Skip to content

chore(deps): bump actions/checkout from 4 to 6#77

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/checkout-6
Closed

chore(deps): bump actions/checkout from 4 to 6#77
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/checkout-6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 25, 2026

Copy link
Copy Markdown

Bumps actions/checkout from 4 to 6.

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

... (truncated)

Commits
  • df4cb1c Update changelog for v6.0.3 (#2446)
  • 1cce339 Fix checkout init for SHA-256 repositories (#2439)
  • 900f221 fix: expand merge commit SHA regex and add SHA-256 test cases (#2414)
  • 0c366fd Update changelog (#2357)
  • de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
  • 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
  • 8e8c483 Clarify v6 README (#2328)
  • 033fa0d Add worktree support for persist-credentials includeIf (#2327)
  • c2d88d3 Update all references from v5 and v4 to v6 (#2314)
  • 1af3b93 update readme/changelog for v6 (#2311)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 25, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/checkout-6 branch from c09f27e to 5ac2731 Compare June 7, 2026 10:26
@blue4209211

Copy link
Copy Markdown
Contributor

@dependabot rebase

Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/checkout-6 branch from 5ac2731 to d25fdb7 Compare June 7, 2026 11:05
@blue4209211

Copy link
Copy Markdown
Contributor

Superseded by #96 (consolidated Tier 1 + Tier 2 dep bumps).

@blue4209211 blue4209211 closed this Jun 7, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 7, 2026

Copy link
Copy Markdown
Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/github_actions/actions/checkout-6 branch June 7, 2026 11:10
blue4209211 added a commit that referenced this pull request Jun 7, 2026
* chore(deps): consolidated bumps — cobra, asciigraph, 4 GitHub Actions

Supersedes Dependabot PRs #77, #79, #80, #81, #82, #83.

Go modules:
- github.com/spf13/cobra            1.10.1 -> 1.10.2  (patch; yaml dep cleanup)
- github.com/guptarohit/asciigraph   0.7.3 -> 0.9.0   (minor; only basic Plot API used)

GitHub Actions (runtime / artifact-version bumps):
- actions/checkout                v4 -> v6
- golangci/golangci-lint-action   v8 -> v9
- actions/upload-artifact         v4 -> v7   (must pair with download-artifact)
- actions/download-artifact       v4 -> v8   (manifest format changed; paired with upload)

The artifact actions move together because v4 and v5+ use different
manifest backends — mixing breaks artifact transfer between the
build and release jobs.

Verified locally: `make test` green across all packages with the new
deps. Workflow changes affect CI/release only; verified by yaml diff.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

* chore(deps): bump github.com/charmbracelet/glamour to v1.0.0

Major-version bump, used in `nbctl nubi` for terminal markdown rendering.

Supersedes Dependabot PR #85.

Verified locally:
- The three APIs nbctl uses are unchanged in v1.0.0:
  - glamour.NewTermRenderer(...)
  - glamour.WithStandardStyle("dark")
  - glamour.WithWordWrap(120)
- `make test` green across all packages
- Live render smoke test: heading styling, italic, bold, bullet list,
  and Go code-block syntax highlighting all render correctly

Transitive bumps from go mod tidy:
- github.com/alecthomas/chroma/v2 v2.14.0 -> v2.20.0
- github.com/charmbracelet/x/ansi v0.8.0 -> v0.10.2
- github.com/dlclark/regexp2 v1.11.0 -> v1.11.5
- github.com/lucasb-eyer/go-colorful v1.2.0 -> v1.3.0
- github.com/mattn/go-runewidth v0.0.16 -> v0.0.17
- github.com/yuin/goldmark v1.7.8 -> v1.7.13
- github.com/yuin/goldmark-emoji v1.0.5 -> v1.0.6
- golang.org/x/term v0.35.0 -> v0.36.0
- golang.org/x/text v0.29.0 -> v0.30.0

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
blue4209211 added a commit that referenced this pull request Jun 28, 2026
Supersedes Dependabot PRs #77, #79, #80, #81, #82, #83.

Go modules:
- github.com/spf13/cobra            1.10.1 -> 1.10.2  (patch; yaml dep cleanup)
- github.com/guptarohit/asciigraph   0.7.3 -> 0.9.0   (minor; only basic Plot API used)

GitHub Actions (runtime / artifact-version bumps):
- actions/checkout                v4 -> v6
- golangci/golangci-lint-action   v8 -> v9
- actions/upload-artifact         v4 -> v7   (must pair with download-artifact)
- actions/download-artifact       v4 -> v8   (manifest format changed; paired with upload)

The artifact actions move together because v4 and v5+ use different
manifest backends — mixing breaks artifact transfer between the
build and release jobs.

Verified locally: `make test` green across all packages with the new
deps. Workflow changes affect CI/release only; verified by yaml diff.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
blue4209211 added a commit that referenced this pull request Jun 28, 2026
Supersedes Dependabot PRs #77, #79, #80, #81, #82, #83.

Go modules:
- github.com/spf13/cobra            1.10.1 -> 1.10.2  (patch; yaml dep cleanup)
- github.com/guptarohit/asciigraph   0.7.3 -> 0.9.0   (minor; only basic Plot API used)

GitHub Actions (runtime / artifact-version bumps):
- actions/checkout                v4 -> v6
- golangci/golangci-lint-action   v8 -> v9
- actions/upload-artifact         v4 -> v7   (must pair with download-artifact)
- actions/download-artifact       v4 -> v8   (manifest format changed; paired with upload)

The artifact actions move together because v4 and v5+ use different
manifest backends — mixing breaks artifact transfer between the
build and release jobs.

Verified locally: `make test` green across all packages with the new
deps. Workflow changes affect CI/release only; verified by yaml diff.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant