chore(deps): update github actions (major)

.github/workflows/Apply Labels to Pull Request.yml

@@ -13,9 +13,9 @@ jobs:
       pull-requests: write
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Apply Labels Based on PR Changes
-        uses: actions/labeler@v5
+        uses: actions/labeler@v6
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           configuration-path: .github/labeler.yml

.github/workflows/Attest-build-provenance.yml

@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 📥 Checkout Source Code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: 🧾 Generate Provenance Attestation
         uses: slsa-framework/slsa-github-generator/actions/provenance@v1
         with:

.github/workflows/Auditwheel Compatibility.yml

@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     container: quay.io/pypa/manylinux2014_x86_64
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - run: pip install build
       - run: python -m build
       - run: auditwheel show dist/*.whl

.github/workflows/Auto Rebase Dependabot Pull Requests.yml

@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Add autorebase label
-        uses: actions/github-script@v7
+        uses: actions/github-script@v8
         with:
           script: |-
             github.rest.issues.addLabels({

.github/workflows/Automated Version Bump and Changelog.yml

@@ -11,11 +11,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.13'
       - name: Install Commitizen

.github/workflows/Build and Push Docker Image.yml

@@ -13,14 +13,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 📥 Checkout Repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: 🔧 Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: 🔐 Log in to GitHub Container Registry
         run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }}
           --password-stdin
       - name: 🐍 Set up Python & Install Commitizen
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.13'
       - name: 📦 Install Commitizen

.github/workflows/Check Outdated Dependencies.yml

@@ -9,8 +9,8 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
+      - uses: actions/checkout@v5
+      - uses: actions/setup-python@v6
         with:
           python-version: 3.x
       - name: Install Pip Tools

.github/workflows/Cleanup Old Docker Images.yml

@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Extract repository short name
         id: extract
         run: echo "REPO_NAME=$(basename '${{ github.repository }}')" >> $GITHUB_ENV

.github/workflows/Code Coverage.yml

@@ -8,8 +8,8 @@ jobs:
   coverage:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
+      - uses: actions/checkout@v5
+      - uses: actions/setup-python@v6
         with:
           python-version: '3.11'
       - run: pip install -e .[dev]

.github/workflows/CodeQL Analysis.yml

@@ -16,8 +16,8 @@ jobs:
       matrix:
         language: [python]
     steps:
-      - uses: actions/checkout@v4
-      - uses: github/codeql-action/init@v3
+      - uses: actions/checkout@v5
+      - uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
-      - uses: github/codeql-action/analyze@v3
+      - uses: github/codeql-action/analyze@v4

.github/workflows/Create Greetings on Pull Request.yml

@@ -15,7 +15,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Greet First-Time Contributors
-        uses: actions/first-interaction@v2
+        uses: actions/first-interaction@v3
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           issue-message: |

.github/workflows/Dependabot Dependency Updates.yml

@@ -10,9 +10,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: 3.x
       - name: Install pip-tools

.github/workflows/Dependency Check with Deptry.yml

@@ -13,9 +13,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: 3.11
       - name: Install Deptry

.github/workflows/Dependency Security Audit.yml

@@ -7,8 +7,8 @@ jobs:
   dependency-security-audit:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
+      - uses: actions/checkout@v5
+      - uses: actions/setup-python@v6
         with:
           python-version: 3.x
       - name: Install pip-audit

.github/workflows/Deploy MkDocs to GitHub Pages.yml

@@ -14,9 +14,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.13'
       - name: Install dependencies

.github/workflows/GitHub Actions Cleanup.yml

@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Delete Old Workflow Runs (Older than 30 Days)
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/GitHub Release & Artifact Upload.yml

@@ -13,14 +13,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout source code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Download SBOM
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: sbom
           path: artifacts/
       - name: Download pip-audit report
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: pip-audit-report
           path: artifacts/

.github/workflows/GitHub Workflow Lint.yml

@@ -5,7 +5,7 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0  # ✅ Fix for Super Linter SHA access
       - name: Super Linter

.github/workflows/Github Automated Releases.yml

@@ -11,9 +11,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.13'
       - name: Install Commitizen

.github/workflows/Ignore File Consistency Check.yml

@@ -5,7 +5,7 @@ jobs:
   validate:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Check for overlap in ignore files
         run: |-
           echo "Checking .gitignore vs .dockerignore vs MANIFEST.in"

.github/workflows/License Checker.yml

@@ -8,8 +8,8 @@ jobs:
   license-check:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
+      - uses: actions/checkout@v5
+      - uses: actions/setup-python@v6
         with:
           python-version: 3.11
       - run: pip install pip-licenses

.github/workflows/License Report.yml

@@ -12,9 +12,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.11'
       - name: Install pip-licenses

.github/workflows/Mark stale issues and pull requests.yml

@@ -10,7 +10,7 @@ jobs:
       issues: write
       pull-requests: write
     steps:
-      - uses: actions/stale@v9
+      - uses: actions/stale@v10
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           stale-issue-message: Stale issue message

.github/workflows/Python Build & Install Check.yml

@@ -7,8 +7,8 @@ jobs:
   python-build-test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
+      - uses: actions/checkout@v5
+      - uses: actions/setup-python@v6
         with:
           python-version: 3.x
       - name: Install Build Tools

.github/workflows/Python Matrix Test.yml

@@ -10,8 +10,8 @@ jobs:
       matrix:
         python-version: ['3.9', '3.10', '3.11', '3.12']
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
+      - uses: actions/checkout@v5
+      - uses: actions/setup-python@v6
         with:
           python-version: ${{ matrix.python-version }}
       - name: Install dependencies

.github/workflows/Python linting.yml

@@ -8,9 +8,9 @@ jobs:
       contents: read
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.13'
       - name: Install linters

.github/workflows/SBOM Generator.yml

@@ -8,8 +8,8 @@ jobs:
   generate-sbom:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
+      - uses: actions/checkout@v5
+      - uses: actions/setup-python@v6
         with:
           python-version: '3.11'
       - run: pip install cyclonedx-bom

.github/workflows/SLSA Provenance.yml

@@ -14,14 +14,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout source code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Download SBOM
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: sbom
           path: artifacts/
       - name: Download pip-audit report
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: pip-audit-report
           path: artifacts/

.github/workflows/Sbom Attestation.yml

@@ -6,7 +6,7 @@ jobs:
   attest:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - run: make sbom-py
       - run: make sbom-image
       - run: make audit

.github/workflows/Sbom Image Scan.yml

@@ -8,7 +8,7 @@ jobs:
   image-sbom:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - run: docker build -t stock-app:latest .
       - uses: anchore/sbom-action@v0
         with:

.github/workflows/Secret scanning.yml

@@ -15,7 +15,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Run TruffleHog on PR diff
         uses: trufflesecurity/trufflehog@main
         with:
@@ -30,7 +30,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Run TruffleHog on entire repo
         uses: trufflesecurity/trufflehog@main
         with:

.github/workflows/Static Analysis with Pylint.yml

@@ -8,9 +8,9 @@ jobs:
       contents: read
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.13'
       - name: Install dependencies

.github/workflows/Validate YAML & JSON.yml

@@ -7,7 +7,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Validate YAML
         uses: ibiqlik/action-yamllint@v3
       - name: Validate JSON

.github/workflows/Vulnerability Audit.yml

@@ -12,9 +12,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.11'
       - name: Install pip-audit