Bump actions/checkout from 5 to 6 (#1854)

dependabot[bot] · bkoelman · web-flow · commit 01887b70c356 · 2025-11-23T16:04:04.000+01:00
* Bump actions/checkout from 5 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * Do not persist GHA credentials on checkout --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Bart Koelman <10324372+bkoelman@users.noreply.github.com>
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -57,7 +57,9 @@ jobs:
         psql --version
         Write-Host "Active .NET SDK: $(dotnet --version)"
     - name: Git checkout
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
+      with:
+        persist-credentials: false
     - name: Restore tools
       run: dotnet tool restore
     - name: Restore packages
@@ -165,7 +167,9 @@ jobs:
           9.0.*
           10.0.*
     - name: Git checkout
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
+      with:
+        persist-credentials: false
     - name: Restore tools
       run: dotnet tool restore
     - name: InspectCode
@@ -226,8 +230,9 @@ jobs:
           9.0.*
           10.0.*
     - name: Git checkout
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
       with:
+        persist-credentials: false
         fetch-depth: 2
     - name: Restore tools
       run: dotnet tool restore
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -30,7 +30,9 @@ jobs:
           9.0.*
           10.0.*
     - name: Git checkout
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
+      with:
+        persist-credentials: false
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v4
       with:
diff --git a/.github/workflows/deps-review.yml b/.github/workflows/deps-review.yml
@@ -8,7 +8,9 @@ jobs:
   dependency-review:
     runs-on: ubuntu-latest
     steps:
-      - name: 'Checkout Repository'
-        uses: actions/checkout@v5
-      - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v4
+    - name: 'Checkout Repository'
+      uses: actions/checkout@v6
+      with:
+        persist-credentials: false
+    - name: 'Dependency Review'
+      uses: actions/dependency-review-action@v4
diff --git a/.github/workflows/qodana.yml b/.github/workflows/qodana.yml
@@ -29,8 +29,9 @@ jobs:
           9.0.*
           10.0.*
     - name: Git checkout
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
       with:
+        persist-credentials: false
         ref: ${{ github.event.pull_request.head.sha }}  # to check out the actual pull request commit, not the merge commit
         fetch-depth: 0  # a full history is required for pull request analysis
     - name: Restore tools
