[Github] Update actions/download-artifact to v5 #158466
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some of the older versions have security issues. Upgrade to v5 to remedy
that and get ahead of the v5 upgrade cycle rather than updating to a
later v4.x release.
Updated mechanically using the following command:
find .github -exec sed -i -e "s/actions\/download-artifact@.*/actions\/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0/g" {} \;
boomanaiden154
added
the
skip-precommit-approval
|
We aren't downloading any artifacts by ID, so there should be no changes needed in the workflows. I've verified that none of the failures are related. |
|
@llvm/pr-subscribers-github-workflow Author: Aiden Grossman (boomanaiden154) ChangesSome of the older versions have security issues. Upgrade to v5 to remedy that and get ahead of the v5 upgrade cycle rather than updating to a later v4.x release. Updated mechanically using the following command: Full diff: https://github.com/llvm/llvm-project/pull/158466.diff 7 Files Affected:
diff --git a/.github/workflows/build-ci-container-windows.yml b/.github/workflows/build-ci-container-windows.yml
index 55a269c001c2b..167e7cf06b3b2 100644
--- a/.github/workflows/build-ci-container-windows.yml
+++ b/.github/workflows/build-ci-container-windows.yml
@@ -61,7 +61,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Download container
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
+ uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: container
- name: Push Container
diff --git a/.github/workflows/build-ci-container.yml b/.github/workflows/build-ci-container.yml
index 3e91c49a51d19..67f35fd30701f 100644
--- a/.github/workflows/build-ci-container.yml
+++ b/.github/workflows/build-ci-container.yml
@@ -88,7 +88,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Download container
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
+ uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
- name: Push Container
run: |
diff --git a/.github/workflows/build-metrics-container.yml b/.github/workflows/build-metrics-container.yml
index 265fd73cc0bb7..cadcaa9a42e8f 100644
--- a/.github/workflows/build-metrics-container.yml
+++ b/.github/workflows/build-metrics-container.yml
@@ -66,7 +66,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Download Container
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
+ uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: container
- name: Push Container
diff --git a/.github/workflows/libclang-abi-tests.yml b/.github/workflows/libclang-abi-tests.yml
index 3836cc56a7c22..c159fb584fdcd 100644
--- a/.github/workflows/libclang-abi-tests.yml
+++ b/.github/workflows/libclang-abi-tests.yml
@@ -144,12 +144,12 @@ jobs:
- abi-dump
steps:
- name: Download baseline
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # 4.1.8
+ uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: build-baseline
path: build-baseline
- name: Download latest
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # 4.1.8
+ uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: build-latest
path: build-latest
diff --git a/.github/workflows/llvm-tests.yml b/.github/workflows/llvm-tests.yml
index 52b486e7e62fc..b6c30b342bbe8 100644
--- a/.github/workflows/llvm-tests.yml
+++ b/.github/workflows/llvm-tests.yml
@@ -148,17 +148,17 @@ jobs:
- abi-dump
steps:
- name: Download baseline
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # 4.1.8
+ uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: build-baseline
path: build-baseline
- name: Download latest
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # 4.1.8
+ uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: build-latest
path: build-latest
- name: Download symbol list
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # 4.1.8
+ uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: symbol-list
path: symbol-list
diff --git a/.github/workflows/release-binaries-setup-stage/action.yml b/.github/workflows/release-binaries-setup-stage/action.yml
index f5e5db27e6595..8f45e22886b6e 100644
--- a/.github/workflows/release-binaries-setup-stage/action.yml
+++ b/.github/workflows/release-binaries-setup-stage/action.yml
@@ -44,7 +44,7 @@ runs:
- name: Download Previous Stage Artifact
if: ${{ inputs.previous-artifact }}
id: download
- uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
+ uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
pattern: ${{ runner.os }}-${{ runner.arch }}-${{ inputs.previous-artifact }}-*
merge-multiple: true
diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml
index 116bdfb3929d3..8f422a0147748 100644
--- a/.github/workflows/release-binaries.yml
+++ b/.github/workflows/release-binaries.yml
@@ -294,7 +294,7 @@ jobs:
sparse-checkout-cone-mode: false
- name: 'Download artifact'
- uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
+ uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
pattern: '*-release-binary'
merge-multiple: true
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Some of the older versions have security issues. Upgrade to v5 to remedy that and get ahead of the v5 upgrade cycle rather than updating to a later v4.x release.
Updated mechanically using the following command:
find .github -exec sed -i -e "s/actions/download-artifact@.*/actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0/g" {} ;