chore(deps): update actions/checkout action to v7 #2

Merged
neureka merged 1 commit from renovate/actions-checkout-7.x into main 2026-06-20 00:00:12 +00:00
Collaborator

This PR contains the following updates:

Package Type Update Change
actions/checkout action major v6v7

Release Notes

actions/checkout (actions/checkout)

v7.0.0

Compare Source

v7

Compare Source


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

Codex Bot Review

Status: No issues found
Risk: Low
Reviewed: 26ae64caf93613892c784126bca477917abb0126...09454acc3ea53263b16ae846847a0f4e4e875414
Trigger: automatic
Updated: 2026-06-19T00:01:08.2561128+00:00

Summary

No blocking or material issues were found in the reviewed changes. The review focused on the Forgejo Renovate workflow dependency update, including workflow correctness, compatibility risk, and test impact.

Walkthrough

Area What changed Review notes
.forgejo/workflows/renovate.yaml Updated actions/checkout from v6 to v7 in the Renovate job. No material issue found.

Findings

No findings.

Confidence Score: 4/5

This is a small, contained workflow dependency update with limited blast radius. Merge confidence is high assuming the Forgejo Actions environment can resolve and run actions/checkout@v7; the workflow itself was not executed in this review context.

Suggested validation

  • Run the Renovate workflow once in Forgejo Actions and confirm the checkout step completes before renovate runs.

Not reviewed

  • Target repository tests/builds were not run by Codex Bot.
  • Runtime availability and compatibility of actions/checkout@v7 in the Forgejo runner environment were not independently verified.

Reviews (1): Last reviewed commit: chore(deps): update actions/checkout action t...

Generated by Codex Bot. This block is replaced on each review run.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://github.com/actions/checkout) | action | major | `v6` → `v7` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v7.0.0`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700) [Compare Source](https://github.com/actions/checkout/compare/v7.0.0...v7.0.0) - Block checking out fork PR for pull\_request\_target and workflow\_run by [@&#8203;aiqiaoy](https://github.com/aiqiaoy) in [#&#8203;2454](https://github.com/actions/checkout/pull/2454) - Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2458](https://github.com/actions/checkout/pull/2458) - Bump flatted from 3.3.1 to 3.4.2 by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2460](https://github.com/actions/checkout/pull/2460) - Bump js-yaml from 4.1.0 to 4.2.0 by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2461](https://github.com/actions/checkout/pull/2461) - Bump [@&#8203;actions/core](https://github.com/actions/core) and [@&#8203;actions/tool-cache](https://github.com/actions/tool-cache) and Remove uuid by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2459](https://github.com/actions/checkout/pull/2459) - upgrade module to esm and update dependencies by [@&#8203;aiqiaoy](https://github.com/aiqiaoy) in [#&#8203;2463](https://github.com/actions/checkout/pull/2463) - Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2462](https://github.com/actions/checkout/pull/2462) ### [`v7`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v700) [Compare Source](https://github.com/actions/checkout/compare/v6.0.3...v7.0.0) - Block checking out fork PR for pull\_request\_target and workflow\_run by [@&#8203;aiqiaoy](https://github.com/aiqiaoy) in [#&#8203;2454](https://github.com/actions/checkout/pull/2454) - Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2458](https://github.com/actions/checkout/pull/2458) - Bump flatted from 3.3.1 to 3.4.2 by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2460](https://github.com/actions/checkout/pull/2460) - Bump js-yaml from 4.1.0 to 4.2.0 by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2461](https://github.com/actions/checkout/pull/2461) - Bump [@&#8203;actions/core](https://github.com/actions/core) and [@&#8203;actions/tool-cache](https://github.com/actions/tool-cache) and Remove uuid by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2459](https://github.com/actions/checkout/pull/2459) - upgrade module to esm and update dependencies by [@&#8203;aiqiaoy](https://github.com/aiqiaoy) in [#&#8203;2463](https://github.com/actions/checkout/pull/2463) - Bump the minor-npm-dependencies group across 1 directory with 3 updates by [@&#8203;dependabot](https://github.com/dependabot)\[bot] in [#&#8203;2462](https://github.com/actions/checkout/pull/2462) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMjAuMCIsInVwZGF0ZWRJblZlciI6IjQzLjIyMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> <!-- codex-review:start --> ## Codex Bot Review **Status:** No issues found **Risk:** Low **Reviewed:** `26ae64caf93613892c784126bca477917abb0126...09454acc3ea53263b16ae846847a0f4e4e875414` **Trigger:** `automatic` **Updated:** `2026-06-19T00:01:08.2561128+00:00` ### Summary No blocking or material issues were found in the reviewed changes. The review focused on the Forgejo Renovate workflow dependency update, including workflow correctness, compatibility risk, and test impact. ### Walkthrough | Area | What changed | Review notes | | --- | --- | --- | | `.forgejo/workflows/renovate.yaml` | Updated `actions/checkout` from `v6` to `v7` in the Renovate job. | No material issue found. | ### Findings No findings. ### Confidence Score: 4/5 This is a small, contained workflow dependency update with limited blast radius. Merge confidence is high assuming the Forgejo Actions environment can resolve and run `actions/checkout@v7`; the workflow itself was not executed in this review context. ### Suggested validation - Run the Renovate workflow once in Forgejo Actions and confirm the checkout step completes before `renovate` runs. ### Not reviewed - Target repository tests/builds were not run by Codex Bot. - Runtime availability and compatibility of `actions/checkout@v7` in the Forgejo runner environment were not independently verified. <sub>Reviews (1): Last reviewed commit: [chore(deps): update actions/checkout action t...](https://code.neureka.dev/forgejo/renovate/commit/09454acc3ea53263b16ae846847a0f4e4e875414)</sub><br> <sub>Generated by Codex Bot. This block is replaced on each review run.</sub> <!-- codex-review:end -->
neureka deleted branch renovate/actions-checkout-7.x 2026-06-20 00:00:12 +00:00
Sign in to join this conversation.
No description provided.