containerd · dependabot · Aug 19, 2025
diff --git a/.github/workflows/action-build.yml b/.github/workflows/action-build.yml
@@ -40,7 +40,7 @@
       - name: describe runner
         run: |
           echo "::notice::Running job with os: '${{ inputs.os }}', arch: '${{ inputs.arch }}', slug: '${{ inputs.slug }}', runtime: '${{ inputs.runtime }}', target: '${{ inputs.target }}'"
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: ./.github/actions/setup-env
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         env:

diff --git a/.github/workflows/action-check.yml b/.github/workflows/action-check.yml
@@ -17,7 +17,7 @@
     name: lint on ${{ inputs.os }}
     runs-on: ${{ inputs.os }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         with:
           components: rustfmt, clippy

diff --git a/.github/workflows/action-test-image.yml b/.github/workflows/action-test-image.yml
@@ -14,7 +14,7 @@
     name: build test ${{ inputs.image }}
     runs-on: "ubuntu-latest"
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: build
         run: make dist/${{ inputs.image }}.tar
       - name: Upload artifacts

diff --git a/.github/workflows/action-test-k3s.yml b/.github/workflows/action-test-k3s.yml
@@ -17,7 +17,7 @@
     name: e2e k3s test on ${{ inputs.os }}
     runs-on: ${{ inputs.os }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: ./.github/actions/setup-env
       - name: Download artifacts
         uses: actions/download-artifact@master

diff --git a/.github/workflows/action-test-kind.yml b/.github/workflows/action-test-kind.yml
@@ -23,7 +23,7 @@
     name: e2e kind test on ${{ inputs.os }} with ${{ inputs.image }}
     runs-on: ${{ inputs.os }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: ./.github/actions/setup-env
       - name: Download artifacts
         uses: actions/download-artifact@master

diff --git a/.github/workflows/action-test-smoke.yml b/.github/workflows/action-test-smoke.yml
@@ -17,7 +17,7 @@
     name: smoke test on ${{ inputs.os }}
     runs-on: ${{ inputs.os }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: ./.github/actions/setup-env
       - name: Download artifacts
         uses: actions/download-artifact@master

diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml
@@ -24,7 +24,7 @@
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         with:
           rustflags: '' #Disable.  By default this action sets environment variable is set to -D warnings.  We manage this in the Makefile
@@ -58,7 +58,7 @@
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         with:
           rustflags: '' #Disable.  By default this action sets environment variable is set to -D warnings.  We manage this in the Makefile
@@ -95,7 +95,7 @@
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         with:
           rustflags: '' #Disable.  By default this action sets environment variable is set to -D warnings.  We manage this in the Makefile
@@ -128,7 +128,7 @@
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions-rust-lang/setup-rust-toolchain@v1
         with:
           rustflags: '' #Disable.  By default this action sets environment variable is set to -D warnings.  We manage this in the Makefile

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -23,7 +23,7 @@
     runs-on: ubuntu-latest
     if: ${{ github.event_name == 'pull_request' }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/dependency-review-action@v4
 
   check:
@@ -158,7 +158,7 @@
     name: docs
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v5
     - uses: ./.github/actions/setup-env
     - uses: actions-rust-lang/setup-rust-toolchain@v1
     - uses: Swatinem/rust-cache@v2
@@ -171,7 +171,7 @@
     name: unused dependencies
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v5
     - uses: actions-rust-lang/setup-rust-toolchain@v1
     - uses: Swatinem/rust-cache@v2
     - name: Check unused dependencies
@@ -181,7 +181,7 @@
     name: spell check with typos
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v5
     - name: Spell Check Repo
       uses: crate-ci/typos@master
 
@@ -193,7 +193,7 @@
     timeout-minutes: 15
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v5
     - uses: lycheeverse/lychee-action@5c4ee84814c983aa7164eaee476f014e53ff3963 # v2.5.0
       with:
         fail: false # don't fail the build on broken links

diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -14,7 +14,7 @@
     outputs:
       dirs: ${{ steps.filter.outputs.changes }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: dorny/paths-filter@v3
         id: filter
         with:
@@ -28,7 +28,7 @@
     concurrency:
       group: ${{ github.workflow }}-${{ github.ref }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions-rust-lang/setup-rust-toolchain@v1
       - name: install mermaid preprocessor
         run: cargo install mdbook mdbook-mermaid

diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
@@ -12,7 +12,7 @@
     runs-on: ubuntu-latest
     timeout-minutes: 5
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/labeler@v5
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}

diff --git a/.github/workflows/release-wasi-demo-app.yml b/.github/workflows/release-wasi-demo-app.yml
@@ -30,7 +30,7 @@
       wasi_demo_oci_artifact: ${{ steps.get_digests.outputs.wasi_demo_oci_artifact }}
       wasi_demo_http: ${{ steps.get_digests.outputs.wasi_demo_http }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: ./.github/actions/setup-env
       - name: Install Rust and wasm32-wasi target
         uses: actions-rs/toolchain@v1

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -56,7 +56,7 @@
         run: |
           echo "::error::This workflow should not be triggered with workflow_dispatch on a branch other than main"
           exit 1
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       ### Determine the name of the runtime and if it is a binary release or crates.io
       - name: verify version input
         uses: actions/github-script@v7
@@ -132,7 +132,7 @@
       - name: Matrix description
         run: |
           echo "::notice::Running job with dry_run: '${{ inputs.dry_run }}', crate: '${{ matrix.crate }}', version: '${{ matrix.version }}', runtime: '${{ matrix.runtime }}', and is_shim: '${{ matrix.is_shim }}'."
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: ./.github/actions/setup-env
       - name: Download artifacts
         if: ${{ matrix.is_shim == 'true' }}

diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml
@@ -21,7 +21,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.2.2
         with:
           persist-credentials: false