From 2e78ea73743dfe302ad37f9aa0a0e487a5106154 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 25 Jun 2026 22:38:15 +0000 Subject: [PATCH] Bump the github-actions-dependencies group across 1 directory with 5 updates Bumps the github-actions-dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` | | [actions/cache/restore](https://github.com/actions/cache) | `5.0.5` | `6.0.0` | | [actions/cache/save](https://github.com/actions/cache) | `5.0.5` | `6.0.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.5` | `6.0.0` | | [actions/setup-dotnet](https://github.com/actions/setup-dotnet) | `5.2.0` | `5.3.0` | Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v6.0.2...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) Updates `actions/cache/restore` from 5.0.5 to 6.0.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/27d5ce7f107fe9357f9df03efb73ab90386fccae...2c8a9bd7457de244a408f35966fab2fb45fda9c8) Updates `actions/cache/save` from 5.0.5 to 6.0.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/27d5ce7f107fe9357f9df03efb73ab90386fccae...2c8a9bd7457de244a408f35966fab2fb45fda9c8) Updates `actions/cache` from 5.0.5 to 6.0.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/27d5ce7f107fe9357f9df03efb73ab90386fccae...2c8a9bd7457de244a408f35966fab2fb45fda9c8) Updates `actions/setup-dotnet` from 5.2.0 to 5.3.0 - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](https://github.com/actions/setup-dotnet/compare/c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7...9a946fdbd5fb07b82b2f5a4466058b876ab72bb2) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-dependencies - dependency-name: actions/cache/restore dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-dependencies - dependency-name: actions/cache/save dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-dependencies - dependency-name: actions/cache dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-dependencies - dependency-name: actions/setup-dotnet dependency-version: 5.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/actionlint.yml | 2 +- .github/workflows/agentics-maintenance.yml | 20 ++++++------- .../codeowners-folder-validation.yml | 2 +- .github/workflows/evaluation.yml | 30 +++++++++---------- .github/workflows/gh-aw-upgrade.yml | 2 +- .github/workflows/markdownlint.yml | 2 +- .github/workflows/pr-triage.yml | 2 +- .github/workflows/skill-check.yml | 6 ++-- .github/workflows/skill-coverage.yml | 2 +- .github/workflows/skill-validator.yml | 8 ++--- .github/workflows/vally-evaluation.yml | 2 +- 11 files changed, 39 insertions(+), 39 deletions(-) diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index 1f36ef6b33..3fb323db4c 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false diff --git a/.github/workflows/agentics-maintenance.yml b/.github/workflows/agentics-maintenance.yml index ea31ab4ad9..f45c680713 100644 --- a/.github/workflows/agentics-maintenance.yml +++ b/.github/workflows/agentics-maintenance.yml @@ -156,7 +156,7 @@ jobs: operation: ${{ steps.record.outputs.operation }} steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -245,7 +245,7 @@ jobs: run_url: ${{ steps.record.outputs.run_url }} steps: - name: Checkout actions folder - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: sparse-checkout: | actions @@ -291,7 +291,7 @@ jobs: issues: write steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -337,7 +337,7 @@ jobs: issues: write steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -363,7 +363,7 @@ jobs: - name: Restore activity report logs cache id: activity_report_logs_cache - uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 + uses: actions/cache/restore@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v6.0.0 with: path: ./.cache/gh-aw/activity-report-logs key: ${{ runner.os }}-activity-report-logs-${{ github.repository }}-${{ github.ref_name }}-${{ github.run_id }} @@ -387,7 +387,7 @@ jobs: - name: Save activity report logs cache if: ${{ always() }} - uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 + uses: actions/cache/save@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v6.0.0 with: path: ./.cache/gh-aw/activity-report-logs key: ${{ steps.activity_report_logs_cache.outputs.cache-primary-key }} @@ -442,7 +442,7 @@ jobs: issues: write steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -468,7 +468,7 @@ jobs: - name: Restore forecast report logs cache id: forecast_report_logs_cache - uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 + uses: actions/cache/restore@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v6.0.0 with: path: ./.github/aw/logs key: ${{ runner.os }}-forecast-report-logs-${{ github.repository }}-${{ github.ref_name }}-${{ github.run_id }} @@ -514,7 +514,7 @@ jobs: - name: Save forecast report logs cache if: ${{ always() }} - uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 + uses: actions/cache/save@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v6.0.0 with: path: ./.github/aw/logs key: ${{ runner.os }}-forecast-report-logs-${{ github.repository }}-${{ github.ref_name }}-${{ github.run_id }} @@ -571,7 +571,7 @@ jobs: issues: write steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/codeowners-folder-validation.yml b/.github/workflows/codeowners-folder-validation.yml index 26c4fb76d1..eab36a6b9a 100644 --- a/.github/workflows/codeowners-folder-validation.yml +++ b/.github/workflows/codeowners-folder-validation.yml @@ -21,7 +21,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false diff --git a/.github/workflows/evaluation.yml b/.github/workflows/evaluation.yml index a959ec5c69..23353ca934 100644 --- a/.github/workflows/evaluation.yml +++ b/.github/workflows/evaluation.yml @@ -111,7 +111,7 @@ jobs: statuses: write steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: fetch-depth: 0 persist-credentials: false @@ -176,7 +176,7 @@ jobs: statuses: write steps: - name: Checkout base branch - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: ref: ${{ github.event.pull_request.base.sha }} fetch-depth: 0 @@ -427,7 +427,7 @@ jobs: - name: Checkout repository if: github.event_name != 'schedule' || steps.check-changes.outputs.has_changes == 'true' || github.event_name == 'workflow_dispatch' - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: fetch-depth: 0 persist-credentials: false @@ -631,7 +631,7 @@ jobs: # changes are tested. For fork PRs (untrusted), always build from the # base branch to prevent untrusted code from modifying tooling. - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: ref: ${{ needs.gate.outputs.is_fork != 'true' && needs.gate.outputs.head_sha || '' }} persist-credentials: false @@ -642,14 +642,14 @@ jobs: - name: Cache validator archive id: cache-validator - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v4 + uses: actions/cache@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v4 with: path: skill-validator-dist.tar.gz key: ${{ steps.compute-key.outputs.cache-key }} - name: Setup .NET SDK if: steps.cache-validator.outputs.cache-hit != 'true' - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # v5 with: global-json-file: global.json @@ -689,19 +689,19 @@ jobs: steps: - name: Checkout skills content - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: ref: ${{ needs.gate.outputs.head_sha || '' }} persist-credentials: false - name: Setup .NET SDK - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # v5 with: global-json-file: global.json - name: Restore cached validator id: cache-validator - uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v4 + uses: actions/cache/restore@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v4 with: path: skill-validator-dist.tar.gz key: ${{ needs.build-validator.outputs.cache-key }} @@ -890,7 +890,7 @@ jobs: - name: Restore cached validator if: needs.evaluate.result != 'skipped' id: cache-validator - uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v4 + uses: actions/cache/restore@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v4 with: path: skill-validator-dist.tar.gz key: ${{ needs.build-validator.outputs.cache-key }} @@ -1092,7 +1092,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false @@ -1225,7 +1225,7 @@ jobs: cancel-in-progress: false steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false @@ -1335,7 +1335,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false @@ -1505,7 +1505,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository (for dashboard UI files) - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false @@ -1559,7 +1559,7 @@ jobs: - name: Build AGENTVIZ SPA if: steps.check-replay.outputs.skip != 'true' - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v4 + uses: actions/cache@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v4 id: agentviz-cache with: path: /tmp/agentviz-dist diff --git a/.github/workflows/gh-aw-upgrade.yml b/.github/workflows/gh-aw-upgrade.yml index 12b9f3b3a1..44532e1371 100644 --- a/.github/workflows/gh-aw-upgrade.yml +++ b/.github/workflows/gh-aw-upgrade.yml @@ -13,7 +13,7 @@ jobs: upgrade: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 - name: Install gh-aw CLI run: curl -sL https://raw.githubusercontent.com/github/gh-aw/main/install-gh-aw.sh | bash diff --git a/.github/workflows/markdownlint.yml b/.github/workflows/markdownlint.yml index aa97b4e5e8..cc2d01af3f 100644 --- a/.github/workflows/markdownlint.yml +++ b/.github/workflows/markdownlint.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false fetch-depth: 0 diff --git a/.github/workflows/pr-triage.yml b/.github/workflows/pr-triage.yml index 80ea0c0958..fcf5ecfb71 100644 --- a/.github/workflows/pr-triage.yml +++ b/.github/workflows/pr-triage.yml @@ -56,7 +56,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout scripts and CODEOWNERS - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false fetch-depth: 1 diff --git a/.github/workflows/skill-check.yml b/.github/workflows/skill-check.yml index c444826777..ae4a6b0e3c 100644 --- a/.github/workflows/skill-check.yml +++ b/.github/workflows/skill-check.yml @@ -15,20 +15,20 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false - name: Cache validator archive id: cache-validator - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v4 + uses: actions/cache@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v4 with: path: skill-validator-dist.tar.gz key: skill-validator-${{ runner.os }}-${{ hashFiles('eng/skill-validator/src/**', 'eng/skill-validator/Directory.Build.props', 'global.json') }} - name: Setup .NET SDK if: steps.cache-validator.outputs.cache-hit != 'true' - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5 + uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # v5 with: global-json-file: global.json diff --git a/.github/workflows/skill-coverage.yml b/.github/workflows/skill-coverage.yml index 6c83fa31c4..e85f6fd0f2 100644 --- a/.github/workflows/skill-coverage.yml +++ b/.github/workflows/skill-coverage.yml @@ -112,7 +112,7 @@ jobs: # Checkout the default branch for trusted tooling (Measure-SkillCoverage.ps1), # then fetch the PR head into a separate worktree so untrusted code is never executed. - name: Checkout base branch (trusted tooling) - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false diff --git a/.github/workflows/skill-validator.yml b/.github/workflows/skill-validator.yml index 4a63fb2671..77407b2db2 100644 --- a/.github/workflows/skill-validator.yml +++ b/.github/workflows/skill-validator.yml @@ -26,7 +26,7 @@ jobs: outputs: has_changes: ${{ steps.check.outputs.has_changes }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: fetch-depth: 0 @@ -73,10 +73,10 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: false - - uses: actions/setup-dotnet@c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7 # v5 + - uses: actions/setup-dotnet@9a946fdbd5fb07b82b2f5a4466058b876ab72bb2 # v5 with: global-json-file: global.json @@ -148,7 +148,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: persist-credentials: true diff --git a/.github/workflows/vally-evaluation.yml b/.github/workflows/vally-evaluation.yml index 25ab1e67f9..900de80af0 100644 --- a/.github/workflows/vally-evaluation.yml +++ b/.github/workflows/vally-evaluation.yml @@ -77,7 +77,7 @@ jobs: steps: - name: Checkout skills content - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: ref: ${{ inputs.head_sha || '' }} persist-credentials: false