Merge pull request #2343 from theupdateframework/dependabot/github_actions/actions/checkout-3.5.0

build(deps): bump actions/checkout from 3.4.0 to 3.5.0
2026-05-24 10:08:28 +00:00 · 2023-03-28 11:05:28 +02:00 · 2023-03-28 11:05:28 +02:00 · 1372630fdb
commit 1372630fdb
parent d55b5df4e9 f86f656d3c
6 changed files with 7 additions and 7 deletions
--- a/.github/workflows/_test.yml
+++ b/.github/workflows/_test.yml
@ -12,7 +12,7 @@ jobs:

    steps:
      - name: Checkout TUF
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3

      - name: Set up Python 3.x
        uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435
@ -56,7 +56,7 @@ jobs:

    steps:
      - name: Checkout TUF
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3

      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@ -18,7 +18,7 @@ jobs:
    needs: test
    steps:
      - name: Checkout release tag
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3
        with:
          ref: ${{ github.event.workflow_run.head_branch }}

--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -22,7 +22,7 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+      uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3

    - name: Initialize CodeQL
      uses: github/codeql-action/init@67a35a08586135a9573f4327e904ecbf517a882d
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@ -15,6 +15,6 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout Repository'
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3
      - name: 'Dependency Review'
        uses: actions/dependency-review-action@f46c48ed6d4f1227fb2d9ea62bf6bcbed315589e
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@ -21,7 +21,7 @@ jobs:

    steps:
      - name: "Checkout code"
-        uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3

      - name: "Run analysis"
        uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86
--- a/.github/workflows/specification-version-check.yml
+++ b/.github/workflows/specification-version-check.yml
@ -14,7 +14,7 @@ jobs:
    outputs:
      version: ${{ steps.get-version.outputs.version }}
    steps:
-      - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f
+      - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3
      - uses: actions/setup-python@d27e3f3d7c64b4bbf8e4abfb9b63b83e846e0435
        with:
          python-version: "3.x"