From b75883f6b9e2ee2b670da6015b04e4ffaac298d7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 17 Jun 2026 22:16:55 +0000 Subject: [PATCH] chore(deps): update github actions --- .github/workflows/_audit.yml | 2 +- .github/workflows/_codeql.yml | 8 ++++---- .github/workflows/_lint.yml | 2 +- .github/workflows/_package-publish.yml | 2 +- .github/workflows/_scheduled-audit.yml | 2 +- .github/workflows/_scheduled-test-daily.yml | 2 +- .github/workflows/_scheduled-test-hourly.yml | 2 +- .github/workflows/_test.yml | 2 +- .github/workflows/bump.yml | 2 +- .github/workflows/check-action-pins.yml | 4 ++-- .github/workflows/claude-code-automation-pr-review.yml | 4 ++-- .github/workflows/git-conventions.yml | 4 ++-- .github/workflows/labels-sync.yml | 2 +- .github/workflows/mise-lock-sync.yml | 2 +- 14 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/_audit.yml b/.github/workflows/_audit.yml index 5a3d257..b146156 100644 --- a/.github/workflows/_audit.yml +++ b/.github/workflows/_audit.yml @@ -12,7 +12,7 @@ jobs: packages: read steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 diff --git a/.github/workflows/_codeql.yml b/.github/workflows/_codeql.yml index 6d73f88..35c6dee 100644 --- a/.github/workflows/_codeql.yml +++ b/.github/workflows/_codeql.yml @@ -40,7 +40,7 @@ jobs: # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # Add any setup steps before running the `github/codeql-action/init` action. # This includes steps like installing compilers or runtimes (`actions/setup-node` @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/init@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -77,9 +77,9 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). # If this step fails, then you should remove it and run the build manually - name: Autobuild - uses: github/codeql-action/autobuild@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/autobuild@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/analyze@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/_lint.yml b/.github/workflows/_lint.yml index 4737e6e..bb4c161 100644 --- a/.github/workflows/_lint.yml +++ b/.github/workflows/_lint.yml @@ -12,7 +12,7 @@ jobs: packages: read steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 diff --git a/.github/workflows/_package-publish.yml b/.github/workflows/_package-publish.yml index 54af4e1..65454b9 100644 --- a/.github/workflows/_package-publish.yml +++ b/.github/workflows/_package-publish.yml @@ -18,7 +18,7 @@ jobs: id-token: write steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 diff --git a/.github/workflows/_scheduled-audit.yml b/.github/workflows/_scheduled-audit.yml index 0fc772b..27d5618 100644 --- a/.github/workflows/_scheduled-audit.yml +++ b/.github/workflows/_scheduled-audit.yml @@ -14,7 +14,7 @@ jobs: id-token: write steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 diff --git a/.github/workflows/_scheduled-test-daily.yml b/.github/workflows/_scheduled-test-daily.yml index 918e3ca..1d4775d 100644 --- a/.github/workflows/_scheduled-test-daily.yml +++ b/.github/workflows/_scheduled-test-daily.yml @@ -25,7 +25,7 @@ jobs: packages: write steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 diff --git a/.github/workflows/_scheduled-test-hourly.yml b/.github/workflows/_scheduled-test-hourly.yml index 1f7a9c8..4b0e278 100644 --- a/.github/workflows/_scheduled-test-hourly.yml +++ b/.github/workflows/_scheduled-test-hourly.yml @@ -24,7 +24,7 @@ jobs: id-token: write steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: ref: ${{ inputs.branch || github.ref }} fetch-depth: 0 diff --git a/.github/workflows/_test.yml b/.github/workflows/_test.yml index f23a4ea..9f57825 100644 --- a/.github/workflows/_test.yml +++ b/.github/workflows/_test.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 diff --git a/.github/workflows/bump.yml b/.github/workflows/bump.yml index 861c44a..2c18578 100644 --- a/.github/workflows/bump.yml +++ b/.github/workflows/bump.yml @@ -25,7 +25,7 @@ jobs: private-key: ${{ secrets.RELEASE_BOT_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ steps.app-token.outputs.token }} fetch-depth: 0 diff --git a/.github/workflows/check-action-pins.yml b/.github/workflows/check-action-pins.yml index b032292..0af4b95 100644 --- a/.github/workflows/check-action-pins.yml +++ b/.github/workflows/check-action-pins.yml @@ -15,10 +15,10 @@ jobs: pull-requests: write steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Check action pins - uses: suzuki-shunsuke/pinact-action@cf51507d80d4d6522a07348e3d58790290eaf0b6 # v2.0.0 + uses: suzuki-shunsuke/pinact-action@896d595f299e71d65b9d28349d6956abe144390a # v3.0.0 with: review: "true" skip_push: "true" diff --git a/.github/workflows/claude-code-automation-pr-review.yml b/.github/workflows/claude-code-automation-pr-review.yml index 649cc08..0657367 100644 --- a/.github/workflows/claude-code-automation-pr-review.yml +++ b/.github/workflows/claude-code-automation-pr-review.yml @@ -19,12 +19,12 @@ jobs: id-token: write steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 - name: Run Claude Code PR Review - uses: anthropics/claude-code-action@787c5a0ce96a9a6cfb050ea0c8f4c05f2447c251 # v1.0.133 + uses: anthropics/claude-code-action@70a6e5256e9e2366a1ed5c041904a982ba3a328f # v1.0.135 with: anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }} track_progress: ${{ github.event_name == 'pull_request' && contains(fromJSON('["opened", "synchronize", "ready_for_review", "reopened"]'), github.event.action) }} diff --git a/.github/workflows/git-conventions.yml b/.github/workflows/git-conventions.yml index e96a16d..9cd3387 100644 --- a/.github/workflows/git-conventions.yml +++ b/.github/workflows/git-conventions.yml @@ -56,7 +56,7 @@ jobs: name: Validate PR Title steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 @@ -83,7 +83,7 @@ jobs: name: Validate Commits steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 diff --git a/.github/workflows/labels-sync.yml b/.github/workflows/labels-sync.yml index 0bd28d8..0336feb 100644 --- a/.github/workflows/labels-sync.yml +++ b/.github/workflows/labels-sync.yml @@ -19,7 +19,7 @@ jobs: pull-requests: write steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 diff --git a/.github/workflows/mise-lock-sync.yml b/.github/workflows/mise-lock-sync.yml index 7fabe2d..b82ee28 100644 --- a/.github/workflows/mise-lock-sync.yml +++ b/.github/workflows/mise-lock-sync.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: ref: ${{ github.head_ref }}