From 9fa429caf37c556b381bb2106cb1b217711f3a10 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Aug 2025 18:34:31 +0000 Subject: [PATCH] Bump actions/checkout from 4.2.2 to 5.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/Component.BuildTest.yml | 2 +- .github/workflows/add-labels.yml | 4 ++-- .../workflows/ci-Exporter.OneCollector-Integration.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/core-version-update.yml | 2 +- .github/workflows/dotnet-format.yml | 2 +- .github/workflows/fossa.yml | 2 +- .github/workflows/integration.yml | 4 ++-- .github/workflows/markdownlint.yml | 2 +- .github/workflows/ossf-scorecard.yml | 2 +- .github/workflows/post-release.yml | 2 +- .github/workflows/prepare-release.yml | 10 +++++----- .github/workflows/publish-packages.yml | 4 ++-- .github/workflows/sanitycheck.yml | 4 ++-- .github/workflows/verifyaotcompat.yml | 2 +- .github/workflows/yamllint.yml | 2 +- 16 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/Component.BuildTest.yml b/.github/workflows/Component.BuildTest.yml index eff0fb7c73..3f2c3bccb0 100644 --- a/.github/workflows/Component.BuildTest.yml +++ b/.github/workflows/Component.BuildTest.yml @@ -54,7 +54,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit. MinVer needs to find # the version tag which is typically NOT on the first commit so we diff --git a/.github/workflows/add-labels.yml b/.github/workflows/add-labels.yml index dc5678c101..ba6d65d48b 100644 --- a/.github/workflows/add-labels.yml +++ b/.github/workflows/add-labels.yml @@ -18,7 +18,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Add labels for component found in bug issue descriptions shell: pwsh @@ -40,7 +40,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ github.event.repository.default_branch }} # Note: Do not run on the PR branch we want to execute add-labels.psm1 from main on the base repo only because pull_request_target can see secrets diff --git a/.github/workflows/ci-Exporter.OneCollector-Integration.yml b/.github/workflows/ci-Exporter.OneCollector-Integration.yml index 92d5989cfd..59b0f000bc 100644 --- a/.github/workflows/ci-Exporter.OneCollector-Integration.yml +++ b/.github/workflows/ci-Exporter.OneCollector-Integration.yml @@ -36,7 +36,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ github.event.pull_request.head.sha || github.ref }} # Run on the fork branch once approved diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index a58bec5cf0..9401ee1998 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -29,7 +29,7 @@ jobs: disk-root: "D:" - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Initialize CodeQL uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 diff --git a/.github/workflows/core-version-update.yml b/.github/workflows/core-version-update.yml index bc6d4f3c5f..089b4e114e 100644 --- a/.github/workflows/core-version-update.yml +++ b/.github/workflows/core-version-update.yml @@ -24,7 +24,7 @@ jobs: GH_TOKEN: ${{ secrets[needs.automation.outputs.token-secret-name] }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ github.event.repository.default_branch }} token: ${{ secrets[needs.automation.outputs.token-secret-name] }} diff --git a/.github/workflows/dotnet-format.yml b/.github/workflows/dotnet-format.yml index 3850234e51..5d9b042167 100644 --- a/.github/workflows/dotnet-format.yml +++ b/.github/workflows/dotnet-format.yml @@ -9,7 +9,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup dotnet uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1 diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml index ff73a43424..df48259d23 100644 --- a/.github/workflows/fossa.yml +++ b/.github/workflows/fossa.yml @@ -12,7 +12,7 @@ jobs: fossa: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - uses: fossas/fossa-action@c0a7d013f84c8ee5e910593186598625513cc1e4 # v1.6.0 with: diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index f7f554ce60..e68fb3dace 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -16,7 +16,7 @@ jobs: matrix: version: [net8.0] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Run redis docker compose run: docker compose --file=test/OpenTelemetry.Instrumentation.StackExchangeRedis.Tests/docker-compose.yml --file=build/docker-compose.${{ matrix.version }}.yml --project-directory=. up --exit-code-from=tests --build @@ -29,7 +29,7 @@ jobs: matrix: version: [net8.0] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Run kafka docker compose run: docker compose --file=test/OpenTelemetry.Instrumentation.ConfluentKafka.Tests/docker-compose.yml --file=build/docker-compose.${{ matrix.version }}.yml --project-directory=. up --exit-code-from=tests --build diff --git a/.github/workflows/markdownlint.yml b/.github/workflows/markdownlint.yml index 6d46d42a9d..fc1ec6ca3d 100644 --- a/.github/workflows/markdownlint.yml +++ b/.github/workflows/markdownlint.yml @@ -9,7 +9,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: run markdownlint uses: DavidAnson/markdownlint-cli2-action@05f32210e84442804257b2a6f20b273450ec8265 # v19.1.0 diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 97f07090ac..a0d28a9015 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -19,7 +19,7 @@ jobs: # Needed for GitHub OIDC token if publish_results is true id-token: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 3f36f962a3..fc91704465 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -27,7 +27,7 @@ jobs: GH_TOKEN: ${{ secrets[needs.automation.outputs.token-secret-name] }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit. We need all the tags # for this work. diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index eb6f2b7b78..1d1352d805 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -91,7 +91,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} @@ -128,7 +128,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} @@ -162,7 +162,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit which fails the git tag operation below fetch-depth: 0 @@ -201,7 +201,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit which fails the git tag operation below fetch-depth: 0 @@ -244,7 +244,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml index e7071f22ea..69cd466f53 100644 --- a/.github/workflows/publish-packages.yml +++ b/.github/workflows/publish-packages.yml @@ -29,7 +29,7 @@ jobs: artifact-id: ${{ steps.upload-artifacts.outputs.artifact-id }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit. MinVer needs to find # the version tag which is typically NOT on the first commit so we @@ -117,7 +117,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} diff --git a/.github/workflows/sanitycheck.yml b/.github/workflows/sanitycheck.yml index ba31fe37e4..3797230a29 100644 --- a/.github/workflows/sanitycheck.yml +++ b/.github/workflows/sanitycheck.yml @@ -9,7 +9,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: install misspell run: | @@ -24,7 +24,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: detect non-ASCII encoding and trailing space run: python3 ./build/scripts/sanitycheck.py diff --git a/.github/workflows/verifyaotcompat.yml b/.github/workflows/verifyaotcompat.yml index e614f51cdd..f4d4a957de 100644 --- a/.github/workflows/verifyaotcompat.yml +++ b/.github/workflows/verifyaotcompat.yml @@ -14,7 +14,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup dotnet uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1 diff --git a/.github/workflows/yamllint.yml b/.github/workflows/yamllint.yml index 9a825c92a8..636033c8ba 100644 --- a/.github/workflows/yamllint.yml +++ b/.github/workflows/yamllint.yml @@ -10,7 +10,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: install yamllint run: pip install -r ./build/yamllint-requirements.txt --require-hashes