From 7bf1077a2f8383bd71e9e439e88679d3a83fa24e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Aug 2025 10:00:15 +0200 Subject: [PATCH] build(deps): bump actions/checkout from 4 to 5 (#5908) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: https://github.com/actions/checkout/compare/v4...v5.0.0

v4.3.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v4...v4.3.0

v4.2.2

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v4.2.1...v4.2.2

v4.2.1

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/bundlers.yml | 2 +- .github/workflows/ci.yml | 6 +++--- .github/workflows/companion-deploy.yml | 6 +++--- .github/workflows/e2e.yml | 2 +- .github/workflows/lockfile_check.yml | 2 +- .github/workflows/manual-cdn.yml | 2 +- .github/workflows/release.yml | 4 ++-- 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/bundlers.yml b/.github/workflows/bundlers.yml index 46acdbfbf..5c2aaa471 100644 --- a/.github/workflows/bundlers.yml +++ b/.github/workflows/bundlers.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Get yarn cache directory path id: yarn-cache-dir-path run: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9da597daa..43a0fc8c1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -37,7 +37,7 @@ jobs: node-version: [lts/*] steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Get yarn cache directory path id: yarn-cache-dir-path run: @@ -74,7 +74,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Get yarn cache directory path id: yarn-cache-dir-path run: @@ -103,7 +103,7 @@ jobs: SKIP_YARN_COREPACK_CHECK: true steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Install Node.js uses: actions/setup-node@v4 diff --git a/.github/workflows/companion-deploy.yml b/.github/workflows/companion-deploy.yml index af9cc2960..fd08e232d 100644 --- a/.github/workflows/companion-deploy.yml +++ b/.github/workflows/companion-deploy.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set SHA commit in version run: (cd packages/@uppy/companion && node -e 'const @@ -46,7 +46,7 @@ jobs: COMPOSE_DOCKER_CLI_BUILD: 0 steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Docker meta id: docker_meta uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0 @@ -77,7 +77,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Alter dockerfile run: | sed -i 's/^EXPOSE 3020$/EXPOSE $PORT/g' Dockerfile diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index a3dc819bf..00b0dcc6c 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -36,7 +36,7 @@ jobs: diff: ${{ steps.diff.outputs.OUTPUT_DIFF }} steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 2 ref: ${{ github.event.pull_request && format('refs/pull/{0}/merge', github.event.pull_request.number) || github.sha }} diff --git a/.github/workflows/lockfile_check.yml b/.github/workflows/lockfile_check.yml index 3455c0f35..9334b8201 100644 --- a/.github/workflows/lockfile_check.yml +++ b/.github/workflows/lockfile_check.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Get yarn cache directory path id: yarn-cache-dir-path run: diff --git a/.github/workflows/manual-cdn.yml b/.github/workflows/manual-cdn.yml index b69815bf5..7c6ec3eb4 100644 --- a/.github/workflows/manual-cdn.yml +++ b/.github/workflows/manual-cdn.yml @@ -25,7 +25,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Get yarn cache directory path id: yarn-cache-dir-path run: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b56dee986..f96b793c8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: published: ${{ steps.changesets.outputs.published }} steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: fetch-depth: 2 @@ -90,7 +90,7 @@ jobs: COMPOSE_DOCKER_CLI_BUILD: 0 steps: - name: Checkout sources - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Docker meta id: docker_meta uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0