finsite · dependabot · Aug 18, 2025
diff --git a/.github/workflows/Apply Labels to Pull Request.yml b/.github/workflows/Apply Labels to Pull Request.yml
@@ -13,7 +13,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Apply Labels Based on PR Changes
         uses: actions/labeler@v5
         with:

diff --git a/.github/workflows/Attest-build-provenance.yml b/.github/workflows/Attest-build-provenance.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 📥 Checkout Source Code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: 🧾 Generate Provenance Attestation
         uses: slsa-framework/slsa-github-generator/actions/provenance@v1
         with:

diff --git a/.github/workflows/Auditwheel Compatibility.yml b/.github/workflows/Auditwheel Compatibility.yml
@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     container: quay.io/pypa/manylinux2014_x86_64
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - run: pip install build
       - run: python -m build
       - run: auditwheel show dist/*.whl
diff --git a/.github/workflows/Automated Version Bump and Changelog.yml b/.github/workflows/Automated Version Bump and Changelog.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
       - name: Set up Python

diff --git a/.github/workflows/Build and Push Docker Image.yml b/.github/workflows/Build and Push Docker Image.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 📥 Checkout Repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: 🔧 Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: 🔐 Log in to GitHub Container Registry

diff --git a/.github/workflows/Check Outdated Dependencies.yml b/.github/workflows/Check Outdated Dependencies.yml
@@ -9,7 +9,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-python@v5
         with:
           python-version: 3.x

diff --git a/.github/workflows/Cleanup Old Docker Images.yml b/.github/workflows/Cleanup Old Docker Images.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Extract repository short name
         id: extract
         run: echo "REPO_NAME=$(basename '${{ github.repository }}')" >> $GITHUB_ENV

diff --git a/.github/workflows/Code Coverage.yml b/.github/workflows/Code Coverage.yml
@@ -8,7 +8,7 @@ jobs:
   coverage:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-python@v5
         with:
           python-version: '3.11'

diff --git a/.github/workflows/CodeQL Analysis.yml b/.github/workflows/CodeQL Analysis.yml
@@ -16,7 +16,7 @@ jobs:
       matrix:
         language: [python]
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: github/codeql-action/init@v3
         with:
           languages: ${{ matrix.language }}

diff --git a/.github/workflows/Dependabot Dependency Updates.yml b/.github/workflows/Dependabot Dependency Updates.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
         uses: actions/setup-python@v5
         with:

diff --git a/.github/workflows/Dependency Check with Deptry.yml b/.github/workflows/Dependency Check with Deptry.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
         uses: actions/setup-python@v5
         with:

diff --git a/.github/workflows/Dependency Security Audit.yml b/.github/workflows/Dependency Security Audit.yml
@@ -7,7 +7,7 @@ jobs:
   dependency-security-audit:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-python@v5
         with:
           python-version: 3.x

diff --git a/.github/workflows/Deploy MkDocs to GitHub Pages.yml b/.github/workflows/Deploy MkDocs to GitHub Pages.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
         uses: actions/setup-python@v5
         with:

diff --git a/.github/workflows/GitHub Actions Cleanup.yml b/.github/workflows/GitHub Actions Cleanup.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Delete Old Workflow Runs (Older than 30 Days)
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

diff --git a/.github/workflows/GitHub Release & Artifact Upload.yml b/.github/workflows/GitHub Release & Artifact Upload.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout source code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Download SBOM
         uses: actions/download-artifact@v4
         with:

diff --git a/.github/workflows/GitHub Workflow Lint.yml b/.github/workflows/GitHub Workflow Lint.yml
@@ -5,7 +5,7 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0  # ✅ Fix for Super Linter SHA access
       - name: Super Linter

diff --git a/.github/workflows/Github Automated Releases.yml b/.github/workflows/Github Automated Releases.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
         uses: actions/setup-python@v5
         with:

diff --git a/.github/workflows/Ignore File Consistency Check.yml b/.github/workflows/Ignore File Consistency Check.yml
@@ -5,7 +5,7 @@ jobs:
   validate:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Check for overlap in ignore files
         run: |-
           echo "Checking .gitignore vs .dockerignore vs MANIFEST.in"

diff --git a/.github/workflows/License Checker.yml b/.github/workflows/License Checker.yml
@@ -8,7 +8,7 @@ jobs:
   license-check:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-python@v5
         with:
           python-version: 3.11

diff --git a/.github/workflows/License Report.yml b/.github/workflows/License Report.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
         uses: actions/setup-python@v5
         with:

diff --git a/.github/workflows/Python Build & Install Check.yml b/.github/workflows/Python Build & Install Check.yml
@@ -7,7 +7,7 @@ jobs:
   python-build-test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-python@v5
         with:
           python-version: 3.x

diff --git a/.github/workflows/Python Matrix Test.yml b/.github/workflows/Python Matrix Test.yml
@@ -10,7 +10,7 @@ jobs:
       matrix:
         python-version: ['3.9', '3.10', '3.11', '3.12']
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-python@v5
         with:
           python-version: ${{ matrix.python-version }}

diff --git a/.github/workflows/Python linting.yml b/.github/workflows/Python linting.yml
@@ -8,7 +8,7 @@ jobs:
       contents: read
     steps:
       - name: Checkout Code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
         uses: actions/setup-python@v5
         with:

diff --git a/.github/workflows/SBOM Generator.yml b/.github/workflows/SBOM Generator.yml
@@ -8,7 +8,7 @@ jobs:
   generate-sbom:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-python@v5
         with:
           python-version: '3.11'

diff --git a/.github/workflows/SLSA Provenance.yml b/.github/workflows/SLSA Provenance.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout source code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Download SBOM
         uses: actions/download-artifact@v4
         with:

diff --git a/.github/workflows/Sbom Attestation.yml b/.github/workflows/Sbom Attestation.yml
@@ -6,7 +6,7 @@ jobs:
   attest:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - run: make sbom-py
       - run: make sbom-image
       - run: make audit

diff --git a/.github/workflows/Sbom Image Scan.yml b/.github/workflows/Sbom Image Scan.yml
@@ -8,7 +8,7 @@ jobs:
   image-sbom:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - run: docker build -t stock-app:latest .
       - uses: anchore/sbom-action@v0
         with:

diff --git a/.github/workflows/Secret scanning.yml b/.github/workflows/Secret scanning.yml
@@ -15,7 +15,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Run TruffleHog on PR diff
         uses: trufflesecurity/trufflehog@main
         with:
@@ -30,7 +30,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Run TruffleHog on entire repo
         uses: trufflesecurity/trufflehog@main
         with:

diff --git a/.github/workflows/Static Analysis with Pylint.yml b/.github/workflows/Static Analysis with Pylint.yml
@@ -8,7 +8,7 @@ jobs:
       contents: read
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
         uses: actions/setup-python@v5
         with:

diff --git a/.github/workflows/Validate YAML & JSON.yml b/.github/workflows/Validate YAML & JSON.yml
@@ -7,7 +7,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Validate YAML
         uses: ibiqlik/action-yamllint@v3
       - name: Validate JSON

diff --git a/.github/workflows/Vulnerability Audit.yml b/.github/workflows/Vulnerability Audit.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Set up Python
         uses: actions/setup-python@v5
         with:

diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml
@@ -27,7 +27,7 @@ jobs:
       actions: read  # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Bandit Scan
         uses: shundor/python-bandit-scan@ab1d87dfccc5a0ffab88be3aaac6ffe35c10d6cd
         with:  # optional arguments

diff --git a/.github/workflows/metadata-check.yml b/.github/workflows/metadata-check.yml
@@ -5,7 +5,7 @@ jobs:
   validate:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-python@v5
         with:
           python-version: '3.11'