chore(deps): bump actions/checkout from 4.1.7 to 4.2.0 (#3283)

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](692973e3d9...d632683dd7) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-17 16:33:21 +01:00 · 2024-09-26 13:48:12 -04:00 · 2024-09-26 13:48:12 -04:00 · 39b2bf5518
commit 39b2bf5518
parent d7005d7d8c
10 changed files with 18 additions and 18 deletions
--- a/.github/workflows/benchmark-testing.yaml
+++ b/.github/workflows/benchmark-testing.yaml
@ -17,7 +17,7 @@ jobs:
    # the job by event.
    steps:
      - name: Checkout code
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -36,7 +36,7 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

    - name: Install Go
      uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 #v5.0.2
--- a/.github/workflows/detect-schema-changes.yaml
+++ b/.github/workflows/detect-schema-changes.yaml
@ -30,7 +30,7 @@ jobs:
    runs-on: ubuntu-22.04
    steps:

-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - run: python .github/scripts/labeler.py
        env:
--- a/.github/workflows/release-version-file.yaml
+++ b/.github/workflows/release-version-file.yaml
@ -20,7 +20,7 @@ jobs:
  release:
    runs-on: ubuntu-20.04
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Update version file
        run: make ci-release-version-file
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@ -15,7 +15,7 @@ jobs:
    environment: release
    runs-on: ubuntu-20.04
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Check if running on main
        if: github.ref != 'refs/heads/main'
@ -105,7 +105,7 @@ jobs:
      # required for goreleaser signs section with cosign
      id-token: write
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0
        with:
          fetch-depth: 0

--- a/.github/workflows/test-fixture-cache-publish.yaml
+++ b/.github/workflows/test-fixture-cache-publish.yaml
@ -18,7 +18,7 @@ jobs:
    permissions:
      packages: write
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
--- a/.github/workflows/update-bootstrap-tools.yml
+++ b/.github/workflows/update-bootstrap-tools.yml
@ -13,7 +13,7 @@ jobs:
    runs-on: ubuntu-latest
    if: github.repository == 'anchore/syft' # only run for main repo
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
--- a/.github/workflows/update-cpe-dictionary-index.yml
+++ b/.github/workflows/update-cpe-dictionary-index.yml
@ -16,7 +16,7 @@ jobs:
    runs-on: ubuntu-latest
    if: github.repository == 'anchore/syft' # only run for main repo
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
--- a/.github/workflows/update-stereoscope-release.yml
+++ b/.github/workflows/update-stereoscope-release.yml
@ -17,7 +17,7 @@ jobs:
    runs-on: ubuntu-latest
    if: github.repository == 'anchore/syft' # only run for main repo
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 #v5.0.2
        with:
--- a/.github/workflows/validations.yaml
+++ b/.github/workflows/validations.yaml
@ -17,7 +17,7 @@ jobs:
    name: "Static analysis"
    runs-on: ubuntu-20.04
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
@ -31,7 +31,7 @@ jobs:
    name: "Unit tests"
    runs-on: ubuntu-20.04
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
@ -47,7 +47,7 @@ jobs:
    name: "Integration tests"
    runs-on: ubuntu-20.04
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
@ -65,7 +65,7 @@ jobs:
    name: "Build snapshot artifacts"
    runs-on: ubuntu-20.04
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
@ -95,7 +95,7 @@ jobs:
    needs: [Build-Snapshot-Artifacts]
    runs-on: ubuntu-20.04
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
@ -141,7 +141,7 @@ jobs:
      - name: Install Cosign
        uses: sigstore/cosign-installer@v3.6.0

-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
@ -178,7 +178,7 @@ jobs:
    needs: [Build-Snapshot-Artifacts]
    runs-on: ubuntu-20.04
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Bootstrap environment
        uses: ./.github/actions/bootstrap
@ -215,7 +215,7 @@ jobs:
      - Acceptance-Mac
      - Cli-Linux
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0

      - name: Delete snapshot cache
        run: gh cache delete "snapshot-build-${{ github.run_id }}"