From 4f074f366660887672885a5f29fe28d13970e193 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 21 Jan 2026 08:47:04 +0000 Subject: [PATCH 1/2] chore(deps): bump actions/checkout from 4 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/api-review-reusable.yml | 4 ++-- .github/workflows/pr_validation.yml | 4 ++-- .github/workflows/spectral-oas.yml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/api-review-reusable.yml b/.github/workflows/api-review-reusable.yml index 346f742..929694d 100644 --- a/.github/workflows/api-review-reusable.yml +++ b/.github/workflows/api-review-reusable.yml @@ -122,14 +122,14 @@ jobs: echo "Validator: ${{ needs.validate-commonalities-version.outputs.validator_script }}" - name: Checkout Workflow Repository (Tooling) - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: ${{ inputs.tooling_repository }} path: review-tools token: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Target Repository PR - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: ${{ inputs.pr_head_repo }} ref: ${{ inputs.pr_head_sha }} diff --git a/.github/workflows/pr_validation.yml b/.github/workflows/pr_validation.yml index 195e1e6..de5f386 100644 --- a/.github/workflows/pr_validation.yml +++ b/.github/workflows/pr_validation.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v5 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v5 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 @@ -170,7 +170,7 @@ jobs: - name: Checkout linting config if: steps.changes.outputs.release_plan_any_changed != 'true' || steps.validate.outputs.valid == 'true' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v5 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v5 with: repository: camaraproject/tooling path: lint-config diff --git a/.github/workflows/spectral-oas.yml b/.github/workflows/spectral-oas.yml index 733a42d..6ae424a 100644 --- a/.github/workflows/spectral-oas.yml +++ b/.github/workflows/spectral-oas.yml @@ -18,11 +18,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} - name: Checkout linting config - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: camaraproject/tooling path: lint-config From ac27d4aca3a5783bd079d52f5ad9e52f37eae0b4 Mon Sep 17 00:00:00 2001 From: Herbert Damker Date: Tue, 27 Jan 2026 12:45:49 +0100 Subject: [PATCH 2/2] Apply suggestions from code review --- .github/workflows/pr_validation.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr_validation.yml b/.github/workflows/pr_validation.yml index de5f386..d62b05d 100644 --- a/.github/workflows/pr_validation.yml +++ b/.github/workflows/pr_validation.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v5 + uses: actions/checkout@v6 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 @@ -170,7 +170,7 @@ jobs: - name: Checkout linting config if: steps.changes.outputs.release_plan_any_changed != 'true' || steps.validate.outputs.valid == 'true' - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v5 + uses: actions/checkout@v6 with: repository: camaraproject/tooling path: lint-config