Merge pull request #97 from atsign-foundation/dependabot/github_actio…

…ns/actions/checkout-4.1.7

build(deps): bump actions/checkout from 4.1.6 to 4.1.7

.github/dependabot.yml

@@ -5,7 +5,15 @@ updates:
     directory: "/"
     schedule:
       interval: "daily"
+    groups:
+      github-actions:
+        patterns:
+          - "*"
   - package-ecosystem: "pip"
     directory: "/tools" # Location of package manifests
     schedule:
-      interval: "daily"
+      interval: "daily"
+    groups:
+      pip:
+        patterns:
+          - "*"

.github/workflows/pymarkdownlnt.yml

@@ -23,7 +23,7 @@ jobs:
         with:
           python-version: 3.9 #install the python needed
       - name: checkout repo content
-        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
       - name: Install and run linter
         run: |-
           python3 -m pip install --require-hashes -r tools/requirements.txt

.github/workflows/update_python_requirements.yml

@@ -15,7 +15,7 @@ jobs:
     steps:
     - name: Checkout this repo
       if: ${{ github.actor == 'dependabot[bot]' }}
-      uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
       with:
         fetch-depth: 0
         ref: ${{ github.event.pull_request.head.ref }}