Skip to content

chore(deps): bump actions/checkout from 4 to 5 #243

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore(deps): bump actions/checkout from 4 to 5 #243

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 12, 2025

Bumps actions/checkout from 4 to 5.

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

New Contributors

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump actions/checkout from 4 to 5
4f3b32c 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Aug 12, 2025
@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Aug 12, 2025
edited
Loading

Deploying redot-website with  Cloudflare Pages  Cloudflare Pages

Latest commit: 4f3b32c
Status: ✅  Deploy successful!
Preview URL: https://735c0c99.redot-website.pages.dev
Branch Preview URL: https://dependabot-github-actions-ac-dma7.redot-website.pages.dev

View logs

@dependabot dependabot bot added the github_actions Pull requests that update GitHub Actions code label Aug 12, 2025
@sonarqubecloud
Copy link

sonarqubecloud bot commented Aug 12, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Aug 12, 2025
edited
Loading

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Updated (UTC)
❌ Deployment failed
View logs		 main-website 4f3b32c Aug 12 2025, 08:15 AM

greptile-apps[bot]
greptile-apps bot reviewed Aug 12, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Greptile Summary

This PR updates the actions/checkout action from version 4 to version 5 across three GitHub Actions workflow files in the Redot website repository. The upgrade is part of routine dependency maintenance and brings Node.js 24 runtime support to the checkout action.

The changes are made in:

  • .github/workflows/ci.yml - Updates checkout in both the lint and build jobs that handle code quality checks and Next.js application building
  • .github/workflows/pr-coauthor.yml - Updates checkout in the workflow that automatically adds co-authors to pull requests based on issue comments
  • .github/workflows/welcome-bot.yml - Updates checkout in the welcome bot workflow

The primary benefit of actions/checkout@v5 is the migration to Node.js 24, which provides improved performance, security updates, and better compatibility with modern GitHub Actions infrastructure. This change maintains full backward compatibility with existing workflow functionality while ensuring the repository uses supported and current action versions. The upgrade aligns with GitHub's recommended practices for maintaining secure and efficient CI/CD pipelines.

All three workflows currently run on recent Ubuntu runners (ubuntu-24.04 or ubuntu-latest), which are compatible with the new Node.js 24 requirement and meet the minimum runner version (v2.327.1) specified in the release notes.

Confidence score: 4/5

  • This PR is safe to merge with minimal risk as it's a routine dependency update to a widely-used, stable GitHub action
  • Score reflects the straightforward nature of the version bump and the fact that all workflows use compatible Ubuntu runners
  • Pay close attention to CI workflow execution to ensure the Node.js 24 runtime works correctly with the existing build processes

3 files reviewed, no comments

Edit Code Review Bot Settings | Greptile

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 21, 2025

Superseded by #266.

@dependabot dependabot bot closed this Nov 21, 2025
@dependabot dependabot bot deleted the dependabot/github_actions/actions/checkout-5 branch November 21, 2025 23:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file feature fix github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant