ci: bump actions/checkout from 4 to 5

Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

Author: dependabot[bot]

.github/workflows/backport.yml

@@ -30,7 +30,7 @@ jobs:
           permission-contents: write
           permission-pull-requests: write
 
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           token: ${{ steps.app-token.outputs.token }}
           ref: ${{ github.event.pull_request.head.sha }}

.github/workflows/flakehub-publish-rolling.yml

@@ -11,7 +11,7 @@ jobs:
       id-token: "write"
       contents: "read"
     steps:
-      - uses: "actions/checkout@v4"
+      - uses: "actions/checkout@v5"
       - uses: "DeterminateSystems/nix-installer-action@main"
       - uses: "DeterminateSystems/flakehub-push@main"
         with:

.github/workflows/pr-merged.yml

@@ -71,7 +71,7 @@ jobs:
       # This ensures we get the latest scripts, even if the PR's base was outdated.
       - name: Checkout base branch
         id: checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           sparse-checkout: |
             flake/dev/diff-plugins.py

.github/workflows/tag-maintainers.yml

@@ -36,7 +36,7 @@ jobs:
       # Checkout the code from the base branch.
       # This is a security measure for `pull_request_target` to run trusted code.
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ github.base_ref }}
 

.github/workflows/update-maintainers.yml

@@ -59,7 +59,7 @@ jobs:
           } >> "$GITHUB_OUTPUT"
 
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           token: ${{ steps.app-token.outputs.token || github.token }}
 

.github/workflows/update-other.yml

@@ -18,7 +18,7 @@ jobs:
       branches: ${{ steps.list-branches.outputs.result }}
     steps:
       - name: Checkout version-info
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           sparse-checkout: version-info.toml
           sparse-checkout-cone-mode: false

.github/workflows/update.yml

@@ -75,7 +75,7 @@ jobs:
           git config --global user.email "$email"
 
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           token: ${{ steps.app-token.outputs.token }}
 

.github/workflows/website.yml

@@ -23,7 +23,7 @@ jobs:
 
     steps:
       - name: Checkout version-info
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           sparse-checkout: version-info.toml
           sparse-checkout-cone-mode: false
@@ -91,7 +91,7 @@ jobs:
           authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
 
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ matrix.ref }}