From d9d81bdbb313ba290706ef141aaf200e8acbb86d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Jun 2026 03:52:11 +0000 Subject: [PATCH] chore(deps): Bump actions/checkout from 6.0.2 to 7.0.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 7.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/collect.yml | 2 +- .github/workflows/lint.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/collect.yml b/.github/workflows/collect.yml index 4dc2a16..be52499 100644 --- a/.github/workflows/collect.yml +++ b/.github/workflows/collect.yml @@ -24,7 +24,7 @@ jobs: # readable version in a trailing comment) per GitHub's supply-chain # hardening guidance. Dependabot keeps the pin current via PRs — do # not "clean up" the SHA back to a tag. - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Collect traffic data env: diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 9b27eff..05b7f22 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -16,7 +16,7 @@ jobs: steps: # SHA-pinned per supply-chain hardening guidance; Dependabot keeps it # current. See .github/workflows/collect.yml for the full rationale. - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Run shellcheck run: shellcheck scripts/*.sh