From 214abb7eb2ec1504d678bb04e693e10df76aecc3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 9 Jan 2026 07:43:13 +0000 Subject: [PATCH] chore: CI: bump actions/checkout from 5 to 6 (#11459) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v5...v5.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

V6.0.0

V5.0.1

V5.0.0

V4.3.1

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=5&new-version=6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/actionlint.yml | 2 +- .github/workflows/build-template.yml | 2 +- .github/workflows/check-prelude.yml | 2 +- .github/workflows/check-stage0.yml | 2 +- .github/workflows/ci.yml | 4 ++-- .github/workflows/copyright-header.yml | 2 +- .github/workflows/pr-release.yml | 6 +++--- .github/workflows/update-stage0.yml | 2 +- 8 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index 3a2e42c037..503cd810f9 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: actionlint uses: raven-actions/actionlint@v2 with: diff --git a/.github/workflows/build-template.yml b/.github/workflows/build-template.yml index 0c4d2b87ea..582f478865 100644 --- a/.github/workflows/build-template.yml +++ b/.github/workflows/build-template.yml @@ -67,7 +67,7 @@ jobs: if: runner.os == 'macOS' - name: Checkout if: (!endsWith(matrix.os, '-with-cache')) - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: # the default is to use a virtual merge commit between the PR and master: just use the PR ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/check-prelude.yml b/.github/workflows/check-prelude.yml index ec53e01bfa..adb25c1e21 100644 --- a/.github/workflows/check-prelude.yml +++ b/.github/workflows/check-prelude.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: # the default is to use a virtual merge commit between the PR and master: just use the PR ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/check-stage0.yml b/.github/workflows/check-stage0.yml index 3091f10f37..14651c0871 100644 --- a/.github/workflows/check-stage0.yml +++ b/.github/workflows/check-stage0.yml @@ -8,7 +8,7 @@ jobs: check-stage0-on-queue: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 74ac2fbd19..09fbf968e4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -50,7 +50,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 # don't schedule nightlies on forks if: github.event_name == 'schedule' && github.repository == 'leanprover/lean4' || inputs.action == 'release nightly' || (startsWith(github.ref, 'refs/tags/') && github.repository == 'leanprover/lean4') - name: Set Nightly @@ -455,7 +455,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: # needed for tagging fetch-depth: 0 diff --git a/.github/workflows/copyright-header.yml b/.github/workflows/copyright-header.yml index 9e66254173..e23718067a 100644 --- a/.github/workflows/copyright-header.yml +++ b/.github/workflows/copyright-header.yml @@ -6,7 +6,7 @@ jobs: check-lean-files: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Verify .lean files start with a copyright header. run: | diff --git a/.github/workflows/pr-release.yml b/.github/workflows/pr-release.yml index 8cc8956ca1..a2eb7343d0 100644 --- a/.github/workflows/pr-release.yml +++ b/.github/workflows/pr-release.yml @@ -387,7 +387,7 @@ jobs: # Checkout the Batteries repository with all branches - name: Checkout Batteries repository if: steps.workflow-info.outputs.pullRequestNumber != '' && steps.ready.outputs.mathlib_ready == 'true' - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: repository: leanprover-community/batteries token: ${{ secrets.MATHLIB4_BOT }} @@ -447,7 +447,7 @@ jobs: # Checkout the mathlib4 repository with all branches - name: Checkout mathlib4 repository if: steps.workflow-info.outputs.pullRequestNumber != '' && steps.ready.outputs.mathlib_ready == 'true' - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: repository: leanprover-community/mathlib4-nightly-testing token: ${{ secrets.MATHLIB4_BOT }} @@ -530,7 +530,7 @@ jobs: # Checkout the reference manual repository with all branches - name: Checkout mathlib4 repository if: steps.workflow-info.outputs.pullRequestNumber != '' && steps.reference-manual-ready.outputs.manual_ready == 'true' - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: repository: leanprover/reference-manual token: ${{ secrets.MANUAL_PR_BOT }} diff --git a/.github/workflows/update-stage0.yml b/.github/workflows/update-stage0.yml index 4fa1467739..5b50c5815d 100644 --- a/.github/workflows/update-stage0.yml +++ b/.github/workflows/update-stage0.yml @@ -27,7 +27,7 @@ jobs: # This action should push to an otherwise protected branch, so it # uses a deploy key with write permissions, as suggested at # https://stackoverflow.com/a/76135647/946226 - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: ssh-key: ${{secrets.STAGE0_SSH_KEY}} - run: echo "should_update_stage0=yes" >> "$GITHUB_ENV"