml, .github/workflows/lint.yml		 Updated actions/checkout from v5 to v6 in all workflow files. No changes to workflow steps, control flow, or error handling logic.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

  • All changes are identical version bumps applied consistently across four files
  • No logic, conditional flow, or behavioral modifications
  • Low risk update to a widely-used action with established compatibility

Possibly related PRs

Suggested reviewers

  • hanabi1224
  • LesnyRumcajs
  • akaladarshi

Poem

🐰 The rabbit hops through workflows bright,
Bumping versions left and right!
From v5 to v6 we leap,
Actions fresh, improvements deep. ✨
All the checkouts, now updated—
CI/CD workflows elevated! 🚀

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: upgrading the actions/checkout dependency from v5 to v6 across multiple workflow files.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch dependabot/github_actions/actions/checkout-6
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 728c549 and b68df1b.

📒 Files selected for processing (4)
  • .github/workflows/codecov.yml (1 hunks)
  • .github/workflows/deploy.yml (1 hunks)
  • .github/workflows/e2e.yml (1 hunks)
  • .github/workflows/lint.yml (1 hunks)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)
  • GitHub Check: codedov
  • GitHub Check: E2E API Tests
  • GitHub Check: E2E Browser Tests
  • GitHub Check: E2E Claim Token API CORS Tests
  • GitHub Check: deploy
🔇 Additional comments (4)
.github/workflows/codecov.yml (1)

19-21: Safe upgrade to v6.

The fetch-depth configuration is unaffected by v6's credential persistence changes. This workflow has no dependency on credential storage location.

.github/workflows/lint.yml (1)

37-37: Clean upgrade to v6.

No credential configuration or special parameters present. The upgrade is straightforward with no workflow logic dependencies on v5 behavior.

.github/workflows/deploy.yml (1)

38-38: Safe upgrade—no git credential dependencies.

The deployment credentials (CF_API_TOKEN) are passed via action inputs, not git credentials, so the v6 credential persistence change has no impact on this workflow.

.github/workflows/e2e.yml (1)

56-56: Safe upgrade—secrets are environment-based, not git-dependent.

Test secrets are configured via environment variables (lines 93–95), not git credentials, so v6's credential persistence changes are transparent to this workflow.

Comment @coderabbitai help to get the list of available commands and usage tips.

@codecov-commenter
Copy link

codecov-commenter commented Nov 24, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 41.11%. Comparing base (728c549) to head (b68df1b).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #355   +/-   ##
=======================================
  Coverage   41.11%   41.11%           
=======================================
  Files          40       40           
  Lines        2668     2668           
=======================================
  Hits         1097     1097           
  Misses       1571     1571

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@hanabi1224 hanabi1224 added this pull request to the merge queue Nov 24, 2025
Merged via the queue into main with commit 8af60ba Nov 24, 2025
7 checks passed
@hanabi1224 hanabi1224 deleted the dependabot/github_actions/actions/checkout-6 branch November 24, 2025 02:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hanabi1224 hanabi1224 hanabi1224 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@codecov-commenter @hanabi1224