chore(deps): update actions/checkout action to v6

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/checkout	action	major	v5 → v6

---

Release Notes

actions/checkout (actions/checkout)

v6.0.2

Compare Source

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in #​2356

v6.0.1

Compare Source

v6-beta

Compare Source

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v6.0.0

Compare Source

v6

Compare Source

v5.0.1

Compare Source

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in #​2301

Full Changelog: actions/checkout@v5...v5.0.1

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

📝 Walkthrough

Walkthrough

Two GitHub Actions workflows are updated to use actions/checkout@v6 instead of actions/checkout@v5. These are straightforward action version bumps with no changes to workflow logic or structure.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflows .github/workflows/build-docker.yml, .github/workflows/build.yml	Updated actions/checkout action from v5 to v6 in repository checkout steps.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 Hop, skip, and a version jump!
v5 makes way for v6's bump,
Checkout actions now run new,
Fresh workflows through and through! 🎉

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: updating the actions/checkout GitHub Action from v5 to v6 across workflow files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/actions-checkout-6.x

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/build.yml:
- Line 17: Upgrade to actions/checkout@v6 may break scripts that expect
credentials in .git/config and requires runner v2.329.0+ for Docker container
actions that perform authenticated git; audit the workflow referencing
actions/checkout@v6 and ensure no downstream steps read credentials from
.git/config (update them to use runner-provided credential files or use the
checkout input that preserves credentials if supported), and confirm your
runners are v2.329.0 or newer (or pin back to actions/checkout@v5) if you cannot
upgrade runners or container actions that run authenticated git.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 03ed933e-25f2-45db-aa63-703c4d6422a8

📥 Commits

Reviewing files that changed from the base of the PR and between ea3e6d3 and 3abc05d.

📒 Files selected for processing (2)

• .github/workflows/build-docker.yml
• .github/workflows/build.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🌐 Web query:

actions/checkout v6 release notes breaking changes migration guide

💡 Result:

actions/checkout v6 — release notes / breaking changes / migration

Release notes (v6.0.0)

GitHub release v6.0.0 lists these main changes: README updates (incl. Node.js runtime notes), and a credentials persistence change (“persist creds to a separate file”). [1]

Breaking / behavior-changing items in v6

• persist-credentials storage location changed: credentials are no longer written into the repo’s .git/config; they’re stored in a separate config file under $RUNNER_TEMP (using Git includeIf), primarily to improve credential security. This can break workflows/scripts that read or expect the token to appear in .git/config. [2][3]
• Runner requirement (Docker container actions + authenticated git): if you run authenticated git commands from a Docker container action, you need GitHub Actions Runner v2.329.0+ for the persisted credentials to be accessible. [2]
• (Related background) Node.js runtime requirements: the repo README notes prior major versions moved runtimes (e.g., v5 → node24 requiring Runner v2.327.1+). If you’re upgrading from older runners/self-hosted environments, validate your runner is current. [2]

Migration guide (what to do)

1. Bump the major version in workflows:

   - uses: actions/checkout@v6

   [2]
2. If you use Docker container actions and rely on checkout auth inside the container, upgrade your runner to v2.329.0 or later. [2]
3. If you had custom logic that inspects .git/config for credentials, update it (credentials are now included from a separate file; the implementation uses Git’s include mechanism). [3]

Sources: [1] actions/checkout v6.0.0 release entry, [2] actions/checkout README (“Checkout v6 / What’s new”), [3] PR #2286 (credential persistence refactor).

---

Review actions/checkout v6 breaking changes and verify runner compatibility.

Upgrading to v6 introduces breaking changes from v5:

• Credentials are no longer persisted to .git/config but stored in a separate file (under $RUNNER_TEMP). If your workflow or scripts read credentials from .git/config, this will break.
• Docker container actions using authenticated git commands require GitHub Actions Runner v2.329.0 or later for credential access.
• Node.js runtime has been updated; ensure your runners are current (v2.327.1+).

For this simple checkout usage (no parameters), verify that:

1. No downstream steps expect credentials in .git/config
2. If using Docker container actions with git operations, your runners meet v2.329.0+ requirement
3. Your runner environment is up to date

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.github/workflows/build.yml at line 17, Upgrade to actions/checkout@v6 may
break scripts that expect credentials in .git/config and requires runner
v2.329.0+ for Docker container actions that perform authenticated git; audit the
workflow referencing actions/checkout@v6 and ensure no downstream steps read
credentials from .git/config (update them to use runner-provided credential
files or use the checkout input that preserves credentials if supported), and
confirm your runners are v2.329.0 or newer (or pin back to actions/checkout@v5)
if you cannot upgrade runners or container actions that run authenticated git.