chore(deps): bump actions/checkout from 6.0.2 to 7.0.0 in the github-actions group across 1 directory

[dependabot]

Bumps the github-actions group with 1 update in the / directory: actions/checkout.

Updates actions/checkout from 6.0.2 to 7.0.0

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

• block checking out fork pr for pull_request_target and workflow_run by @​aiqiaoy in actions/checkout#2454
• Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by @​dependabot[bot] in actions/checkout#2458
• Bump flatted from 3.3.1 to 3.4.2 by @​dependabot[bot] in actions/checkout#2460
• Bump js-yaml from 4.1.0 to 4.2.0 by @​dependabot[bot] in actions/checkout#2461
• Bump @​actions/core and @​actions/tool-cache and Remove uuid by @​dependabot[bot] in actions/checkout#2459
• upgrade module to esm and update dependencies by @​aiqiaoy in actions/checkout#2463
• Bump the minor-npm-dependencies group across 1 directory with 3 updates by @​dependabot[bot] in actions/checkout#2462
• getting ready for checkout v7 release by @​aiqiaoy in actions/checkout#2464
• update error wording by @​aiqiaoy in actions/checkout#2467

New Contributors

• @​aiqiaoy made their first contribution in actions/checkout#2454

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

• Update changelog by @​ericsciple in actions/checkout#2357
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in actions/checkout#2414
• Fix checkout init for SHA-256 repositories by @​yaananth in actions/checkout#2439
• Update changelog for v6.0.3 by @​yaananth in actions/checkout#2446

New Contributors

• @​yaananth made their first contribution in actions/checkout#2414

Full Changelog: actions/checkout@v6...v6.0.3

Commits

• 9c091bb update error wording (#2467)
• 1044a6d getting ready for checkout v7 release (#2464)
• f028218 Bump the minor-npm-dependencies group across 1 directory with 3 updates (#2462)
• d914b26 upgrade module to esm and update dependencies (#2463)
• 537c7ef Bump @​actions/core and @​actions/tool-cache and Remove uuid (#2459)
• 130a169 Bump js-yaml from 4.1.0 to 4.2.0 (#2461)
• 7d09575 Bump flatted from 3.3.1 to 3.4.2 (#2460)
• 0f9f3aa Bump actions/publish-immutable-action (#2458)
• f9e715a block checking out fork pr for pull_request_target and workflow_run (#2454)
• df4cb1c Update changelog for v6.0.3 (#2446)
• Additional commits viewable in compare view

[claude]

LGTM, mechanical Dependabot patch bump of actions/checkout v6.0.2 → v6.0.3 across workflow files.

Extended reasoning...

Overview

This PR is a Dependabot patch-version bump of actions/checkout from v6.0.2 to v6.0.3 across 12 GitHub Actions workflow files. Each change is mechanical: the SHA-pinned reference (de0fac2e... → df4cb1c0...) and version comment are updated, with one file (claude.yml) using the unpinned @v6.0.3 tag form. No workflow logic, inputs, or surrounding YAML changes.

Security risks

Minimal. The new SHA df4cb1c069e1874edd31b4311f1884172cec0e10 matches the v6.0.3 release commit referenced in Dependabot's notes. The upstream release notes describe only SHA-256 repo init fixes and a merge-commit SHA regex expansion — none of these alter the action's surface area in a way that affects this repo's workflows. The one unpinned reference in claude.yml (@v6.0.3) was already unpinned in the prior version, so this PR doesn't regress the pinning posture.

Level of scrutiny

Low. CI-only change, patch-level bump, no logic touched. Dependabot patch bumps for a well-known first-party GitHub action are routine and safe to auto-approve.

Other factors

No prior reviewer comments to address. No bugs flagged by the bug hunting system. The version bump is consistent across all 12 files.