aws · mergify · Aug 18, 2025 · Aug 18, 2025 · Aug 18, 2025
diff --git a/.github/workflows/analytics-metadata-updater.yml b/.github/workflows/analytics-metadata-updater.yml
@@ -13,7 +13,7 @@ jobs:
       contents: write
       pull-requests: write
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 

diff --git a/.github/workflows/check-lfs.yml b/.github/workflows/check-lfs.yml
@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           # We don't actually care about LFS file contents, just their integrity.
           lfs: false

diff --git a/.github/workflows/codebuild-pr-build.yml b/.github/workflows/codebuild-pr-build.yml
@@ -31,7 +31,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Setup Node.js
         uses: actions/setup-node@v4

diff --git a/.github/workflows/codecov-collect.yml b/.github/workflows/codecov-collect.yml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Node
         uses: actions/setup-node@v4

diff --git a/.github/workflows/codecov-upload.yml b/.github/workflows/codecov-upload.yml
@@ -21,7 +21,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Download Artifacts
         uses: actions/download-artifact@v5
         with:

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -38,7 +38,7 @@ jobs:
           build-mode: none
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

diff --git a/.github/workflows/enum-auto-updater.yml b/.github/workflows/enum-auto-updater.yml
@@ -13,7 +13,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Check Out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Node
         uses: actions/setup-node@v4

diff --git a/.github/workflows/enum-static-mapping-updater.yml b/.github/workflows/enum-static-mapping-updater.yml
@@ -13,7 +13,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Check Out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Node
         uses: actions/setup-node@v4

diff --git a/.github/workflows/issue-sync.yml b/.github/workflows/issue-sync.yml
@@ -8,7 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Setup Node.js
         uses: actions/setup-node@v4

diff --git a/.github/workflows/lambda-runtime-tests.yml b/.github/workflows/lambda-runtime-tests.yml
@@ -11,7 +11,7 @@ jobs:
     permissions:
       contents: write
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 

diff --git a/.github/workflows/pr-build.yml b/.github/workflows/pr-build.yml
@@ -28,7 +28,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Setup Node.js
         uses: actions/setup-node@v4

diff --git a/.github/workflows/pr-linter.yml b/.github/workflows/pr-linter.yml
@@ -70,7 +70,7 @@ jobs:
     needs: download-if-workflow-run
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Install & Build prlint
         run: yarn install --frozen-lockfile && cd tools/@aws-cdk/prlint && yarn build+test

diff --git a/.github/workflows/project-prioritization-added-on.yml b/.github/workflows/project-prioritization-added-on.yml
@@ -10,7 +10,7 @@ jobs:
     if: github.repository == 'aws/aws-cdk'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name:  Update AddedOn field
         uses: actions/github-script@v7

diff --git a/.github/workflows/project-prioritization-assignment.yml b/.github/workflows/project-prioritization-assignment.yml
@@ -13,7 +13,7 @@ jobs:
     if: github.repository == 'aws/aws-cdk'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Add PR to Project & Set Priority
         uses: actions/github-script@v7
         with:

diff --git a/.github/workflows/project-prioritization-bug.yml b/.github/workflows/project-prioritization-bug.yml
@@ -9,7 +9,7 @@ jobs:
     if: github.repository == 'aws/aws-cdk' && contains(github.event.issue.labels.*.name, 'bug') && contains(github.event.issue.labels.*.name, 'p1')
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Add P1 Bug to project
         uses: actions/github-script@v7
         with:

diff --git a/.github/workflows/project-prioritization-needs-attention.yml b/.github/workflows/project-prioritization-needs-attention.yml
@@ -9,7 +9,7 @@ jobs:
     if: github.repository == 'aws/aws-cdk'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Update Needs Attention Status
         uses: actions/github-script@v7

diff --git a/.github/workflows/project-prioritization-r2-assignment.yml b/.github/workflows/project-prioritization-r2-assignment.yml
@@ -9,7 +9,7 @@ jobs:
     if: github.repository == 'aws/aws-cdk'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Check and assign R2 Priority to PRs
         uses: actions/github-script@v7

diff --git a/.github/workflows/project-prioritization-r5-assignment.yml b/.github/workflows/project-prioritization-r5-assignment.yml
@@ -9,7 +9,7 @@ jobs:
     if: github.repository == 'aws/aws-cdk'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - name: Check and Assign R5 Priority to PRs
         uses: actions/github-script@v7
         with:

diff --git a/.github/workflows/request-cli-integ-test.yml b/.github/workflows/request-cli-integ-test.yml
@@ -17,7 +17,7 @@ jobs:
       any-changed-files: ${{ steps.changed-cli-files.outputs.cli_any_changed }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           repository: ${{ github.event.pull_request.head.repo.full_name }}
@@ -38,7 +38,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           # Needs to run with PROJEN_GITHUB_TOKEN because we need permissions to force push the branch
           token: ${{ secrets.PROJEN_GITHUB_TOKEN }}

diff --git a/.github/workflows/security-guardian.yml b/.github/workflows/security-guardian.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:      
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0  
 

diff --git a/.github/workflows/spec-update.yml b/.github/workflows/spec-update.yml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check Out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Node
         uses: actions/setup-node@v4
@@ -125,7 +125,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check Out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Download patch
         uses: actions/download-artifact@v5

diff --git a/.github/workflows/sync-from-upstream.yml b/.github/workflows/sync-from-upstream.yml
@@ -45,14 +45,14 @@ jobs:
     steps:
       - name: Checkout using User Token (+ download lfs dependencies)
         if: needs.check-secret.outputs.ok == 'true'
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           lfs: true
           token: ${{ secrets.PROJEN_GITHUB_TOKEN }}
 
       - name: Checkout using GitHub Actions permissions (+ download lfs dependencies)
         if: needs.check-secret.outputs.ok == 'false'
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           lfs: true
 

diff --git a/.github/workflows/update-contributors.yml b/.github/workflows/update-contributors.yml
@@ -10,7 +10,7 @@ jobs:
     if: github.repository == 'aws/aws-cdk'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: minicli/[email protected]
         name: "Update a projects CONTRIBUTORS file"
         env:

diff --git a/.github/workflows/update-metadata-regions.yml b/.github/workflows/update-metadata-regions.yml
@@ -19,7 +19,7 @@ jobs:
 
           status=$(curl -s -o /dev/null -w "%{http_code}" $URL)
           echo "STATUS=${status}" >> "$GITHUB_OUTPUT"
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/github-script@v7
         if: ${{ steps.download.outputs.STATUS == 200 }}
         env:
@@ -47,7 +47,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check Out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Download patch
         uses: actions/download-artifact@v5

diff --git a/.github/workflows/yarn-upgrade-need-manual-work.yml b/.github/workflows/yarn-upgrade-need-manual-work.yml
@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check Out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Node
         uses: actions/setup-node@v4
@@ -80,7 +80,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check Out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Download patch
         uses: actions/download-artifact@v5

diff --git a/.github/workflows/yarn-upgrade.yml b/.github/workflows/yarn-upgrade.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check Out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Node
         uses: actions/setup-node@v4
@@ -94,7 +94,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check Out
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Download patch
         uses: actions/download-artifact@v5