manavgup · dependabot · Oct 25, 2025
diff --git a/.github/workflows/01-lint.yml b/.github/workflows/01-lint.yml
@@ -166,7 +166,7 @@ jobs:
 
     steps:
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: 🐍 Set up Python 3.12
         if: |

diff --git a/.github/workflows/02-security.yml b/.github/workflows/02-security.yml
@@ -28,7 +28,7 @@ jobs:
     steps:
       # 0️⃣ Checkout source code with full history for secret scanning
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0  # Need full history to scan all commits
 
@@ -46,7 +46,7 @@ jobs:
     steps:
       # 0️⃣ Checkout source code with full history
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0  # Need full history for differential scanning
 
@@ -66,7 +66,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: 🔍 Scan Python dependencies (pyproject.toml, poetry.lock)
         uses: aquasecurity/trivy-action@master
@@ -90,7 +90,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: 🔍 Scan Node dependencies (package.json, package-lock.json)
         uses: aquasecurity/trivy-action@master

diff --git a/.github/workflows/03-build-secure.yml b/.github/workflows/03-build-secure.yml
@@ -47,7 +47,7 @@ jobs:
 
     steps:
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: 🧹 Free Up Disk Space
         run: |

diff --git a/.github/workflows/04-pytest.yml b/.github/workflows/04-pytest.yml
@@ -55,7 +55,7 @@ jobs:
 
       # 1️⃣ Checkout source code
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       # 2️⃣ Setup Python environment
       - name: 🐍 Set up Python

diff --git a/.github/workflows/05-ci.yml b/.github/workflows/05-ci.yml
@@ -29,7 +29,7 @@ jobs:
   test-isolation:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Set up Python
         uses: actions/setup-python@v4
@@ -84,7 +84,7 @@ jobs:
       EMBEDDING_MODEL: sentence-transformers/all-minilm-l6-v2
       DATA_DIR: /tmp/test-data
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Set up Python
         uses: actions/setup-python@v4

diff --git a/.github/workflows/06-weekly-security-audit.yml b/.github/workflows/06-weekly-security-audit.yml
@@ -30,7 +30,7 @@ jobs:
 
     steps:
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: 🧹 Free Up Disk Space
         run: |
@@ -122,7 +122,7 @@ jobs:
     if: always()
     steps:
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: 📥 Download Security Reports
         uses: actions/download-artifact@v4

diff --git a/.github/workflows/07-frontend-lint.yml b/.github/workflows/07-frontend-lint.yml
@@ -33,7 +33,7 @@ jobs:
     steps:
       # 0️⃣ Checkout source code
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       # 1️⃣ Setup Node.js environment
       - name: 📦 Setup Node.js

diff --git a/.github/workflows/ai-issue-triage.yml b/.github/workflows/ai-issue-triage.yml
@@ -31,7 +31,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
 

diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml
@@ -27,7 +27,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 1
 

diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml
@@ -31,7 +31,7 @@ jobs:
       actions: read
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 1
 

diff --git a/.github/workflows/codespace-testing.yml b/.github/workflows/codespace-testing.yml
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Setup GitHub CLI
         run: |

diff --git a/.github/workflows/deploy_code_engine.yml b/.github/workflows/deploy_code_engine.yml
@@ -29,7 +29,7 @@ jobs:
       security-events: write
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
@@ -60,7 +60,7 @@ jobs:
       security-events: write
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
@@ -89,7 +89,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up IBM Cloud CLI
         uses: ibm-cloud/sdk-action@v1
@@ -131,7 +131,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up IBM Cloud CLI
         uses: ibm-cloud/sdk-action@v1

diff --git a/.github/workflows/deploy_complete_app.yml b/.github/workflows/deploy_complete_app.yml
@@ -103,7 +103,7 @@
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up IBM Cloud CLI
         run: |
@@ -146,7 +146,7 @@
       security-events: write
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
@@ -178,7 +178,7 @@
       security-events: write
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
@@ -197,7 +197,7 @@
          file: ./frontend/Dockerfile.frontend
          platforms: linux/amd64
          push: true
          tags: ${{ env.IBM_CLOUD_REGION }}.icr.io/${{ env.CR_NAMESPACE }}/${{ env.FRONTEND_APP_NAME }}:${{ github.sha }}
          cache-from: type=gha
          cache-to: type=gha,mode=max

@@ -210,12 +210,12 @@
       security-events: write
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Run Trivy vulnerability scanner (Backend)
         uses: aquasecurity/trivy-action@master
        with:
          image-ref: ${{ env.IBM_CLOUD_REGION }}.icr.io/${{ env.CR_NAMESPACE }}/${{ env.BACKEND_APP_NAME }}:${{ github.sha }}
          format: 'sarif'
          output: 'trivy-backend-results.sarif'

@@ -228,7 +228,7 @@
      - name: Run Trivy vulnerability scanner (Backend - Table)
        uses: aquasecurity/trivy-action@master
        with:
          image-ref: ${{ env.IBM_CLOUD_REGION }}.icr.io/${{ env.CR_NAMESPACE }}/${{ env.BACKEND_APP_NAME }}:${{ github.sha }}
          format: 'table'
          exit-code: '1'
          severity: 'CRITICAL,HIGH'
@@ -242,12 +242,12 @@
       security-events: write
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Run Trivy vulnerability scanner (Frontend)
         uses: aquasecurity/trivy-action@master
        with:
          image-ref: ${{ env.IBM_CLOUD_REGION }}.icr.io/${{ env.CR_NAMESPACE }}/${{ env.FRONTEND_APP_NAME }}:${{ github.sha }}
          format: 'sarif'
          output: 'trivy-frontend-results.sarif'

@@ -260,18 +260,18 @@
      - name: Run Trivy vulnerability scanner (Frontend - Table)
        uses: aquasecurity/trivy-action@master
        with:
          image-ref: ${{ env.IBM_CLOUD_REGION }}.icr.io/${{ env.CR_NAMESPACE }}/${{ env.FRONTEND_APP_NAME }}:${{ github.sha }}
          format: 'table'
          exit-code: '1'
          severity: 'CRITICAL,HIGH'

  deploy-backend:
    needs: [build-and-push-backend, security-scan-backend]
    if: always() && (needs.security-scan-backend.result == 'success' || needs.security-scan-backend.result == 'skipped') && (github.event_name == 'workflow_dispatch' || github.event_name == 'push' || (github.event_name == 'schedule' && inputs.deploy_after_build == true))
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up IBM Cloud CLI
         run: |
@@ -281,7 +281,7 @@
      - name: Deploy Backend to Code Engine
        env:
          IBM_CLOUD_API_KEY: ${{ secrets.IBM_CLOUD_API_KEY }}
          IMAGE_URL: ${{ env.IBM_CLOUD_REGION }}.icr.io/${{ env.CR_NAMESPACE }}/${{ env.BACKEND_APP_NAME }}:${{ github.sha }}
          APP_NAME: ${{ env.BACKEND_APP_NAME }}
          IBM_CLOUD_REGION: ${{ env.IBM_CLOUD_REGION }}
          IBM_CLOUD_RESOURCE_GROUP: ${{ vars.IBM_CLOUD_RESOURCE_GROUP || 'rag-modulo-deployment' }}
@@ -323,11 +323,11 @@

  deploy-frontend:
    needs: [build-and-push-frontend, security-scan-frontend]
    if: always() && (needs.security-scan-frontend.result == 'success' || needs.security-scan-frontend.result == 'skipped') && (github.event_name == 'workflow_dispatch' || github.event_name == 'push' || (github.event_name == 'schedule' && inputs.deploy_after_build == true))
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up IBM Cloud CLI
         run: |
@@ -337,7 +337,7 @@
      - name: Deploy Frontend to Code Engine
        env:
          IBM_CLOUD_API_KEY: ${{ secrets.IBM_CLOUD_API_KEY }}
          IMAGE_URL: ${{ env.IBM_CLOUD_REGION }}.icr.io/${{ env.CR_NAMESPACE }}/${{ env.FRONTEND_APP_NAME }}:${{ github.sha }}
          APP_NAME: ${{ env.FRONTEND_APP_NAME }}
          IBM_CLOUD_REGION: ${{ env.IBM_CLOUD_REGION }}
          IBM_CLOUD_RESOURCE_GROUP: ${{ vars.IBM_CLOUD_RESOURCE_GROUP || 'rag-modulo-deployment' }}
@@ -354,7 +354,7 @@
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up IBM Cloud CLI
         run: |
@@ -363,7 +363,7 @@

      - name: Test Backend Health
        run: |
          BACKEND_URL=$(ibmcloud ce app get --name "${{ env.BACKEND_APP_NAME }}" --output json | jq -r '.status.url' | head -1)
          if [ -n "$BACKEND_URL" ]; then
            echo "Testing backend at: $BACKEND_URL/health"
            if curl -f -s "$BACKEND_URL/health" > /dev/null; then

diff --git a/.github/workflows/dev-environment-ci.yml b/.github/workflows/dev-environment-ci.yml
@@ -18,7 +18,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3

diff --git a/.github/workflows/makefile-testing.yml b/.github/workflows/makefile-testing.yml
@@ -16,7 +16,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Python
         uses: actions/setup-python@v4

diff --git a/.github/workflows/poetry-lock-check.yml b/.github/workflows/poetry-lock-check.yml
@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Python
         uses: actions/setup-python@v4

diff --git a/.github/workflows/pr-devcontainer-info.yml b/.github/workflows/pr-devcontainer-info.yml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Check Dev Container Configuration
         id: check-devcontainer

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2

diff --git a/.github/workflows/terraform-ansible-validation.yml b/.github/workflows/terraform-ansible-validation.yml
@@ -52,7 +52,7 @@ jobs:
 
     steps:
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: 🐍 Set up Python 3.12
         uses: actions/setup-python@v4
@@ -138,7 +138,7 @@ jobs:
 
     steps:
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: 🐍 Set up Python 3.12
         uses: actions/setup-python@v4
@@ -237,7 +237,7 @@ jobs:
 
     steps:
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: 🐍 Set up Python 3.12
         uses: actions/setup-python@v4
@@ -266,7 +266,7 @@ jobs:
 
     steps:
       - name: 📥 Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: 🔍 Terraform Security Scan
         run: |