Bump actions/checkout from 4 to 5 #1181

dependabot · 2025-08-18T05:54:01Z

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

Prepare v5.0.0 release by @salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

Prepare release v4.3.0 by @salmanmkc in actions/checkout#2237

New Contributors

@motss made their first contribution in actions/checkout#1971

@mouismail made their first contribution in actions/checkout#1977

@benwells made their first contribution in actions/checkout#2043

@nebuk89 made their first contribution in actions/checkout#2194

@salmanmkc made their first contribution in actions/checkout#2236

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

New Contributors

@Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

V4.3.0

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

08c6903 Prepare v5.0.0 release (#2238)
9f26565 Update actions checkout to use node 24 (#2226)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.6.0 to 6.0.0. Release notes *Sourced from [actions/setup-python's releases](https://github.com/actions/setup-python/releases).* > v6.0.0 > ------ > > What's Changed > -------------- > > ### Breaking Changes > > * Upgrade to node 24 by [`@salmanmkc`](https://github.com/salmanmkc) in [actions/setup-python#1164](https://redirect.github.com/actions/setup-python/pull/1164) > > Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. [See Release Notes](https://github.com/actions/runner/releases/tag/v2.327.1) > > ### Enhancements: > > * Add support for `pip-version` by [`@priyagupta108`](https://github.com/priyagupta108) in [actions/setup-python#1129](https://redirect.github.com/actions/setup-python/pull/1129) > * Enhance reading from .python-version by [`@krystof-k`](https://github.com/krystof-k) in [actions/setup-python#787](https://redirect.github.com/actions/setup-python/pull/787) > * Add version parsing from Pipfile by [`@aradkdj`](https://github.com/aradkdj) in [actions/setup-python#1067](https://redirect.github.com/actions/setup-python/pull/1067) > > ### Bug fixes: > > * Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by [`@aparnajyothi-y`](https://github.com/aparnajyothi-y) in [actions/setup-python#1183](https://redirect.github.com/actions/setup-python/pull/1183) > * Change missing cache directory error to warning by [`@aparnajyothi-y`](https://github.com/aparnajyothi-y) in [actions/setup-python#1182](https://redirect.github.com/actions/setup-python/pull/1182) > * Add Architecture-Specific PATH Management for Python with --user Flag on Windows by [`@aparnajyothi-y`](https://github.com/aparnajyothi-y) in [actions/setup-python#1122](https://redirect.github.com/actions/setup-python/pull/1122) > * Include python version in PyPy python-version output by [`@cdce8p`](https://github.com/cdce8p) in [actions/setup-python#1110](https://redirect.github.com/actions/setup-python/pull/1110) > * Update docs: clarification on pip authentication with setup-python by [`@priya-kinthali`](https://github.com/priya-kinthali) in [actions/setup-python#1156](https://redirect.github.com/actions/setup-python/pull/1156) > > ### Dependency updates: > > * Upgrade idna from 2.9 to 3.7 in /**tests**/data by [`@dependabot`](https://github.com/dependabot)[bot] in [actions/setup-python#843](https://redirect.github.com/actions/setup-python/pull/843) > * Upgrade form-data to fix critical vulnerabilities [#182](https://redirect.github.com/actions/setup-python/issues/182) & [#183](https://redirect.github.com/actions/setup-python/issues/183) by [`@aparnajyothi-y`](https://github.com/aparnajyothi-y) in [actions/setup-python#1163](https://redirect.github.com/actions/setup-python/pull/1163) > * Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by [`@aparnajyothi-y`](https://github.com/aparnajyothi-y) in [actions/setup-python#1165](https://redirect.github.com/actions/setup-python/pull/1165) > * Upgrade actions/checkout from 4 to 5 by [`@dependabot`](https://github.com/dependabot)[bot] in [actions/setup-python#1181](https://redirect.github.com/actions/setup-python/pull/1181) > * Upgrade `@actions/tool-cache` from 2.0.1 to 2.0.2 by [`@dependabot`](https://github.com/dependabot)[bot] in [actions/setup-python#1095](https://redirect.github.com/actions/setup-python/pull/1095) > > New Contributors > ---------------- > > * [`@krystof-k`](https://github.com/krystof-k) made their first contribution in [actions/setup-python#787](https://redirect.github.com/actions/setup-python/pull/787) > * [`@cdce8p`](https://github.com/cdce8p) made their first contribution in [actions/setup-python#1110](https://redirect.github.com/actions/setup-python/pull/1110) > * [`@aradkdj`](https://github.com/aradkdj) made their first contribution in [actions/setup-python#1067](https://redirect.github.com/actions/setup-python/pull/1067) > > **Full Changelog**: <actions/setup-python@v5...v6.0.0> Commits * [`e797f83`](actions/setup-python@e797f83) Upgrade to node 24 ([#1164](https://redirect.github.com/actions/setup-python/issues/1164)) * [`3d1e2d2`](actions/setup-python@3d1e2d2) Revert "Enhance cache-dependency-path handling to support files outside the w... * [`65b0712`](actions/setup-python@65b0712) Clarify pythonLocation behavior for PyPy and GraalPy in environment variables... * [`5b668cf`](actions/setup-python@5b668cf) Bump actions/checkout from 4 to 5 ([#1181](https://redirect.github.com/actions/setup-python/issues/1181)) * [`f62a0e2`](actions/setup-python@f62a0e2) Change missing cache directory error to warning ([#1182](https://redirect.github.com/actions/setup-python/issues/1182)) * [`9322b3c`](actions/setup-python@9322b3c) Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIn... * [`fbeb884`](actions/setup-python@fbeb884) Bump form-data to fix critical vulnerabilities [#182](https://redirect.github.com/actions/setup-python/issues/182) & [#183](https://redirect.github.com/actions/setup-python/issues/183) ([#1163](https://redirect.github.com/actions/setup-python/issues/1163)) * [`03bb615`](actions/setup-python@03bb615) Bump idna from 2.9 to 3.7 in /**tests**/data ([#843](https://redirect.github.com/actions/setup-python/issues/843)) * [`36da51d`](actions/setup-python@36da51d) Add version parsing from Pipfile ([#1067](https://redirect.github.com/actions/setup-python/issues/1067)) * [`3c6f142`](actions/setup-python@3c6f142) update documentation ([#1156](https://redirect.github.com/actions/setup-python/issues/1156)) * Additional commits viewable in [compare view](actions/setup-python@a26af69...e797f83) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility\_score?dependency-name=actions/setup-python&package-manager=github\_actions&previous-version=5.6.0&new-version=6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Aug 18, 2025

dependabot bot requested a review from a team as a code owner August 18, 2025 05:54

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Aug 18, 2025

aparnajyothi-y approved these changes Aug 20, 2025

View reviewed changes

priya-kinthali approved these changes Aug 20, 2025

View reviewed changes

HarithaVattikuti approved these changes Aug 26, 2025

View reviewed changes

HarithaVattikuti merged commit 5b668cf into main Aug 26, 2025
1299 checks passed

HarithaVattikuti deleted the dependabot/github_actions/actions/checkout-5 branch August 26, 2025 02:49

cclauss mentioned this pull request Sep 2, 2025

Update checkout action from v4 to v5 #1192

Closed

2 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump actions/checkout from 4 to 5 #1181

Bump actions/checkout from 4 to 5 #1181

Uh oh!

dependabot bot commented on behalf of github Aug 18, 2025

Uh oh!

Uh oh!

Uh oh!

Bump actions/checkout from 4 to 5 #1181

Bump actions/checkout from 4 to 5 #1181

Uh oh!

Conversation

dependabot bot commented on behalf of github Aug 18, 2025

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v4.3.0

What's Changed

New Contributors

v4.2.2

What's Changed

v4.2.1

What's Changed

New Contributors

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

Uh oh!

Uh oh!

Uh oh!