Skip to content

[Sync] Update project files from source repository (f7c6655)#116

Merged
mrz1836 merged 1 commit into
masterfrom
chore/sync-files-bsv-blockchain-sdks-20260603-154514-f7c6655
Jun 3, 2026
Merged

[Sync] Update project files from source repository (f7c6655)#116
mrz1836 merged 1 commit into
masterfrom
chore/sync-files-bsv-blockchain-sdks-20260603-154514-f7c6655

Conversation

@mrz1836
Copy link
Copy Markdown
Contributor

@mrz1836 mrz1836 commented Jun 3, 2026

What Changed

  • Updated actions/checkout action from v6.0.2 (commit de0fac2e) to v6.0.3 (commit df4cb1c0) across multiple workflow files and the warm-cache action
  • Updated gitleaks/gitleaks-action from v2.3.9 (commit ff98106e) to v3.0.0 (commit e0c47f4f) in the fortress-security-scans workflow
  • Bumped GOVULNCHECK_GO_VERSION from 1.26.3 to 1.26.4 in .github/env/00-core.env
  • Applied the actions/checkout update consistently across 21 workflow and action files throughout the .github directory

Why It Was Necessary

  • Updating to the latest actions/checkout version ensures access to bug fixes, security patches, and improvements in the checkout action
  • The gitleaks-action v3.0.0 upgrade addresses the Node.js 20 deprecation warning mentioned in the inline comment, as the new version includes Node.js 24 support
  • Keeping the govulncheck Go version current ensures vulnerability scanning uses the latest Go toolchain with the most recent security fixes

Testing Performed

  • Verify all GitHub Actions workflows execute successfully with the updated action versions
  • Confirm the gitleaks security scan completes without Node.js deprecation warnings using v3.0.0
  • Validate that govulncheck runs properly with Go 1.26.4 and produces expected vulnerability reports
  • Ensure checkout operations function correctly across all conditional paths in the warm-cache action (module cache hit/miss scenarios)

Impact / Risk

  • Breaking Change: None - these are patch/minor version updates to actions that maintain backward compatibility
  • Risk: Low - actions/checkout is a well-tested, stable action and the version change is incremental; gitleaks v3.0.0 is a major version but primarily updates the runtime environment
  • CI/CD Impact: Positive - eliminates Node.js 20 deprecation warnings and ensures compatibility with GitHub Actions' latest runtime requirements

@mrz1836 mrz1836 self-assigned this Jun 3, 2026
@mrz1836 mrz1836 added automated-sync Automated sync PR, e.g. from a fork or external repo automerge Label to automatically merge pull requests that meet all required conditions chore Simple dependency updates or version bumps labels Jun 3, 2026
@github-actions github-actions Bot added update General updates size/M Medium change (51–200 lines) labels Jun 3, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Jun 3, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@mrz1836
Copy link
Copy Markdown
Contributor Author

mrz1836 commented Jun 3, 2026

LGTM!

@mrz1836 mrz1836 merged commit 636dbb4 into master Jun 3, 2026
18 checks passed
@github-actions github-actions Bot deleted the chore/sync-files-bsv-blockchain-sdks-20260603-154514-f7c6655 branch June 3, 2026 19:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@mrz1836 mrz1836

Labels

automated-sync Automated sync PR, e.g. from a fork or external repo automerge Label to automatically merge pull requests that meet all required conditions chore Simple dependency updates or version bumps size/M Medium change (51–200 lines) update General updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mrz1836