Merge pull request #20313 from github/dependabot/github_actions/actions/checkout-5

Bump actions/checkout from 4 to 5
2025-12-16 16:53:25 +01:00 · 2025-09-01 11:34:41 +01:00
parent 93f4721418 6e1d9752d2
commit cbdc54adf7
38 changed files with 62 additions and 62 deletions
--- a/.github/workflows/build-ripunzip.yml
+++ b/.github/workflows/build-ripunzip.yml
@@ -20,7 +20,7 @@ jobs:
        os: [ubuntu-22.04, macos-13, windows-2022]
    runs-on: ${{ matrix.os }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          repository: google/ripunzip
          ref: ${{ inputs.ripunzip-version }}
@@ -28,7 +28,7 @@ jobs:
      # see https://github.com/sfackler/rust-openssl/issues/183
      - if: runner.os == 'Linux'
        name: checkout openssl
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          repository: openssl/openssl
          path: openssl
--- a/.github/workflows/buildifier.yml
+++ b/.github/workflows/buildifier.yml
@@ -17,7 +17,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Check bazel formatting
        uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507
        with:
--- a/.github/workflows/check-implicit-this.yml
+++ b/.github/workflows/check-implicit-this.yml
@@ -16,7 +16,7 @@ jobs:
  check:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Check that implicit this warnings is enabled for all packs
        shell: bash
        run: |
--- a/.github/workflows/check-overlay-annotations.yml
+++ b/.github/workflows/check-overlay-annotations.yml
@@ -17,7 +17,7 @@ jobs:
  sync:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Check overlay annotations
        run: python config/add-overlay-annotations.py --check java

--- a/.github/workflows/check-qldoc.yml
+++ b/.github/workflows/check-qldoc.yml
@@ -18,7 +18,7 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          fetch-depth: 2

--- a/.github/workflows/check-query-ids.yml
+++ b/.github/workflows/check-query-ids.yml
@@ -19,6 +19,6 @@ jobs:
    name: Check query IDs
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Check for duplicate query IDs
        run: python3 misc/scripts/check-query-ids.py
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -37,7 +37,7 @@ jobs:
        dotnet-version: 9.0.100

    - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
--- a/.github/workflows/compile-queries.yml
+++ b/.github/workflows/compile-queries.yml
@@ -22,7 +22,7 @@ jobs:
    runs-on: ubuntu-latest-xl

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Setup CodeQL
        uses: ./.github/actions/fetch-codeql
        with:
--- a/.github/workflows/cpp-swift-analysis.yml
+++ b/.github/workflows/cpp-swift-analysis.yml
@@ -28,7 +28,7 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
--- a/.github/workflows/csharp-qltest.yml
+++ b/.github/workflows/csharp-qltest.yml
@@ -39,7 +39,7 @@ jobs:
        os: [ubuntu-latest, windows-latest]
    runs-on: ${{ matrix.os }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Setup dotnet
        uses: actions/setup-dotnet@v4
        with:
@@ -55,7 +55,7 @@ jobs:
  stubgentest:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: ./csharp/actions/create-extractor-pack
      - name: Run stub generator tests
        run: |
--- a/.github/workflows/csv-coverage-metrics.yml
+++ b/.github/workflows/csv-coverage-metrics.yml
@@ -23,7 +23,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Setup CodeQL
        uses: ./.github/actions/fetch-codeql
      - name: Create empty database
@@ -51,7 +51,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Setup CodeQL
        uses: ./.github/actions/fetch-codeql
      - name: Create empty database
--- a/.github/workflows/csv-coverage-pr-artifacts.yml
+++ b/.github/workflows/csv-coverage-pr-artifacts.yml
@@ -35,11 +35,11 @@ jobs:
          GITHUB_CONTEXT: ${{ toJSON(github.event) }}
        run: echo "$GITHUB_CONTEXT"
      - name: Clone self (github/codeql) - MERGE
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          path: merge
      - name: Clone self (github/codeql) - BASE
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          fetch-depth: 2
          path: base
--- a/.github/workflows/csv-coverage-pr-comment.yml
+++ b/.github/workflows/csv-coverage-pr-comment.yml
@@ -24,7 +24,7 @@ jobs:
        GITHUB_CONTEXT: ${{ toJSON(github.event) }}
      run: echo "$GITHUB_CONTEXT"
    - name: Clone self (github/codeql)
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
    - name: Set up Python 3.8
      uses: actions/setup-python@v4
      with:
--- a/.github/workflows/csv-coverage-timeseries.yml
+++ b/.github/workflows/csv-coverage-timeseries.yml
@@ -12,11 +12,11 @@ jobs:

    steps:
      - name: Clone self (github/codeql)
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          path: script
      - name: Clone self (github/codeql) for analysis
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          path: codeqlModels
          fetch-depth: 0
--- a/.github/workflows/csv-coverage-update.yml
+++ b/.github/workflows/csv-coverage-update.yml
@@ -21,7 +21,7 @@ jobs:
          GITHUB_CONTEXT: ${{ toJSON(github.event) }}
        run: echo "$GITHUB_CONTEXT"
      - name: Clone self (github/codeql)
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          path: ql
          fetch-depth: 0
--- a/.github/workflows/csv-coverage.yml
+++ b/.github/workflows/csv-coverage.yml
@@ -16,11 +16,11 @@ jobs:

    steps:
      - name: Clone self (github/codeql)
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          path: script
      - name: Clone self (github/codeql) for analysis
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          path: codeqlModels
          ref: ${{ github.event.inputs.qlModelShaOverride || github.ref }}
--- a/.github/workflows/fast-forward.yml
+++ b/.github/workflows/fast-forward.yml
@@ -26,7 +26,7 @@ jobs:
          exit 1

      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5

      - name: Git config
        shell: bash
--- a/.github/workflows/go-tests.yml
+++ b/.github/workflows/go-tests.yml
@@ -22,7 +22,7 @@ jobs:
    runs-on: ubuntu-latest-xl
    steps:
      - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Run tests
        uses: ./go/actions/test
        with:
--- a/.github/workflows/kotlin-build.yml
+++ b/.github/workflows/kotlin-build.yml
@@ -20,7 +20,7 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - run: |
          bazel query //java/kotlin-extractor/...
          # only build the default version as a quick check that we can build from `codeql`
--- a/.github/workflows/mad_modelDiff.yml
+++ b/.github/workflows/mad_modelDiff.yml
@@ -28,12 +28,12 @@ jobs:
        slug: ${{fromJson(github.event.inputs.projects || '["apache/commons-codec", "apache/commons-io", "apache/commons-beanutils", "apache/commons-logging", "apache/commons-fileupload", "apache/commons-lang", "apache/commons-validator", "apache/commons-csv", "apache/dubbo"]' )}}
    steps:
      - name: Clone github/codeql from PR
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        if: github.event.pull_request
        with:
          path: codeql-pr
      - name: Clone github/codeql from main
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          path: codeql-main
          ref: main
--- a/.github/workflows/mad_regenerate-models.yml
+++ b/.github/workflows/mad_regenerate-models.yml
@@ -30,11 +30,11 @@ jobs:
            ref: "placeholder"
    steps:
      - name: Clone self (github/codeql)
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Setup CodeQL binaries
        uses: ./.github/actions/fetch-codeql
      - name: Clone repositories
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          path: repos/${{ matrix.ref }}
          ref: ${{ matrix.ref }}
--- a/.github/workflows/python-tooling.yml
+++ b/.github/workflows/python-tooling.yml
@@ -21,7 +21,7 @@ jobs:
  check-python-tooling:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: actions/setup-python@v5
        with:
          python-version: '3.12'
--- a/.github/workflows/qhelp-pr-preview.yml
+++ b/.github/workflows/qhelp-pr-preview.yml
@@ -43,7 +43,7 @@ jobs:
          if-no-files-found: error
          retention-days: 1

-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          fetch-depth: 2
          persist-credentials: false
--- a/.github/workflows/ql-for-ql-build.yml
+++ b/.github/workflows/ql-for-ql-build.yml
@@ -19,7 +19,7 @@ jobs:
    runs-on: ubuntu-latest-xl
    steps:
      ### Build the queries ###
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
        with:
          fetch-depth: 0
      - name: Find codeql
--- a/.github/workflows/ql-for-ql-dataset_measure.yml
+++ b/.github/workflows/ql-for-ql-dataset_measure.yml
@@ -25,7 +25,7 @@ jobs:
          - github/codeql
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5

      - name: Find codeql
        id: find-codeql
@@ -46,7 +46,7 @@ jobs:
        env:
          CODEQL: ${{ steps.find-codeql.outputs.codeql-path }}
      - name: Checkout ${{ matrix.repo }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          repository: ${{ matrix.repo }}
          path: ${{ github.workspace }}/repo
@@ -75,7 +75,7 @@ jobs:
    runs-on: ubuntu-latest
    needs: measure
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: actions/download-artifact@v4
        with:
          name: measurements
--- a/.github/workflows/ql-for-ql-tests.yml
+++ b/.github/workflows/ql-for-ql-tests.yml
@@ -24,7 +24,7 @@ jobs:
  qltest:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Find codeql
        id: find-codeql
        uses: github/codeql-action/init@main
@@ -64,7 +64,7 @@ jobs:
    needs: [qltest]
    runs-on: ${{ matrix.os }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Install GNU tar
        if: runner.os == 'macOS'
        run: |
--- a/.github/workflows/query-list.yml
+++ b/.github/workflows/query-list.yml
@@ -23,7 +23,7 @@ jobs:

    steps:
    - name: Clone self (github/codeql)
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
      with:
        path: codeql 
    - name: Set up Python 3.8
--- a/.github/workflows/ruby-build.yml
+++ b/.github/workflows/ruby-build.yml
@@ -47,7 +47,7 @@ jobs:
    runs-on: ${{ matrix.os }}

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Install GNU tar
        if: runner.os == 'macOS'
        run: |
@@ -113,7 +113,7 @@ jobs:
    if: github.repository_owner == 'github'
    runs-on: ubuntu-latest-xl
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Fetch CodeQL
        uses: ./.github/actions/fetch-codeql
      - name: Cache compilation cache
@@ -146,7 +146,7 @@ jobs:
    runs-on: ubuntu-latest
    needs: [build, compile-queries]
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: actions/download-artifact@v4
        with:
          name: ruby.dbscheme
@@ -209,7 +209,7 @@ jobs:
    runs-on: ${{ matrix.os }}
    needs: [package]
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Fetch CodeQL
        uses: ./.github/actions/fetch-codeql

--- a/.github/workflows/ruby-dataset-measure.yml
+++ b/.github/workflows/ruby-dataset-measure.yml
@@ -30,14 +30,14 @@ jobs:
        repo: [rails/rails, discourse/discourse, spree/spree, ruby/ruby]
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5

      - uses: ./.github/actions/fetch-codeql

      - uses: ./ruby/actions/create-extractor-pack

      - name: Checkout ${{ matrix.repo }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
        with:
          repository: ${{ matrix.repo }}
          path: ${{ github.workspace }}/repo
@@ -62,7 +62,7 @@ jobs:
    runs-on: ubuntu-latest
    needs: measure
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: actions/download-artifact@v4
        with:
          path: stats
--- a/.github/workflows/ruby-qltest-rtjo.yml
+++ b/.github/workflows/ruby-qltest-rtjo.yml
@@ -25,7 +25,7 @@ jobs:
    strategy:
      fail-fast: false
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: ./.github/actions/fetch-codeql
      - uses: ./ruby/actions/create-extractor-pack
      - name: Cache compilation cache
--- a/.github/workflows/ruby-qltest.yml
+++ b/.github/workflows/ruby-qltest.yml
@@ -36,7 +36,7 @@ jobs:
  qlupgrade:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: ./.github/actions/fetch-codeql
      - name: Check DB upgrade scripts
        run: |
@@ -58,7 +58,7 @@ jobs:
    strategy:
      fail-fast: false
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: ./.github/actions/fetch-codeql
      - uses: ./ruby/actions/create-extractor-pack
      - name: Cache compilation cache
--- a/.github/workflows/rust-analysis.yml
+++ b/.github/workflows/rust-analysis.yml
@@ -35,7 +35,7 @@ jobs:

    steps:
    - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5

    - name: Query latest nightly CodeQL bundle
      shell: bash
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@@ -30,7 +30,7 @@ jobs:
        working-directory: rust/ast-generator
    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Inject sources
        shell: bash
        run: |
@@ -53,7 +53,7 @@ jobs:
        working-directory: rust/extractor
    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Format
        shell: bash
        run: |
@@ -69,7 +69,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Install CodeQL
        uses: ./.github/actions/fetch-codeql
      - name: Code generation
--- a/.github/workflows/swift.yml
+++ b/.github/workflows/swift.yml
@@ -36,7 +36,7 @@ jobs:
      fail-fast: false
    runs-on: ${{ matrix.runner }}
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Setup (Linux)
        if: runner.os == 'Linux'
        run: |
@@ -53,7 +53,7 @@ jobs:
  clang-format:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507
        name: Check that python code is properly formatted
        with:
@@ -61,7 +61,7 @@ jobs:
  codegen:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - uses: ./.github/actions/fetch-codeql
      - uses: pre-commit/action@646c83fcd040023954eafda54b4db0192ce70507
        name: Check that QL generated code was checked in
@@ -77,6 +77,6 @@ jobs:
  check-no-override:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Check that no override is present in load.bzl
        run: bazel test ... --test_tag_filters=override --test_output=errors
--- a/.github/workflows/sync-files.yml
+++ b/.github/workflows/sync-files.yml
@@ -17,7 +17,7 @@ jobs:
  sync:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Check synchronized files
        run: python config/sync-files.py
      - name: Check dbscheme fragments
--- a/.github/workflows/tree-sitter-extractor-test.yml
+++ b/.github/workflows/tree-sitter-extractor-test.yml
@@ -30,7 +30,7 @@ jobs:
  test:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Check formatting
        run: cargo fmt -- --check
      - name: Run tests
@@ -38,12 +38,12 @@ jobs:
  fmt:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Check formatting
        run: cargo fmt --check
  clippy:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Run clippy
        run: cargo clippy -- --no-deps -D warnings -A clippy::new_without_default -A clippy::too_many_arguments
--- a/.github/workflows/validate-change-notes.yml
+++ b/.github/workflows/validate-change-notes.yml
@@ -23,7 +23,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5

      - name: Setup CodeQL
        uses: ./.github/actions/fetch-codeql
--- a/.github/workflows/zipmerge-test.yml
+++ b/.github/workflows/zipmerge-test.yml
@@ -18,6 +18,6 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - run: |
          bazel test //misc/bazel/internal/zipmerge:test --test_output=all