[deps]: Update GitHub Artifact Actions (major) #17305
Conversation
bitwarden-bot
changed the title
|
Internal tracking:
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #17305 +/- ##
==========================================
- Coverage 40.93% 40.92% -0.01%
==========================================
Files 3544 3544
Lines 101725 101725
Branches 15240 15240
==========================================
- Hits 41637 41636 -1
Misses 58334 58334
- Partials 1754 1755 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/major-github-artifact-actions
branch
2 times, most recently
from
02186d5 to
8f38ec2
Compare
djsmith85
requested review from
a team and
gitclonebrian
and removed request for
a team
djsmith85
left a comment
djsmith85
left a comment
There was a problem hiding this comment.
They mention, a breaking change by supporting Node 24. From the the way it is phrased I don't we are required to bump our workflows to use Node24 and can stay on Node 22. Currently I'd say this is save, but wanted to check with @bitwarden/dept-bre first. Any concerns?
|
Claude finished @renovate[bot]'s task —— View job Analysis of GitHub Artifact Actions UpdateI've reviewed this dependency update PR and analyzed the Node 24 compatibility concern raised by djsmith85. SummaryThis PR is safe to merge. The Node 24 support mentioned in the release notes does not require any changes to your workflows or Node version configuration. FindingsFinding 1: No Node version changes required 💭 The release notes state "BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such." This phrasing means:
Finding 2: Changes are version updates only ✅ The PR updates only the action versions across 5 workflow files:
No other workflow configuration changes are included. The updates consist of SHA hash changes that correspond to the new versions. Finding 3: Workflows dynamically read Node version All workflows retrieve the Node version from - name: Get Node Version
id: retrieve-node-version
run: |
NODE_NVMRC=$(cat .nvmrc)
NODE_VERSION=${NODE_NVMRC/v/''}
echo "node_version=$NODE_VERSION" >> "$GITHUB_OUTPUT"This means your workflows will continue using Node 22 regardless of the artifact action versions. Recommendation✅ Safe to merge - No BRE concerns identified. The updated artifact actions are backward compatible with Node 22 and will continue working with your current Node version configuration. |
|
New Issues (2)Checkmarx found the following issues in this Pull Request
|
renovate
bot
force-pushed
the
renovate/major-github-artifact-actions
branch
from
4376788 to
0253e95
Compare
This PR contains the following updates:
v5.0.0->v6.0.0v4.6.0->v5.0.0v4.6.2->v5.0.0Release Notes
actions/download-artifact (actions/download-artifact)
v6.0.0Compare Source
What's Changed
BREAKING CHANGE: this update supports Node
v24.x. This is not a breaking change per-se but we're treating it as such.@actions/artifacttov4.0.0v6.0.0by @danwkennedy in #438New Contributors
Full Changelog: actions/download-artifact@v5...v6.0.0
actions/upload-artifact (actions/upload-artifact)
v5.0.0Compare Source
v4.6.2Compare Source
What's Changed
New Contributors
Full Changelog: actions/upload-artifact@v4...v4.6.2
v4.6.1Compare Source
What's Changed
Full Changelog: actions/upload-artifact@v4...v4.6.1
Configuration
📅 Schedule: Branch creation - "every 2nd week starting on the 2 week of the year before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.