From 244973028909afafd45a99660af5cbe503e80b6f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Aug 2025 09:14:10 +0000 Subject: [PATCH] Bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/cicd-1-pull-request.yaml | 2 +- .../dispatch_internal_repo_workflow.yaml | 2 +- .../reusable_internal_repo_build.yaml | 2 +- .../scheduled-repository-template-sync.yaml | 4 ++-- .github/workflows/scorecard.yml | 2 +- .github/workflows/stage-1-commit.yaml | 22 +++++++++---------- .github/workflows/stage-2-test.yaml | 12 +++++----- .github/workflows/stage-4-acceptance.yaml | 2 +- 8 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/cicd-1-pull-request.yaml b/.github/workflows/cicd-1-pull-request.yaml index e655345f5..81a7bb4cf 100644 --- a/.github/workflows/cicd-1-pull-request.yaml +++ b/.github/workflows/cicd-1-pull-request.yaml @@ -24,7 +24,7 @@ jobs: does_pull_request_exist: ${{ steps.pr_exists.outputs.does_pull_request_exist }} steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Set CI/CD variables" id: variables run: | diff --git a/.github/workflows/dispatch_internal_repo_workflow.yaml b/.github/workflows/dispatch_internal_repo_workflow.yaml index 0a7bc1d06..32306c6c2 100644 --- a/.github/workflows/dispatch_internal_repo_workflow.yaml +++ b/.github/workflows/dispatch_internal_repo_workflow.yaml @@ -53,7 +53,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v5.0.0 - name: Trigger nhs-notify-internal workflow shell: bash diff --git a/.github/workflows/reusable_internal_repo_build.yaml b/.github/workflows/reusable_internal_repo_build.yaml index cb7636f75..c9a778dd3 100644 --- a/.github/workflows/reusable_internal_repo_build.yaml +++ b/.github/workflows/reusable_internal_repo_build.yaml @@ -42,7 +42,7 @@ jobs: contents: read steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v5.0.0 - name: Trigger nhs-notify-internal static environment workflow deployment shell: bash diff --git a/.github/workflows/scheduled-repository-template-sync.yaml b/.github/workflows/scheduled-repository-template-sync.yaml index cd4214e78..b8484e12a 100644 --- a/.github/workflows/scheduled-repository-template-sync.yaml +++ b/.github/workflows/scheduled-repository-template-sync.yaml @@ -16,10 +16,10 @@ jobs: steps: - name: Check out the repository - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: Check out external repository - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 with: repository: NHSDigital/nhs-notify-repository-template path: nhs-notify-repository-template diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 55cc16a80..16b448926 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -32,7 +32,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/stage-1-commit.yaml b/.github/workflows/stage-1-commit.yaml index 76337f318..94b99210e 100644 --- a/.github/workflows/stage-1-commit.yaml +++ b/.github/workflows/stage-1-commit.yaml @@ -39,7 +39,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 with: fetch-depth: 0 # Full history is needed to scan all commits - name: "Scan secrets" @@ -50,7 +50,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 with: fetch-depth: 0 # Full history is needed to compare branches - name: "Check file format" @@ -61,7 +61,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 with: fetch-depth: 0 # Full history is needed to compare branches - name: "Check Markdown format" @@ -75,7 +75,7 @@ jobs: contents: write steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 with: fetch-depth: 0 # Full history is needed to compare branches - name: "Check to see if Terraform Docs are up-to-date" @@ -96,7 +96,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 with: fetch-depth: 0 # Full history is needed to compare branches - name: "Check English usage" @@ -107,7 +107,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 with: fetch-depth: 0 # Full history is needed to compare branches - name: "Check TODO usage" @@ -119,7 +119,7 @@ jobs: terraform_changed: ${{ steps.check.outputs.terraform_changed }} steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Check for Terraform changes" id: check @@ -143,7 +143,7 @@ jobs: if: needs.detect-terraform-changes.outputs.terraform_changed == 'true' steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Lint Terraform" uses: ./.github/actions/lint-terraform trivy: @@ -154,7 +154,7 @@ jobs: if: needs.detect-terraform-changes.outputs.terraform_changed == 'true' steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Setup ASDF" uses: asdf-vm/actions/setup@v4 - name: "Perform Setup" @@ -170,7 +170,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Count lines of code" uses: ./.github/actions/create-lines-of-code-report with: @@ -189,7 +189,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Scan dependencies" uses: ./.github/actions/scan-dependencies with: diff --git a/.github/workflows/stage-2-test.yaml b/.github/workflows/stage-2-test.yaml index e4d5d7fda..0d0dbfa58 100644 --- a/.github/workflows/stage-2-test.yaml +++ b/.github/workflows/stage-2-test.yaml @@ -47,7 +47,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Repo setup" run: | npm ci @@ -61,7 +61,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Repo setup" run: | npm ci @@ -90,7 +90,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Repo setup" run: | npm ci @@ -106,7 +106,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Repo setup" run: | npm ci @@ -123,7 +123,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Run test coverage check" run: | make test-coverage @@ -140,7 +140,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 with: fetch-depth: 0 # Full history is needed to improving relevancy of reporting - name: "Download coverage report for SONAR" diff --git a/.github/workflows/stage-4-acceptance.yaml b/.github/workflows/stage-4-acceptance.yaml index 159e46400..c16eb0447 100644 --- a/.github/workflows/stage-4-acceptance.yaml +++ b/.github/workflows/stage-4-acceptance.yaml @@ -16,7 +16,7 @@ jobs: timeout-minutes: 3 steps: - name: "Checkout code" - uses: actions/checkout@v5 + uses: actions/checkout@v5.0.0 - name: "Get normalized branch name" id: normalize_branch_name uses: ./.github/actions/normalize-branch-name