From 44f46b1656d71464e592451850aafde67c747f73 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Aug 2025 10:01:09 -0700 Subject: [PATCH] Bump actions/checkout from 4.2.2 to 5.0.0 (#6437) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Rajkumar Rangaraj --- .github/workflows/Component.BuildTest.yml | 2 +- .github/workflows/add-labels.yml | 4 ++-- .github/workflows/ci.yml | 6 +++--- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/concurrency-tests.yml | 2 +- .github/workflows/docfx.yml | 2 +- .github/workflows/dotnet-format.yml | 4 ++-- .github/workflows/fossa.yml | 2 +- .github/workflows/markdownlint.yml | 2 +- .github/workflows/ossf-scorecard.yml | 2 +- .github/workflows/package-validation.yml | 4 ++-- .github/workflows/post-release.yml | 4 ++-- .github/workflows/prepare-release.yml | 10 +++++----- .github/workflows/publish-packages-1.0.yml | 4 ++-- .github/workflows/sanitycheck.yml | 4 ++-- .github/workflows/verifyaotcompat.yml | 2 +- 16 files changed, 28 insertions(+), 28 deletions(-) diff --git a/.github/workflows/Component.BuildTest.yml b/.github/workflows/Component.BuildTest.yml index f05beaa40..41a655b11 100644 --- a/.github/workflows/Component.BuildTest.yml +++ b/.github/workflows/Component.BuildTest.yml @@ -49,7 +49,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit. MinVer needs to find # the version tag which is typically NOT on the first commit so we diff --git a/.github/workflows/add-labels.yml b/.github/workflows/add-labels.yml index a97697834..10e1db4c0 100644 --- a/.github/workflows/add-labels.yml +++ b/.github/workflows/add-labels.yml @@ -19,7 +19,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Add labels for package found in bug issue descriptions shell: pwsh @@ -42,7 +42,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ github.event.repository.default_branch }} # Note: Do not run on the PR branch we want to execute add-labels.psm1 from main on the base repo only because pull_request_target can see secrets diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e3a3ed30f..ad773040c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,7 +21,7 @@ jobs: outputs: changes: ${{ steps.changes.outputs.changes }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - uses: AurorNZ/paths-filter@3b1f3abc3371cca888d8eb03dfa70bc8a9867629 # v4.0.0 id: changes with: @@ -116,7 +116,7 @@ jobs: matrix: version: [ net8.0, net9.0 ] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Run OTLP Exporter docker compose run: docker compose --file=test/OpenTelemetry.Exporter.OpenTelemetryProtocol.Tests/IntegrationTest/docker-compose.yml --file=build/docker-compose.${{ matrix.version }}.yml --project-directory=. up --exit-code-from=tests --build @@ -134,7 +134,7 @@ jobs: matrix: version: [ net8.0, net9.0 ] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Run W3C Trace Context docker compose run: docker compose --file=test/OpenTelemetry.Instrumentation.W3cTraceContext.Tests/docker-compose.yml --file=build/docker-compose.${{ matrix.version }}.yml --project-directory=. up --exit-code-from=tests --build diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 4f4c6d0d8..ab9adb279 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -34,7 +34,7 @@ jobs: disk-root: "D:" - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: filter: 'tree:0' persist-credentials: false diff --git a/.github/workflows/concurrency-tests.yml b/.github/workflows/concurrency-tests.yml index c0c15e296..5a254e8f7 100644 --- a/.github/workflows/concurrency-tests.yml +++ b/.github/workflows/concurrency-tests.yml @@ -20,7 +20,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup dotnet uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1 diff --git a/.github/workflows/docfx.yml b/.github/workflows/docfx.yml index 3a622cb5c..16eeb9185 100644 --- a/.github/workflows/docfx.yml +++ b/.github/workflows/docfx.yml @@ -14,7 +14,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup dotnet uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1 diff --git a/.github/workflows/dotnet-format.yml b/.github/workflows/dotnet-format.yml index 51910ee49..a2cdfb90f 100644 --- a/.github/workflows/dotnet-format.yml +++ b/.github/workflows/dotnet-format.yml @@ -14,7 +14,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup dotnet uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1 @@ -32,7 +32,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup dotnet uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1 diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml index 86b1a94e1..f86b5a993 100644 --- a/.github/workflows/fossa.yml +++ b/.github/workflows/fossa.yml @@ -12,7 +12,7 @@ jobs: fossa: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - uses: fossas/fossa-action@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac # v1.7.0 with: diff --git a/.github/workflows/markdownlint.yml b/.github/workflows/markdownlint.yml index 4a9329648..49b360c73 100644 --- a/.github/workflows/markdownlint.yml +++ b/.github/workflows/markdownlint.yml @@ -14,7 +14,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: run markdownlint uses: DavidAnson/markdownlint-cli2-action@992badcdf24e3b8eb7e87ff9287fe931bcb00c6e # v20.0.0 diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index bd4741726..a8558d08f 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -19,7 +19,7 @@ jobs: # Needed for GitHub OIDC token if publish_results is true id-token: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/package-validation.yml b/.github/workflows/package-validation.yml index 72cdf2d1d..5d357080b 100644 --- a/.github/workflows/package-validation.yml +++ b/.github/workflows/package-validation.yml @@ -13,7 +13,7 @@ jobs: runs-on: windows-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit. MinVer needs to find # the version tag which is typically NOT on the first commit so we @@ -37,7 +37,7 @@ jobs: runs-on: windows-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit. MinVer needs to find # the version tag which is typically NOT on the first commit so we diff --git a/.github/workflows/post-release.yml b/.github/workflows/post-release.yml index 6c433a8ab..e7529904f 100644 --- a/.github/workflows/post-release.yml +++ b/.github/workflows/post-release.yml @@ -44,7 +44,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} ref: ${{ github.event.repository.default_branch }} @@ -78,7 +78,7 @@ jobs: GH_TOKEN: ${{ secrets[needs.automation.outputs.token-secret-name] }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit. We need all the tags # for this work. diff --git a/.github/workflows/prepare-release.yml b/.github/workflows/prepare-release.yml index edc7599c8..a69d7c4ef 100644 --- a/.github/workflows/prepare-release.yml +++ b/.github/workflows/prepare-release.yml @@ -43,7 +43,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} @@ -79,7 +79,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} @@ -113,7 +113,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit which fails the git tag operation below fetch-depth: 0 @@ -152,7 +152,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit which fails the git tag operation below fetch-depth: 0 @@ -191,7 +191,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit which fails the git tag operation below fetch-depth: 0 diff --git a/.github/workflows/publish-packages-1.0.yml b/.github/workflows/publish-packages-1.0.yml index 88a449731..d3408b8d1 100644 --- a/.github/workflows/publish-packages-1.0.yml +++ b/.github/workflows/publish-packages-1.0.yml @@ -38,7 +38,7 @@ jobs: artifact-id: ${{ steps.upload-artifacts.outputs.artifact-id }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Note: By default GitHub only fetches 1 commit. MinVer needs to find # the version tag which is typically NOT on the first commit so we @@ -107,7 +107,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: token: ${{ secrets[needs.automation.outputs.token-secret-name] }} diff --git a/.github/workflows/sanitycheck.yml b/.github/workflows/sanitycheck.yml index 4168be8b8..baf1edae1 100644 --- a/.github/workflows/sanitycheck.yml +++ b/.github/workflows/sanitycheck.yml @@ -14,7 +14,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: install misspell run: | @@ -29,7 +29,7 @@ jobs: steps: - name: check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: detect non-ASCII encoding and trailing space run: python3 ./build/scripts/sanitycheck.py diff --git a/.github/workflows/verifyaotcompat.yml b/.github/workflows/verifyaotcompat.yml index 6da2b0f4d..978dcaea3 100644 --- a/.github/workflows/verifyaotcompat.yml +++ b/.github/workflows/verifyaotcompat.yml @@ -19,7 +19,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Setup dotnet uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1