Skip to content

[Sync] Update project files from source repository (f7c6655)#101

Merged
mrz1836 merged 1 commit into
masterfrom
chore/sync-files-bsv-blockchain-sdks-20260603-154442-f7c6655
Jun 3, 2026
Merged

[Sync] Update project files from source repository (f7c6655)#101
mrz1836 merged 1 commit into
masterfrom
chore/sync-files-bsv-blockchain-sdks-20260603-154442-f7c6655

Conversation

@mrz1836
Copy link
Copy Markdown
Collaborator

@mrz1836 mrz1836 commented Jun 3, 2026

What Changed

  • Updated actions/checkout from commit de0fac2e4500dabe0009e67214ff5f5447ce83dd (v6.0.2) to commit df4cb1c069e1874edd31b4311f1884172cec0e10 (v6.0.3) across 21 workflow and action files
  • Updated GOVULNCHECK_GO_VERSION from 1.26.3 to 1.26.4 in .github/env/00-core.env
  • Changes applied consistently across all GitHub Actions workflows including fortress-benchmarks, codeql-analysis, dependabot-auto-merge, fortress-pre-commit, fortress-release, fortress-coverage, fortress-code-quality, auto-merge-on-approval, fortress-completion-report, fortress-security-scans, fortress-setup-config, fortress-test-fuzz, fortress-test-matrix, fortress-warm-cache, fortress-test-suite, pull-request-management, stale-check, scorecard, sync-labels, and the warm-cache action

Why It Was Necessary

  • Keeps GitHub Actions dependencies up to date with the latest v6.0.3 release of the checkout action for security patches and bug fixes
  • Updates the govulncheck Go version to 1.26.4 to ensure vulnerability scanning uses the latest Go toolchain with recent security fixes
  • Maintains consistency across all CI/CD workflows by applying the same version updates uniformly

Testing Performed

  • Version updates to actions/checkout v6.0.3 will be validated automatically when CI workflows execute on this PR
  • The govulncheck Go version update will be tested during security scanning workflow execution
  • All existing workflow tests and checks will verify compatibility with the updated action and Go versions

Impact / Risk

  • Low Risk: Patch version updates (v6.0.2 → v6.0.3 and Go 1.26.3 → 1.26.4) typically contain only bug fixes and security patches without breaking changes
  • No Breaking Changes: The checkout action v6.0.3 and Go 1.26.4 maintain backward compatibility with previous patch versions
  • Positive Impact: Ensures CI/CD pipeline benefits from latest security fixes and improvements in both the checkout action and Go toolchain

@mrz1836 mrz1836 self-assigned this Jun 3, 2026
@mrz1836 mrz1836 added automated-sync Automated sync PR, e.g. from a fork or external repo automerge Label to automatically merge pull requests that meet all required conditions chore Simple dependency updates or version bumps labels Jun 3, 2026
@github-actions github-actions Bot added update General updates size/M Medium change (51–200 lines) labels Jun 3, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Jun 3, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@mrz1836
Copy link
Copy Markdown
Collaborator Author

mrz1836 commented Jun 3, 2026

LGTM!

@mrz1836 mrz1836 merged commit 06ae337 into master Jun 3, 2026
23 checks passed
@github-actions github-actions Bot deleted the chore/sync-files-bsv-blockchain-sdks-20260603-154442-f7c6655 branch June 3, 2026 19:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@mrz1836 mrz1836

Labels

automated-sync Automated sync PR, e.g. from a fork or external repo automerge Label to automatically merge pull requests that meet all required conditions chore Simple dependency updates or version bumps size/M Medium change (51–200 lines) update General updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mrz1836