Skip to content

Bump actions/checkout from 6.0.2 to 7.0.0#353

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/checkout-7.0.0
Closed

Bump actions/checkout from 6.0.2 to 7.0.0#353
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/checkout-7.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 24, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/checkout from 6.0.2 to 7.0.0.

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.2 to 7.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@de0fac2...9c091bb)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file Major labels Jun 24, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 24, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from a team as a code owner June 24, 2026 11:12
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 24, 2026
@github-actions

Copy link
Copy Markdown

Super-linter summary

Language Validation result
CHECKOV Pass ✅
GITLEAKS Pass ✅
GIT_MERGE_CONFLICT_MARKERS Pass ✅
MARKDOWN Pass ✅
NATURAL_LANGUAGE Pass ✅
POWERSHELL Pass ✅
PRE_COMMIT Pass ✅
SPELL_CODESPELL Pass ✅
TRIVY Pass ✅
YAML Pass ✅

All files and directories linted successfully

For more information, see the GitHub Actions workflow run

Powered by Super-linter

Marius Storhaug (MariusStorhaug) added a commit that referenced this pull request Jul 7, 2026
…#358)

Consolidates the currently-passing Dependabot GitHub Actions updates
into one change, so the pipeline moves to the latest action versions in
a single release instead of separate bumps. It also configures
Dependabot to group future GitHub Actions updates into one pull request,
so this consolidated form happens automatically from now on.

**Superseded Dependabot PRs:** #351, #353, #354, #355 — Dependabot
closes these automatically once this merges.

> ⚠️ **Build-PSModule v5.0.0 (#350) is intentionally excluded.** v5
makes `moduleVersion` a required input, which the current
`Build-Module.yml` does not provide, so it fails CI (6 checks on #350's
own PR too). Adopting it needs the "decide version before build" work in
#342 and should ship with/after that PR. #350 stays open to track it.

## Updated GitHub Actions

| Action | From | To | Bump |
| --- | --- | --- | --- |
| actions/checkout | v6.0.2 | v7.0.0 | Major |
| PSModule/Publish-PSModule | v2.2.4 | v3.0.0 | Major |
| super-linter/super-linter | v8.6.0 | v8.7.0 | Minor |
| super-linter/super-linter/slim | v8.6.0 | v8.7.0 | Minor |

This bundle includes two major action upgrades, so it is labelled
`Major` and cuts a major release of Process-PSModule on merge.

## Changed: Dependabot groups GitHub Actions updates

`.github/dependabot.yml` now groups all `github-actions` updates into a
single grouped pull request via a `groups` block. The `github_actions`
label is also corrected — it was `github-actions`, which does not match
the repository label and was silently dropped by Dependabot.

## Technical Details

- Each bump is a cherry-pick of the original Dependabot commit,
preserving authorship and the `Bump X from A to B` messages for a clean
linear history.
- All bumps touch only `uses:` pins under `.github/workflows/`; no logic
changes.
- Dependabot grouping added:

  ```yaml
  groups:
    github-actions:
      patterns:
        - "*"
  ```

This groups every GitHub Actions ecosystem update (all semver levels)
into one PR. To keep major bumps as separate PRs for individual review,
add `update-types: ["minor", "patch"]` under the group — majors then
continue to open on their own.
- No linked issue: this is Dependabot-driven maintenance; the superseded
PRs above are the traceability.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

Looks like actions/checkout is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 7, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/actions/checkout-7.0.0 branch July 7, 2026 22:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file Major

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants