chore: upgrade GitHub Actions from Node 20 to Node 24#237
Conversation
mcollins-ttd
left a comment
mcollins-ttd
left a comment
There was a problem hiding this comment.
The PR correctly upgrades all third-party action references to node24-compatible versions with properly pinned SHAs. All SHA-to-tag mappings were verified and every pinned action confirmed to use 'node24' in its action.yml. The main concern is that setup-node was upgraded from v4 to v6 (skipping v5) while node-version: 20 remains in the inputs — this is a subtle inconsistency worth clarifying — and several actions jump multiple major versions with non-trivial breaking changes that are worth documenting.
| - name: Build and export to Docker | ||
| uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5 | ||
| uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 |
There was a problem hiding this comment.
Claude Review: docker/build-push-action jumps from v5 to v7, skipping v6. v7 removes the DOCKER_BUILD_NO_SUMMARY and DOCKER_BUILD_EXPORT_RETENTION_DAYS environment variables (deprecated in v6). Neither appears to be set in these workflows, so there is no functional impact — but callers that set those env vars in their own workflows would be silently broken.
| - name: Set up Docker Buildx | ||
| uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 | ||
| uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 |
There was a problem hiding this comment.
Claude Review: docker/setup-buildx-action v4 removed previously deprecated inputs and outputs. No deprecated inputs are used in these workflows, so this is safe. Worth verifying in any downstream callers that pass additional with: parameters to setup-buildx-action that those inputs still exist in v4.
actions/github-script is unnecessary overhead for simple logging. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Missed in PR #237 — updates actions/checkout, actions/cache, setup-oras, and codeql-action/upload-sarif in composite actions to Node 24-compatible versions. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2 participants
Node 20 is being deprecated on GitHub Actions runners. Starting June 16, 2026, runners will use Node 24 by default.
This PR upgrades outdated action references in this repo to the latest released version that ships Node 24 support, pinned to its commit SHA. Each action's node version is determined by reading its
action.ymlat the pinned ref.See: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/