replicatedhq · dependabot · Nov 24, 2025
diff --git a/.github/workflows/daily-scan.yaml b/.github/workflows/daily-scan.yaml
@@ -15,7 +15,7 @@ jobs:
       security-events: write # For uploading SARIF results
     steps:
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Run Trivy vulnerability scanner in repo mode
         uses: aquasecurity/trivy-action@master

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -21,7 +21,7 @@ jobs:
       previous-tag: ${{ steps.get-tags.outputs.previous-tag }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Get tags
         id: get-tags
@@ -47,7 +47,7 @@ jobs:
     if: github.ref_type != 'branch'
     steps:
     - name: Checkout
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
 
     - name: Generate Release Notes PR
       env:
@@ -65,7 +65,7 @@ jobs:
     outputs:
       digest: ${{ steps.dagger-publish.outputs.stdout }}
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
@@ -89,7 +89,7 @@ jobs:
     outputs:
       digest: ${{ steps.dagger-publish.outputs.stdout }}
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3

diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
@@ -19,7 +19,7 @@ jobs:
   validate:
     runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: dagger/[email protected]
         env:
           OP_SERVICE_ACCOUNT: ${{ secrets.OP_SERVICE_ACCOUNT }}