From a6298528bcd4f8ceb239c16f084d2c1d72356bd2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Nov 2025 22:53:44 +0000
Subject: [PATCH] build(deps): bump the github-actions group across 1 directory
 with 4 updates

Bumps the github-actions group with 4 updates in the / directory: [actions/upload-artifact](https://github.com/actions/upload-artifact), [actions/download-artifact](https://github.com/actions/download-artifact), [prefix-dev/setup-pixi](https://github.com/prefix-dev/setup-pixi) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `actions/upload-artifact` from 4 to 5
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v5)

Updates `actions/download-artifact` from 5 to 6
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v5...v6)

Updates `prefix-dev/setup-pixi` from 0.9.2 to 0.9.3
- [Release notes](https://github.com/prefix-dev/setup-pixi/releases)
- [Commits](https://github.com/prefix-dev/setup-pixi/compare/v0.9.2...v0.9.3)

Updates `github/codeql-action` from 4.30.9 to 4.31.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/16140ae1a102900babc80a33c44059580f687047...0499de31b99561a6d14a36a5f662c2a54f91beee)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/download-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: prefix-dev/setup-pixi
  dependency-version: 0.9.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-version: 4.31.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/documentation.yml |  8 ++++----
 .github/workflows/examples.yml      |  2 +-
 .github/workflows/native.yml        |  2 +-
 .github/workflows/playwright.yml    | 12 ++++++------
 .github/workflows/python-wasm.yml   |  2 +-
 .github/workflows/scorecard.yml     |  4 ++--
 .github/workflows/toolchains.yml    | 10 +++++-----
 7 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml
index 36c1f4b99..9a1d72147 100644
--- a/.github/workflows/documentation.yml
+++ b/.github/workflows/documentation.yml
@@ -41,7 +41,7 @@ jobs:
         make html
 
     - name: Upload artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         name: main-documentation
         path: docs/_build/html
@@ -113,7 +113,7 @@ jobs:
         done
 
     - name: Upload artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         name: package-documentation
         path: docs
@@ -124,13 +124,13 @@ jobs:
 
     steps:
     - name: Download main documentation
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: main-documentation
         path: docs
 
     - name: Download package documentation
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: package-documentation
         path: docs
diff --git a/.github/workflows/examples.yml b/.github/workflows/examples.yml
index 7ea6016ea..76b617dfc 100644
--- a/.github/workflows/examples.yml
+++ b/.github/workflows/examples.yml
@@ -85,7 +85,7 @@ jobs:
         pnpm build
 
     - name: Save wasm builds
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         name: hello-world-build
         if-no-files-found: error
diff --git a/.github/workflows/native.yml b/.github/workflows/native.yml
index ddf269181..fed5109f3 100644
--- a/.github/workflows/native.yml
+++ b/.github/workflows/native.yml
@@ -17,7 +17,7 @@ jobs:
     steps:
       - uses: actions/checkout@v5
 
-      - uses: prefix-dev/setup-pixi@v0.9.2
+      - uses: prefix-dev/setup-pixi@v0.9.3
 
       - name: Build and Test ITK-Wasm
         run: |
diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml
index c7f375d54..7e42db971 100644
--- a/.github/workflows/playwright.yml
+++ b/.github/workflows/playwright.yml
@@ -22,7 +22,7 @@ jobs:
       run: npx playwright install --with-deps
     - name: Run Playwright tests
       run: npm run test
-    - uses: actions/upload-artifact@v4
+    - uses: actions/upload-artifact@v5
       if: ${{ !cancelled() }}
       with:
         name: playwright-report
@@ -45,7 +45,7 @@ jobs:
       run: npx playwright install --with-deps
     - name: Run Playwright tests
       run: npm run test
-    - uses: actions/upload-artifact@v4
+    - uses: actions/upload-artifact@v5
       if: ${{ !cancelled() }}
       with:
         name: playwright-report
@@ -69,7 +69,7 @@ jobs:
       run: npx playwright install --with-deps
     - name: Run Playwright tests
       run: npm run test
-    - uses: actions/upload-artifact@v4
+    - uses: actions/upload-artifact@v5
       if: ${{ !cancelled() }}
       with:
         name: playwright-report
@@ -135,7 +135,7 @@ jobs:
         working-directory: ./packages/core/typescript/itk-wasm
         run: pnpm run test:browser
 
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v5
         if: ${{ !cancelled() }}
         with:
           name: playwright-report-itk-wasm
@@ -209,7 +209,7 @@ jobs:
         working-directory: packages/${{ matrix.package }}/typescript
         run: pnpm run test:browser
 
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v5
         if: ${{ !cancelled() }}
         with:
           name: playwright-report-${{ matrix.package }}
@@ -257,7 +257,7 @@ jobs:
     - name: Run Playwright tests
       run: pnpm run test
 
-    - uses: actions/upload-artifact@v4
+    - uses: actions/upload-artifact@v5
       if: ${{ !cancelled() }}
       with:
         name: playwright-report-hello-world
diff --git a/.github/workflows/python-wasm.yml b/.github/workflows/python-wasm.yml
index bd0c7c335..c8de703ca 100644
--- a/.github/workflows/python-wasm.yml
+++ b/.github/workflows/python-wasm.yml
@@ -31,7 +31,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v5
 
-      - uses: prefix-dev/setup-pixi@v0.9.2
+      - uses: prefix-dev/setup-pixi@v0.9.3
 
       - name: Set up Python ${{ env.python-version }}
         uses: actions/setup-python@v6.0.0
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 9fde1080d..bc999dc92 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -56,7 +56,7 @@ jobs:
       # uploads of run results in SARIF format to the repository Actions tab.
       # https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts
       - name: "Upload artifact"
-        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: SARIF file
           path: results.sarif
@@ -65,6 +65,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v3.29.5
+        uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/toolchains.yml b/.github/workflows/toolchains.yml
index a21c8fec8..ea9a811f8 100644
--- a/.github/workflows/toolchains.yml
+++ b/.github/workflows/toolchains.yml
@@ -19,7 +19,7 @@ jobs:
     steps:
       - uses: actions/checkout@v5
 
-      - uses: prefix-dev/setup-pixi@v0.9.2
+      - uses: prefix-dev/setup-pixi@v0.9.3
       - run: pixi run export-itk-wasm-env-vars
 
       - name: Free Disk Space (Ubuntu)
@@ -31,7 +31,7 @@ jobs:
           timeout_minutes: 10
           command: ./src/docker/pull.sh --no-debug
 
-      - uses: actions/download-artifact@v5
+      - uses: actions/download-artifact@v6
         continue-on-error: true
         with:
           name: docker-cache
@@ -52,7 +52,7 @@ jobs:
           docker export itkwasm/wasi-base:latest | xz -e9 -T0 > ./docker-cache/itk-wasm-wasi-base.tar.xz
 
       - name: Cache docker results
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: docker-cache
           path: ./docker-cache
@@ -66,7 +66,7 @@ jobs:
     steps:
       - uses: actions/checkout@v5
 
-      - uses: prefix-dev/setup-pixi@v0.9.2
+      - uses: prefix-dev/setup-pixi@v0.9.3
       - run: pixi run export-itk-wasm-env-vars
 
       - name: Free Disk Space (Ubuntu)
@@ -78,7 +78,7 @@ jobs:
           timeout_minutes: 10
           command: ./src/docker/pull.sh --no-debug
 
-      - uses: actions/download-artifact@v5
+      - uses: actions/download-artifact@v6
         continue-on-error: true
         with:
           name: docker-cache