chore(deps): Bump actions/checkout from 3 to 6 #138
Conversation
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
Code Review Summary✨ This pull request represents a valuable maintenance effort by updating all instances of the 🚀 Key Improvements
💡 Minor Suggestions
|
![sourceant[bot]](https://avatars.githubusercontent.com/in/1161781?s=60&v=4){kind=small}
|
|
||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 |
There was a problem hiding this comment.
Keeping GitHub Actions up-to-date, such as actions/checkout to v6, is crucial for security, stability, and access to the latest features. This ensures that the repository checkout process is robust and secure.
| uses: actions/checkout@v4 | |
| uses: actions/checkout@v6 |
|
|
||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 |
There was a problem hiding this comment.
Consistently using the latest actions/checkout@v6 across all jobs in your workflows is a good practice. It minimizes potential vulnerabilities and ensures a uniform, up-to-date environment for each step.
| uses: actions/checkout@v4 | |
| uses: actions/checkout@v6 |
|
|
||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 |
There was a problem hiding this comment.
Maintaining up-to-date versions of GitHub Actions, like this update to actions/checkout@v6, directly contributes to the security and reliability of your build process. This is a beneficial change.
| uses: actions/checkout@v4 | |
| uses: actions/checkout@v6 |
|
|
||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 |
There was a problem hiding this comment.
This update to actions/checkout@v6 in the distribute job aligns with the other updates and further strengthens the overall security and stability of your CI/CD pipeline.
| uses: actions/checkout@v4 | |
| uses: actions/checkout@v6 |
| # deploy-firebase: | ||
| # name: Deploy to Firebase | ||
| # runs-on: ubuntu-latest | ||
| # needs: build-android |
There was a problem hiding this comment.
Even in commented-out or inactive job definitions, updating action versions like actions/checkout to v6 is a good practice. It ensures that if this job is ever re-activated, it will immediately benefit from the latest improvements and security patches without requiring further updates.
| @@ -118,7 +118,7 @@ jobs: | |
| # uses: actions/checkout@v6 |
| validate: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v3 |
There was a problem hiding this comment.
Upgrading actions/checkout from v3 to v6 in the commits.yml workflow is an excellent security enhancement. Newer versions often include crucial bug fixes and security improvements, making your commit message validation process more robust.
| - uses: actions/checkout@v3 | |
| - uses: actions/checkout@v6 |
| # timeout-minutes: 20 | ||
| # steps: | ||
| # - name: Checkout | ||
| # uses: actions/checkout@v4 |
There was a problem hiding this comment.
Updating actions/checkout to v6 in this commented-out build_ios job is a proactive step. If the iOS build is enabled in the future, it will use a secure and up-to-date action by default.
| # uses: actions/checkout@v4 | |
| # uses: actions/checkout@v6 |
| runs-on: ubuntu-latest | ||
| timeout-minutes: 20 | ||
| steps: | ||
| - name: Checkout |
There was a problem hiding this comment.
This update to actions/checkout@v6 for the Android build process ensures consistency and leverages the latest features and security enhancements for checking out the repository code.
| - name: Checkout | |
| uses: actions/checkout@v6 |
Bumps actions/checkout from 3 to 6.
Release notes
Sourced from actions/checkout's releases.
... (truncated)
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
1af3b93update readme/changelog for v6 (#2311)71cf226v6-beta (#2298)069c695Persist creds to a separate file (#2286)ff7abcdUpdate README to include Node.js 24 support details and requirements (#2248)08c6903Prepare v5.0.0 release (#2238)9f26565Update actions checkout to use node 24 (#2226)08eba0bPrepare release v4.3.0 (#2237)631c7dcUpdate package dependencies (#2236)8edcb1bUpdate CODEOWNERS for actions (#2224)09d2acaUpdate README.md (#2194)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)