From 04d849a97fd2adb852fe2d5038d397bca1a7447d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 6 Jun 2026 03:52:18 +0000 Subject: [PATCH] chore(deps): Bump actions/checkout from 6.0.2 to 6.0.3 Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 6.0.3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/collect.yml | 2 +- .github/workflows/lint.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/collect.yml b/.github/workflows/collect.yml index 4dc2a16..3728a23 100644 --- a/.github/workflows/collect.yml +++ b/.github/workflows/collect.yml @@ -24,7 +24,7 @@ jobs: # readable version in a trailing comment) per GitHub's supply-chain # hardening guidance. Dependabot keeps the pin current via PRs — do # not "clean up" the SHA back to a tag. - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Collect traffic data env: diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 9b27eff..b3053c2 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -16,7 +16,7 @@ jobs: steps: # SHA-pinned per supply-chain hardening guidance; Dependabot keeps it # current. See .github/workflows/collect.yml for the full rationale. - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Run shellcheck run: shellcheck scripts/*.sh