From 69d251f063940f388831eed2b8d8fb7f60bb46ea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 29 Jan 2026 12:22:53 +0000 Subject: [PATCH] Bump actions/checkout from 5 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/CIS-Anchore-Grype.yml | 2 +- .github/workflows/CIS-Trivy-AquaSecurity.yml | 2 +- .github/workflows/DAST-ZAP-Zed-Attach-Proxy-Checkmarx.yml | 2 +- .github/workflows/IACS-AquaSecurity-tfsec.yml | 2 +- .github/workflows/IACS-Checkmarx-kics.yml | 2 +- .github/workflows/IACS-Microsoft-Security-DevOps.yml | 2 +- .github/workflows/MSDO-Microsoft-Security-DevOps.yml | 2 +- .github/workflows/SAST-GitHubAdvancedSecurity-CodeQL.yml | 2 +- .github/workflows/SAST-Kubesec.yml | 4 ++-- .github/workflows/SCA-Anchore-Syft-SBOM.yml | 2 +- .../workflows/SCA-GitHubAdvancedSecurity-DependencyReview.yml | 2 +- .github/workflows/SCA-Microsoft-SBOM.yml | 2 +- .github/workflows/SCA-OpenSSF-Scorecard.yml | 2 +- .github/workflows/ci.yml | 2 +- .github/workflows/cicd.yml | 4 ++-- .github/workflows/security-agent-workflow.yml | 2 +- 16 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/CIS-Anchore-Grype.yml b/.github/workflows/CIS-Anchore-Grype.yml index 33390bb..1be9f91 100644 --- a/.github/workflows/CIS-Anchore-Grype.yml +++ b/.github/workflows/CIS-Anchore-Grype.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Build an image from Dockerfile uses: docker/build-push-action@v6 diff --git a/.github/workflows/CIS-Trivy-AquaSecurity.yml b/.github/workflows/CIS-Trivy-AquaSecurity.yml index c4e84d3..073f04e 100644 --- a/.github/workflows/CIS-Trivy-AquaSecurity.yml +++ b/.github/workflows/CIS-Trivy-AquaSecurity.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Build an image from Dockerfile run: | diff --git a/.github/workflows/DAST-ZAP-Zed-Attach-Proxy-Checkmarx.yml b/.github/workflows/DAST-ZAP-Zed-Attach-Proxy-Checkmarx.yml index ad63ac4..1e22314 100644 --- a/.github/workflows/DAST-ZAP-Zed-Attach-Proxy-Checkmarx.yml +++ b/.github/workflows/DAST-ZAP-Zed-Attach-Proxy-Checkmarx.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 # build and start your application here # conditionally run the build step # assuming the application is a Docker container diff --git a/.github/workflows/IACS-AquaSecurity-tfsec.yml b/.github/workflows/IACS-AquaSecurity-tfsec.yml index 57102b8..34d2a63 100644 --- a/.github/workflows/IACS-AquaSecurity-tfsec.yml +++ b/.github/workflows/IACS-AquaSecurity-tfsec.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Run tfsec uses: aquasecurity/tfsec-sarif-action@v0.1.4 diff --git a/.github/workflows/IACS-Checkmarx-kics.yml b/.github/workflows/IACS-Checkmarx-kics.yml index 4a0dc83..1bc58f2 100644 --- a/.github/workflows/IACS-Checkmarx-kics.yml +++ b/.github/workflows/IACS-Checkmarx-kics.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Mkdir results-dir # make sure results dir is created diff --git a/.github/workflows/IACS-Microsoft-Security-DevOps.yml b/.github/workflows/IACS-Microsoft-Security-DevOps.yml index 2d97bb5..cdefe2d 100644 --- a/.github/workflows/IACS-Microsoft-Security-DevOps.yml +++ b/.github/workflows/IACS-Microsoft-Security-DevOps.yml @@ -40,7 +40,7 @@ jobs: # Windows and Linux agents are supported runs-on: windows-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Run Microsoft Security DevOps uses: microsoft/security-devops-action@v1.12.0 diff --git a/.github/workflows/MSDO-Microsoft-Security-DevOps.yml b/.github/workflows/MSDO-Microsoft-Security-DevOps.yml index ae11b9f..f027d84 100644 --- a/.github/workflows/MSDO-Microsoft-Security-DevOps.yml +++ b/.github/workflows/MSDO-Microsoft-Security-DevOps.yml @@ -28,7 +28,7 @@ jobs: # Windows and Linux agents are supported runs-on: windows-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Run Microsoft Security DevOps uses: microsoft/security-devops-action@v1.12.0 diff --git a/.github/workflows/SAST-GitHubAdvancedSecurity-CodeQL.yml b/.github/workflows/SAST-GitHubAdvancedSecurity-CodeQL.yml index 7b5584a..a0b68b1 100644 --- a/.github/workflows/SAST-GitHubAdvancedSecurity-CodeQL.yml +++ b/.github/workflows/SAST-GitHubAdvancedSecurity-CodeQL.yml @@ -48,7 +48,7 @@ jobs: # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages steps: - name: Checkout repository - uses: actions/checkout@v5 + uses: actions/checkout@v6 # Add any setup steps before running the `github/codeql-action/init` action. # This includes steps like installing compilers or runtimes (`actions/setup-node` diff --git a/.github/workflows/SAST-Kubesec.yml b/.github/workflows/SAST-Kubesec.yml index e427816..a4a2f4b 100644 --- a/.github/workflows/SAST-Kubesec.yml +++ b/.github/workflows/SAST-Kubesec.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Run kubesec scanner (critical-double.yaml) uses: controlplaneio/kubesec-action@43d0ddff5ffee89a6bb9f29b64cd865411137b14 @@ -61,7 +61,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Run kubesec scanner (score-5-pod-serviceaccount.yaml) uses: controlplaneio/kubesec-action@43d0ddff5ffee89a6bb9f29b64cd865411137b14 diff --git a/.github/workflows/SCA-Anchore-Syft-SBOM.yml b/.github/workflows/SCA-Anchore-Syft-SBOM.yml index 7cf2057..e0c4b9c 100644 --- a/.github/workflows/SCA-Anchore-Syft-SBOM.yml +++ b/.github/workflows/SCA-Anchore-Syft-SBOM.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Build the Docker image run: docker build ./src/webapp01 --file ./src/webapp01/Dockerfile --tag ${{ env.imageName }}:${{ env.tag }} diff --git a/.github/workflows/SCA-GitHubAdvancedSecurity-DependencyReview.yml b/.github/workflows/SCA-GitHubAdvancedSecurity-DependencyReview.yml index b42bea6..93e0690 100644 --- a/.github/workflows/SCA-GitHubAdvancedSecurity-DependencyReview.yml +++ b/.github/workflows/SCA-GitHubAdvancedSecurity-DependencyReview.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout repository' - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: 'Dependency Review' uses: actions/dependency-review-action@v4 # Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options. diff --git a/.github/workflows/SCA-Microsoft-SBOM.yml b/.github/workflows/SCA-Microsoft-SBOM.yml index 492f80c..0a1da17 100644 --- a/.github/workflows/SCA-Microsoft-SBOM.yml +++ b/.github/workflows/SCA-Microsoft-SBOM.yml @@ -19,7 +19,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Setup .NET Core uses: actions/setup-dotnet@v4 with: diff --git a/.github/workflows/SCA-OpenSSF-Scorecard.yml b/.github/workflows/SCA-OpenSSF-Scorecard.yml index 075e422..7dfa84f 100644 --- a/.github/workflows/SCA-OpenSSF-Scorecard.yml +++ b/.github/workflows/SCA-OpenSSF-Scorecard.yml @@ -34,7 +34,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ecaf0d8..6234d23 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,7 +24,7 @@ jobs: steps: # Checkout the repo - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 # Setup .NET Core SDK - name: Setup .NET Core diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 675e736..05c9a73 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -53,7 +53,7 @@ jobs: webapp_url: ${{ steps.deploy.outputs.webapp_url }} resource_group: ${{ steps.deploy.outputs.resource_group }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Azure Login uses: azure/login@v2 @@ -144,7 +144,7 @@ jobs: AZURE_WEBAPP_NAME: ${{ needs.deploy-infrastructure.outputs.webapp_name }} steps: # Checkout the repo - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 # Setup .NET Core SDK - name: Setup .NET Core diff --git a/.github/workflows/security-agent-workflow.yml b/.github/workflows/security-agent-workflow.yml index 54d6fcf..dea48e3 100644 --- a/.github/workflows/security-agent-workflow.yml +++ b/.github/workflows/security-agent-workflow.yml @@ -15,7 +15,7 @@ jobs: contents: read steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Node.js uses: actions/setup-node@v4