From 001cedd844e5b133acd12b4dae0b51547d0e7e41 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 24 Nov 2025 15:51:22 +0000
Subject: [PATCH] build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0
(#10950)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.6.2 to 5.0.0.
Release notes
Sourced from actions/upload-artifact's
releases.
v5.0.0
What's Changed
BREAKING CHANGE: this update supports Node
v24.x. This is not a breaking change per-se but we're
treating it as such.
New Contributors
Full Changelog: https://github.com/actions/upload-artifact/compare/v4...v5.0.0
Commits
330a01c
Merge pull request #734
from actions/danwkennedy/prepare-5.0.003f2824
Update github.dep.yml905a1ec
Prepare v5.0.02d9f9cd
Merge pull request #725
from patrikpolyak/patch-19687587
Merge branch 'main' into patch-12848b2c
Merge pull request #727
from danwkennedy/patch-19b51177
Spell out the first use of GHEScd231ca
Update GHES guidance to include reference to Node 20 versionde65e23
Merge pull request #712
from actions/nebuk89-patch-18747d8c
Update README.md- Additional commits viewable in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
.github/workflows/_data-plane.yml | 4 ++--
.github/workflows/_elixir.yml | 2 +-
.github/workflows/_integration_tests.yml | 4 ++--
.github/workflows/_kotlin.yml | 4 ++--
.github/workflows/_swift.yml | 4 ++--
.github/workflows/_tauri.yml | 4 ++--
.github/workflows/ci.yml | 2 +-
7 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/.github/workflows/_data-plane.yml b/.github/workflows/_data-plane.yml
index d211cb664..990b3d856 100644
--- a/.github/workflows/_data-plane.yml
+++ b/.github/workflows/_data-plane.yml
@@ -355,7 +355,7 @@ jobs:
--no-progress \
--connection-string "${{ secrets.AZURERM_ARTIFACTS_CONNECTION_STRING }}"
- name: Upload `.deb` artifact
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: ${{ env.BINARY_DEST_PATH }}.deb
path: rust/${{ env.BINARY_DEST_PATH }}.deb
@@ -420,7 +420,7 @@ jobs:
digest="${{ github.ref == 'refs/heads/main' && steps.build_rw.outputs.digest || steps.build_ro.outputs.digest }}"
touch "/tmp/digests/${{ matrix.name.image_name }}/${digest#sha256:}"
- name: Upload digest artifact
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
overwrite: true
name: ${{ matrix.image_prefix && format('{0}-', matrix.image_prefix) || '' }}${{ matrix.name.image_name }}-${{ inputs.sha }}-digest-${{ matrix.arch.shortname }}
diff --git a/.github/workflows/_elixir.yml b/.github/workflows/_elixir.yml
index 0ec3c5701..988ac01b3 100644
--- a/.github/workflows/_elixir.yml
+++ b/.github/workflows/_elixir.yml
@@ -220,7 +220,7 @@ jobs:
if:
${{ github.event.pull_request.head.repo.full_name == github.repository
&& always() }}
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: screenshots-${{ matrix.MIX_TEST_PARTITION }}
path: elixir/apps/web/screenshots
diff --git a/.github/workflows/_integration_tests.yml b/.github/workflows/_integration_tests.yml
index 447964a00..22559c967 100644
--- a/.github/workflows/_integration_tests.yml
+++ b/.github/workflows/_integration_tests.yml
@@ -248,7 +248,7 @@ jobs:
! tcpdump -nnnr ./relay-1-packets.pcap -v | grep "bad \w* cksum"
- - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
if: "!success()"
with:
overwrite: true
@@ -265,7 +265,7 @@ jobs:
! tcpdump -nnnr ./relay-2-packets.pcap -v | grep "bad \w* cksum"
- - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
if: "!success() && !matrix.test.single_relay"
with:
overwrite: true
diff --git a/.github/workflows/_kotlin.yml b/.github/workflows/_kotlin.yml
index 7046807a5..3d38ac59d 100644
--- a/.github/workflows/_kotlin.yml
+++ b/.github/workflows/_kotlin.yml
@@ -94,7 +94,7 @@ jobs:
run: |
./gradlew testReleaseUnitTest
- name: Upload package artifacts
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: Android ${{ matrix.package-type }}
path: |
@@ -132,7 +132,7 @@ jobs:
run: |
./gradlew assembleDebug
- name: Upload debug APK
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: Android debug APK
path: |
diff --git a/.github/workflows/_swift.yml b/.github/workflows/_swift.yml
index b58b796cf..866b42cea 100644
--- a/.github/workflows/_swift.yml
+++ b/.github/workflows/_swift.yml
@@ -92,13 +92,13 @@ jobs:
API_KEY: "${{ secrets.APPLE_APP_STORE_CONNECT_API_KEY }}"
TEMP_DIR: "${{ runner.temp }}"
- name: Upload .dmg artifact
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
if: "${{ github.event_name == 'workflow_dispatch' && matrix.job_name == 'build-macos-standalone' }}"
with:
name: macos-client-standalone-dmg
path: "${{ runner.temp }}/${{ matrix.artifact-file }}"
- name: Upload .pkg artifact
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
if: "${{ github.event_name == 'workflow_dispatch' && matrix.job_name == 'build-macos-standalone' }}"
with:
name: macos-client-standalone-pkg
diff --git a/.github/workflows/_tauri.yml b/.github/workflows/_tauri.yml
index 4674c8d26..e08fc6d4c 100644
--- a/.github/workflows/_tauri.yml
+++ b/.github/workflows/_tauri.yml
@@ -172,14 +172,14 @@ jobs:
shell: bash
run: ${{ env.RENAME_SCRIPT }}
- name: Upload deb / msi package
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: ${{ env.ARTIFACT_DST }}-${{ matrix.pkg-extension }}
path: ${{ env.ARTIFACT_SRC }}.${{ matrix.pkg-extension }}
if-no-files-found: error
- name: Upload rpm package
if: "${{ runner.os == 'Linux' }}"
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
name: ${{ env.ARTIFACT_DST }}-rpm
path: ${{ env.ARTIFACT_SRC }}.rpm
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 15688d14e..a4cbf4295 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -317,7 +317,7 @@ jobs:
./scripts/tests/perf/${{ matrix.test }}.sh
jq '{ "${{ matrix.flavour }}-${{ matrix.test }}": { "retransmits": { "value": (.end.sum_sent.retransmits // -1) }, "throughput": { "value": .end.sum_received.bits_per_second } } }' ./${{ matrix.flavour }}-${{ matrix.test }}.json > ./${{ matrix.flavour }}-${{ matrix.test }}.bmf.json
- name: "Save performance test results: ${{ matrix.flavour }}-${{ matrix.test }}"
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+ uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
with:
overwrite: true
name: ${{ matrix.flavour }}-${{ matrix.test }}-${{ github.sha }}-iperf3results