Skip to content

chore(deps): bump actions/checkout from 6 to 7#102

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/checkout-7
Open

chore(deps): bump actions/checkout from 6 to 7#102
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/checkout-7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/checkout from 6 to 7.

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

v6.0.2

What's Changed

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: actions/checkout@v6...v6.0.1

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 22, 2026
@cursor

cursor Bot commented Jun 22, 2026

Copy link
Copy Markdown

PR Summary

Low Risk
CI-only dependency bump with no application code changes; v7 adds stricter behavior for fork PRs on pull_request_target/workflow_run, which these workflows do not rely on for checkout.

Overview
Bumps actions/checkout from v6 to v7 on every workflow that checks out the repo: CI (lint, test, security, Docker build), deploy, security (scheduled), smoke-tests, and Bazel RBE.

In .github/workflows/bazel-rbe.yml, the step moves from a v6.0.2 commit pin to 9c091bb… (v7.0.0); the other workflows use the @v7 tag.

Reviewed by Cursor Bugbot for commit 5176b0e. Bugbot is set up for automated code reviews on this repo. Configure here.

Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](actions/checkout@v6...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/checkout-7 branch from 5176b0e to 8a6dcb8 Compare July 6, 2026 18:35
@cursor

cursor Bot commented Jul 6, 2026

Copy link
Copy Markdown

Bugbot needs on-demand usage enabled

Bugbot uses usage-based billing for this team and requires on-demand usage to be enabled.

A team admin can enable on-demand usage in the Cursor dashboard.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants