Skip to content

[UPDATE] (deps): Bump actions/download-artifact from 5.0.0 to 6.0.0 in /.github/workflows #492

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 30, 2025
Merged

[UPDATE] (deps): Bump actions/download-artifact from 5.0.0 to 6.0.0 in /.github/workflows #492

merged 2 commits into from
Oct 30, 2025
+18 −18

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 28, 2025

Bumps actions/download-artifact from 5.0.0 to 6.0.0.

Release notes

Sourced from actions/download-artifact's releases.

v6.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

New Contributors

Full Changelog: actions/download-artifact@v5...v6.0.0

Commits
  • 018cc2c Merge pull request #438 from actions/danwkennedy/prepare-6.0.0
  • 815651c Revert "Remove github.dep.yml"
  • bb3a066 Remove github.dep.yml
  • fa1ce46 Prepare v6.0.0
  • 4a24838 Merge pull request #431 from danwkennedy/patch-1
  • 5e3251c Readme: spell out the first use of GHES
  • abefc31 Merge pull request #424 from actions/yacaovsnc/update_readme
  • ac43a60 Update README with artifact extraction details
  • de96f46 Merge pull request #417 from actions/yacaovsnc/update_readme
  • 7993cb4 Remove migration guide for artifact download changes
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
[UPDATE] (deps): Bump actions/download-artifact in /.github/workflows
e4fda2a 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@634f93c...018cc2c)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added this to the Code Style Technical Debt milestone Oct 28, 2025
@dependabot dependabot bot added CI Continuous Integration Tooling Configs Improvements or additions to configuration Duplicate This issue or pull request already exists GitHub Anything Meta Testing Something can be verified labels Oct 28, 2025
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 28, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@deepsource-io
Copy link

deepsource-io bot commented Oct 28, 2025
edited
Loading

Here's the code health analysis summary for commits d7be67e..408fcd1. View details on DeepSource ↗.

Analysis Summary

AnalyzerStatusSummaryLink
DeepSource Python LogoPython✅ SuccessView Check ↗
DeepSource Test coverage LogoTest coverage✅ SuccessView Check ↗

Code Coverage Report

MetricAggregatePython
Branch Coverage96.2%96.2%
Composite Coverage97.5%97.5%
Line Coverage97.6%97.6%
💡 If you’re a repository administrator, you can configure the quality gates from the settings.

@github-actions github-actions bot added the Linter Any linter tool or setting file enhancements label Oct 28, 2025
@codecov
Copy link

codecov bot commented Oct 28, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@reactive-firewall reactive-firewall moved this from To do to In progress in Multicast Project Oct 30, 2025
reactive-firewall
reactive-firewall requested changes Oct 30, 2025
View reviewed changes
Copy link
Collaborator

@reactive-firewall reactive-firewall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 LGTM;

☑️ Specifically, the version bump is approved!

🙅 However Also need to update:

  • .github/actions/checkout-and-rebuild/action.yml

@github-project-automation github-project-automation bot moved this from In progress to Regressions in Multicast Project Oct 30, 2025
@reactive-firewall
[UPDATE] Version bump for GHA (- PR #492 -)
408fcd1 
Changes in file .github/actions/checkout-and-rebuild/action.yml:
 * update version for actions/downloads from 5 to 6
@sonarqubecloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

reactive-firewall
reactive-firewall approved these changes Oct 30, 2025
View reviewed changes
Copy link
Collaborator

@reactive-firewall reactive-firewall left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 LGTM;

☑️ Specifically, the version bump is approved!

@github-project-automation github-project-automation bot moved this from Regressions to Resolved in Multicast Project Oct 30, 2025
@reactive-firewall reactive-firewall merged commit d22cdfe into master Oct 30, 2025
49 checks passed
@github-project-automation github-project-automation bot moved this from Resolved to Done in Multicast Project Oct 30, 2025
@dependabot dependabot bot deleted the dependabot/github_actions/dot-github/workflows/master/actions/download-artifact-6.0.0 branch October 30, 2025 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@reactive-firewall reactive-firewall reactive-firewall approved these changes

Assignees

@reactive-firewall reactive-firewall

Labels

CI Continuous Integration Tooling Configs Improvements or additions to configuration Duplicate This issue or pull request already exists GitHub Anything Meta Linter Any linter tool or setting file enhancements Testing Something can be verified

Projects

Multicast Project
Status: Done

Milestone

Code Style Technical Debt

Development

Successfully merging this pull request may close these issues.

2 participants

@reactive-firewall