elastic · elastic-renovate-prod · Nov 20, 2025
diff --git a/.github/workflows/add-guidelines.yml b/.github/workflows/add-guidelines.yml
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out the repository
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
 
       - name: Set environment variable for early exit control
         id: check_label

diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml
@@ -65,7 +65,7 @@ jobs:
 
     steps:
       - name: Checkout repo
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
         with:
           token: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}
           ref: main

diff --git a/.github/workflows/code-checks.yml b/.github/workflows/code-checks.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+    - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
       with:
         fetch-depth: 1
 

diff --git a/.github/workflows/esql-validation.yml b/.github/workflows/esql-validation.yml
@@ -8,7 +8,7 @@ jobs:
 
     steps:
       - name: Setup Detection Rules
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
         with:
             fetch-depth: 0
             path: detection-rules
@@ -45,7 +45,7 @@ jobs:
           DR_CLOUD_ID: ${{ secrets.dr_cloud_id }}
           DR_API_KEY: ${{ secrets.dr_api_key }}
         if: ${{ !env.DR_CLOUD_ID && !env.DR_API_KEY && env.run_esql == 'true' }}
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
         with:
           path: elastic-container
           repository: peasead/elastic-container

diff --git a/.github/workflows/get-target-branches.yml b/.github/workflows/get-target-branches.yml
@@ -14,7 +14,7 @@ jobs:
     outputs:
       matrix: ${{ steps.get-branch-list.outputs.matrix }}
     steps:
-      - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
 
       - name: Set up Python 3.12
         uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5

diff --git a/.github/workflows/kibana-mitre-update.yml b/.github/workflows/kibana-mitre-update.yml
@@ -14,7 +14,7 @@ jobs:
       KIBANA_ISSUE_NUMBER: 166152  # Define the Kibana issue number as a variable
     steps:
       - name: Checkout code
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
 
       - name: Get MITRE Attack changed files
         id: changed-attack-files

diff --git a/.github/workflows/lock-versions.yml b/.github/workflows/lock-versions.yml
@@ -22,7 +22,7 @@ jobs:
             }
 
       - name: Checkout detection-rules
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
         with:
           fetch-depth: 0
 
@@ -42,7 +42,7 @@ jobs:
           DR_CLOUD_ID: ${{ secrets.dr_cloud_id }}
           DR_API_KEY: ${{ secrets.dr_api_key }}
         if: ${{ !env.DR_CLOUD_ID && !env.DR_API_KEY }}
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
         with:
           path: elastic-container
           repository: peasead/elastic-container

diff --git a/.github/workflows/manual-backport.yml b/.github/workflows/manual-backport.yml
@@ -19,7 +19,7 @@ jobs:
     steps:
 
       - name: Checkout detection-rules
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
         with:
           token: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}
           fetch-depth: 0

diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+    - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
       with:
         fetch-depth: 1
 

diff --git a/.github/workflows/release-docs.yml b/.github/workflows/release-docs.yml
@@ -23,13 +23,13 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout detection-rules
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
         with:
           path: detection-rules
           fetch-depth: 0
 
       - name: Checkout elastic/security-docs
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
         with:
           token: ${{ secrets.WRITE_SECURITY_DOCS_DETECTION_RULES_TOKEN }}
           repository: "elastic/security-docs"

diff --git a/.github/workflows/release-fleet.yml b/.github/workflows/release-fleet.yml
@@ -46,7 +46,7 @@ jobs:
                 core.setFailed('Forbidden branch')
               }
         - name: Checkout detection-rules
-          uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+          uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
           with:
             path: detection-rules
             fetch-depth: 0
@@ -66,7 +66,7 @@ jobs:
             git checkout $COMMIT_HASH
 
         - name: Checkout elastic/integrations
-          uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+          uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
           with:
             token: ${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }}
             repository: ${{github.event.inputs.target_repo}}
@@ -117,7 +117,7 @@ jobs:
             DR_CLOUD_ID: ${{ secrets.dr_cloud_id }}
             DR_API_KEY: ${{ secrets.dr_api_key }}
           if: ${{ !env.DR_CLOUD_ID && !env.DR_API_KEY }}
-          uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
+          uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
           with:
             path: elastic-container
             repository: peasead/elastic-container

diff --git a/.github/workflows/version-code-and-release.yml b/.github/workflows/version-code-and-release.yml
@@ -44,7 +44,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
         with:
           fetch-depth: 0
 
@@ -75,7 +75,7 @@ jobs:
       contents: write
     steps:
       - name: Checkout repository
-        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6
         with:
           fetch-depth: 0