chore(deps): bump actions/checkout from v5 to v6 and update credentials handling

[twangodev]

Summary by CodeRabbit

• Chores
  • Updated GitHub Actions checkout action to the latest version and enhanced security configuration in build workflows.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Updated the GitHub Actions workflow configuration file by bumping the actions/checkout action from version 5 to version 6 and adding the persist-credentials: false flag to both SDK and documentation checkout steps.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow Configuration \.github/workflows/docs\.yml	Upgraded actions/checkout from v5 to v6 for both SDK and docs checkouts; added persist-credentials: false to both checkout steps to disable credential propagation.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

• Straightforward version bump with consistent application across two checkout steps
• Configuration-only change with no logic modifications

Possibly related PRs

• Revert "chore(deps): bump actions/checkout from 5 to 6" #56: Reverses this change by downgrading actions/checkout from v6 back to v5—directly inverse to this PR's version bump.

Poem

🐰 A workflow so sleek, v5 to v6 we leap,
Credentials secured, no secrets to keep,
Two checkouts in sync, our pipeline's refined,
A rabbit's blessing for workflows redesigned! ✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main changes: bumping actions/checkout from v5 to v6 and updating credentials handling in the workflow file.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/docs-checkout

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9dab78d and 845441e.

📒 Files selected for processing (1)

• .github/workflows/docs.yml (2 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Integration Tests
• GitHub Check: Integration Tests

🔇 Additional comments (1)

.github/workflows/docs.yml (1)

14-18: Well-executed security and maintenance update. The v6 update changes how persist-credentials stores credentials (under $RUNNER_TEMP instead of local git config) and requires a minimum Actions Runner version of v2.329.0, but this is compatible with modern GitHub runners. Setting persist-credentials: false on both checkouts is the right call—the SDK checkout is read-only, and the docs checkout explicitly uses ${{ secrets.DOCS_TOKEN }} for PR operations, so persisted credentials aren't needed.

Also applies to: 33-38

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

This PR updates the documentation workflow by bumping actions/checkout from v5 to v6 and adds explicit credential handling configuration to improve security when working with multiple repositories.

• Updates actions/checkout action from v5 to v6 in both checkout steps
• Adds persist-credentials: false to both checkout operations to prevent credential persistence when using custom tokens

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.