chore(deps): bump actions/checkout from 4 to 6#15
Conversation
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
|
Triage note (2026-05-17): actions/checkout v4 → v6 spans two majors. v5 dropped Node 16; v6 has API changes around |
|
Triage update (2026-05-18): the other 3 major bumps (#11/#19/#28) merged today; this one (#15, actions/checkout v4→v6) is the last remaining major. Keeping it separate because checkout is used in every workflow (validate matrix, security, docs, dependabot-auto-merge) — highest blast radius of the four. The v6 release also includes "Persist creds to a separate file" which is a behavior change worth a careful read. Plus Node 24 requirement (forced by GitHub June 2, 2026 anyway). Suggest manual review + targeted test rather than bulk admin-merge. |
|
Closing in favor of a fresh signed PR with the same bump. Dependabot rebase didn't re-trigger CI here (only March 2026 runs visible), making the standard admin-merge path hard. The replacement will be opened immediately. |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Replaces Dependabot #15 (closed) which couldn't get a fresh CI run after rebase. Same change: bump 6 invocations of actions/checkout across the 3 workflows that use it. The v4→v6 delta is essentially the Node 24 runtime bump (which becomes mandatory on June 2, 2026 anyway) plus an internal "persist creds to a separate file" improvement. No API changes that affect our usage patterns (plain checkout, fetch-depth=0, ref pinning for the docs auto-commit).
Bumps actions/checkout from 4 to 6.
Release notes
Sourced from actions/checkout's releases.
... (truncated)
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
de0fac2Fix tag handling: preserve annotations and explicit fetch-tags (#2356)064fe7fAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...8e8c483Clarify v6 README (#2328)033fa0dAdd worktree support for persist-credentials includeIf (#2327)c2d88d3Update all references from v5 and v4 to v6 (#2314)1af3b93update readme/changelog for v6 (#2311)71cf226v6-beta (#2298)069c695Persist creds to a separate file (#2286)ff7abcdUpdate README to include Node.js 24 support details and requirements (#2248)08c6903Prepare v5.0.0 release (#2238)You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)