SAP · bot-sdk-js · Dec 2, 2025 · Dec 1, 2025
diff --git a/.github/workflows/blackduck.yaml b/.github/workflows/blackduck.yaml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 15
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: "Scan With Black Duck"
         uses: ./.github/actions/scan-with-blackduck
         with:
@@ -23,7 +23,7 @@ jobs:
     if: ${{ failure() && github.ref == 'refs/heads/main' }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - name: Notify
         run: python .pipeline/scripts/notify.py
         env:

diff --git a/.github/workflows/cache-maven-dependencies.yaml b/.github/workflows/cache-maven-dependencies.yaml
@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ env.MAVEN_CACHE_REF }}
 

diff --git a/.github/workflows/continuous-integration.yaml b/.github/workflows/continuous-integration.yaml
@@ -81,7 +81,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout Repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.context.outputs.commit }}
 
@@ -108,7 +108,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.context.outputs.commit }}
 
@@ -162,7 +162,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.context.outputs.commit }}
 
@@ -223,7 +223,7 @@ jobs:
     name: "Run ${{ matrix.task.name }} Analysis"
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.context.outputs.commit }}
 
@@ -264,7 +264,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.context.outputs.commit }}
 
@@ -398,7 +398,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.context.outputs.commit }}
 
@@ -414,7 +414,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.context.outputs.commit }}
 

diff --git a/.github/workflows/dependabot-automerge.yaml b/.github/workflows/dependabot-automerge.yaml
@@ -19,7 +19,7 @@ jobs:
       contents: write
     steps:
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Approve and Merge PRs
         run: |

diff --git a/.github/workflows/deploy-snapshot.yaml b/.github/workflows/deploy-snapshot.yaml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout Repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: "Setup java"
         uses: actions/setup-java@v5

diff --git a/.github/workflows/fosstars-report.yml b/.github/workflows/fosstars-report.yml
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     name: "Security rating"
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: SAP/[email protected]
         with:
           report-branch: fosstars-report

diff --git a/.github/workflows/javadoc.yaml b/.github/workflows/javadoc.yaml
@@ -25,7 +25,7 @@ jobs:
           git config --global user.name "SAP Cloud SDK Bot"
 
       - name: "Checkout Repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           fetch-depth: 0
 
@@ -58,7 +58,7 @@ jobs:
         run: mvn clean javadoc:aggregate -Drelease -Djava.failOnWarning=false --projects "${PROJECTS}" --quiet
 
       - name: "Checkout Docs Repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           repository: ${{ env.DOCS_REPO }}
           path: .cloud-sdk-docs

diff --git a/.github/workflows/perform-release.yml b/.github/workflows/perform-release.yml
@@ -52,7 +52,7 @@ jobs:
           GH_TOKEN: ${{ github.token }}
 
       - name: "Checkout Repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: "Check Whether Code PR Can Be Merged"
         if: ${{ inputs.skip-pr-merge != 'true' }}

diff --git a/.github/workflows/prepare-release.yaml b/.github/workflows/prepare-release.yaml
@@ -31,7 +31,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout Repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ github.event.inputs.branch }}
 
@@ -84,7 +84,7 @@ jobs:
       statuses: write # needed to update the commit status
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.bump-version.outputs.release-branch }}
 
@@ -120,7 +120,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.bump-version.outputs.release-branch }}
 
@@ -163,7 +163,7 @@ jobs:
       statuses: write # needed to update the commit status
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.create-release.outputs.release-name }}
       - name: "Trigger workflow (ignore failures)"
@@ -182,12 +182,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout Code Repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.bump-version.outputs.release-branch }}
           token: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }}
       - name: "Checkout Docs Repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           repository: ${{ env.DOCS_REPO }}
           path: .cloud-sdk-docs
@@ -260,7 +260,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout Repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ needs.bump-version.outputs.release-branch }}
           token: ${{ secrets.BOT_SDK_JS_FOR_DOCS_REPO_PR }} # this is needed so that the same token is used when pushing our changes later. Otherwise, our on: push workflows (i.e. our continuous integration) won't be triggered.
@@ -300,7 +300,7 @@ jobs:
     if: ${{ failure() }}
     steps:
       - name: "Checkout Repository"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           ref: ${{ github.event.inputs.branch }}
 

diff --git a/.github/workflows/reuse.yaml b/.github/workflows/reuse.yaml
@@ -12,6 +12,6 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
     - name: REUSE Compliance Check
       uses: fsfe/[email protected]