From bcf965eea508c4f26513bbfe6003db00666dc20d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Jul 2026 16:39:04 +0000 Subject: [PATCH] build(deps): bump the all-actions group across 1 directory with 2 updates Bumps the all-actions group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action). Updates `actions/checkout` from 6.0.3 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v6.0.3...v7.0.0) Updates `docker/setup-qemu-action` from 4 to 4.1.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v4...v4.1.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: docker/setup-qemu-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-publish.yml | 6 ++-- .github/workflows/ci.yml | 34 +++++++++---------- .github/workflows/contract-validate.yml | 2 +- .github/workflows/crac-train.yml | 2 +- .github/workflows/migration-guard.yml | 2 +- .github/workflows/prod-smoke.yml | 2 +- .github/workflows/system-tests.yml | 4 +-- .../workflows/vault-bootstrap-validate.yml | 2 +- 8 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index db3ab007..dba501b6 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -46,7 +46,7 @@ jobs: matrix: ${{ steps.compute.outputs.matrix }} has-matrix: ${{ steps.compute.outputs.has-matrix }} steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 with: fetch-depth: 2 - uses: dorny/paths-filter@v4.0.1 @@ -173,13 +173,13 @@ jobs: matrix: service: ${{ fromJson(needs.detect-changes.outputs.matrix) }} steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - name: Set image prefix (lowercase) run: echo "IMAGE_PREFIX=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_ENV" # QEMU is only needed when a service builds for a non-runner arch # (the UIs build linux/arm64 alongside amd64). No-op for the # amd64-only JVM services. - - uses: docker/setup-qemu-action@v4 + - uses: docker/setup-qemu-action@v4.1.0 - uses: docker/setup-buildx-action@v4 - uses: docker/login-action@v4.2.0 with: diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ce720d03..d0af9a54 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -42,7 +42,7 @@ jobs: test-kotlin-integration-matrix: ${{ steps.matrix.outputs.test-kotlin-integration }} verify-coverage-matrix: ${{ steps.matrix.outputs.verify-coverage }} steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: dorny/paths-filter@v4.0.1 id: filter with: @@ -193,7 +193,7 @@ jobs: matrix: include: ${{ fromJson(needs.detect-changes.outputs.lint-kotlin-matrix) }} steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-java-gradle with: java-version: ${{ env.JAVA_VERSION }} @@ -205,7 +205,7 @@ jobs: if: needs.detect-changes.outputs.any-frontend == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-node-pnpm with: node-version: ${{ env.NODE_VERSION }} @@ -221,7 +221,7 @@ jobs: matrix: include: ${{ fromJson(needs.detect-changes.outputs.test-kotlin-unit-matrix) }} steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-java-gradle with: java-version: ${{ env.JAVA_VERSION }} @@ -233,7 +233,7 @@ jobs: if: needs.detect-changes.outputs.any-frontend == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-node-pnpm with: node-version: ${{ env.NODE_VERSION }} @@ -248,7 +248,7 @@ jobs: run: working-directory: services/knowledge-ingest-worker steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: astral-sh/setup-uv@v8.2.0 with: version: '0.4.30' @@ -265,7 +265,7 @@ jobs: run: working-directory: services/knowledge-ingest-worker steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: astral-sh/setup-uv@v8.2.0 with: version: '0.4.30' @@ -281,7 +281,7 @@ jobs: run: working-directory: services/knowledge-ingest-worker steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: astral-sh/setup-uv@v8.2.0 with: version: '0.4.30' @@ -299,7 +299,7 @@ jobs: run: working-directory: services/agents-login steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: actions/setup-node@v6 with: node-version: ${{ env.NODE_VERSION }} @@ -317,7 +317,7 @@ jobs: matrix: include: ${{ fromJson(needs.detect-changes.outputs.test-kotlin-integration-matrix) }} steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-java-gradle with: java-version: ${{ env.JAVA_VERSION }} @@ -332,7 +332,7 @@ jobs: matrix: include: ${{ fromJson(needs.detect-changes.outputs.verify-coverage-matrix) }} steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-java-gradle with: java-version: ${{ env.JAVA_VERSION }} @@ -349,7 +349,7 @@ jobs: if: needs.detect-changes.outputs.any-kotlin == 'true' || needs.detect-changes.outputs.any-frontend == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-java-gradle with: java-version: ${{ env.JAVA_VERSION }} @@ -384,7 +384,7 @@ jobs: if: needs.detect-changes.outputs.any-platform == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-java-gradle with: java-version: ${{ env.JAVA_VERSION }} @@ -431,7 +431,7 @@ jobs: if: needs.detect-changes.outputs.any-platform == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-node-pnpm with: node-version: ${{ env.NODE_VERSION }} @@ -460,7 +460,7 @@ jobs: if: needs.detect-changes.outputs.any-platform == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: actions/setup-node@v6 with: node-version: ${{ env.NODE_VERSION }} @@ -478,7 +478,7 @@ jobs: packages: read pull-requests: write steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 with: fetch-depth: 0 - uses: aquasecurity/trivy-action@master @@ -519,7 +519,7 @@ jobs: name: Stalwart Config Tests runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - name: Run stalwart config tests run: sh tests/stalwart/run.sh diff --git a/.github/workflows/contract-validate.yml b/.github/workflows/contract-validate.yml index a2ea97b8..07c46064 100644 --- a/.github/workflows/contract-validate.yml +++ b/.github/workflows/contract-validate.yml @@ -19,7 +19,7 @@ jobs: name: Validate OpenAPI Contract runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-java-gradle with: java-version: '21' diff --git a/.github/workflows/crac-train.yml b/.github/workflows/crac-train.yml index f70f5dc8..9cdf6d79 100644 --- a/.github/workflows/crac-train.yml +++ b/.github/workflows/crac-train.yml @@ -62,7 +62,7 @@ jobs: --health-retries 12 steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: docker/setup-buildx-action@v4 - name: Build train image uses: docker/build-push-action@v7.2.0 diff --git a/.github/workflows/migration-guard.yml b/.github/workflows/migration-guard.yml index 059173e5..9f238f72 100644 --- a/.github/workflows/migration-guard.yml +++ b/.github/workflows/migration-guard.yml @@ -14,7 +14,7 @@ jobs: name: Migration Guard runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 with: # Full history so the base branch and merge-base are available to # diff against. diff --git a/.github/workflows/prod-smoke.yml b/.github/workflows/prod-smoke.yml index 5e46eced..123f831b 100644 --- a/.github/workflows/prod-smoke.yml +++ b/.github/workflows/prod-smoke.yml @@ -87,7 +87,7 @@ jobs: # `vars.PROD_CANARY_ENABLED` is the operator's opt-in switch. if: ${{ vars.PROD_CANARY_ENABLED == 'true' }} steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - name: Allow Keel to land any post-deploy image bumps # Keel polls ghcr every ~2 min. On `push: main` this workflow diff --git a/.github/workflows/system-tests.yml b/.github/workflows/system-tests.yml index 62c9743b..5618cf04 100644 --- a/.github/workflows/system-tests.yml +++ b/.github/workflows/system-tests.yml @@ -54,7 +54,7 @@ jobs: dockerfile: infra/stalwart/Dockerfile build_arg: '' steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: docker/setup-buildx-action@v4 - name: Set image prefix (lowercase) run: echo "IMAGE_PREFIX=$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_ENV" @@ -147,7 +147,7 @@ jobs: gradle_task: :services:system-tests:testPlaywright shard_args: -Dtest.shard.index=4 -Dtest.shard.count=4 steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - uses: ./.github/actions/setup-java-gradle with: java-version: ${{ inputs.java-version }} diff --git a/.github/workflows/vault-bootstrap-validate.yml b/.github/workflows/vault-bootstrap-validate.yml index 8d8399b3..d75596dc 100644 --- a/.github/workflows/vault-bootstrap-validate.yml +++ b/.github/workflows/vault-bootstrap-validate.yml @@ -62,7 +62,7 @@ jobs: --health-timeout 5s --health-retries 10 steps: - - uses: actions/checkout@v6.0.3 + - uses: actions/checkout@v7.0.0 - name: Sanity-check the Vault binary can exec under the runner's seccomp profile # This is the PR #409 canary. If `hashicorp/vault:` is