Skip to content

Update 'actions/*' versions to latest #252

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 7, 2025
Merged

Update 'actions/*' versions to latest #252

merged 1 commit into from
Nov 7, 2025

Conversation

@data-douser
Copy link
Collaborator

@data-douser data-douser commented Nov 7, 2025
edited
Loading

What This PR Contributes

This PR updates the the versions used for 'actions/' to latest available versions in order to avoid/resolve vulnerabilities associated with older versions of the open-source 'actions/' such as:

  • actions/checkout@v5
  • actions/download-artifact@v6
  • actions/setup-node@v6
  • actions/upload-artifact@v5

Future Works

Update/upgrade the versions used in actions workflows for:

  • NodeJS (currently using versions 18 and 20, in different workflows)
  • actions/setup-python@v5 --> actions/setup-python@v6 (required much newer NodeJS version for @v6)

@data-douser
Update 'actions/*' versions to latest
1478cd3 
This commit updates the the versions used for 'actions/*' to latest
available versions in order to avoid/resolve vulnerabilities
associated with older versions of the open-source 'actions/*' such as:

- `actions/checkout@v5`
- `actions/download-artifact@v6`
- `actions/setup-node@v6`
- `actions/upload-artifact@v5`
@data-douser data-douser requested a review from Copilot November 7, 2025 18:55
Copilot AI reviewed Nov 7, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This pull request updates GitHub Actions dependencies to their latest major versions across multiple workflow files to ensure the repository uses current and supported action versions.

  • Updates actions/checkout from v4 to v5
  • Updates actions/setup-node from v4 to v6
  • Updates actions/upload-artifact from v4 to v5
  • Updates actions/download-artifact from v4 to v6

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File Description
.github/workflows/update-codeql.yml Updates checkout action to v5
.github/workflows/run-codeql-unit-tests-javascript.yml Updates checkout, setup-node, upload-artifact, and download-artifact actions to their latest versions
.github/workflows/code_scanning.yml Updates checkout and upload-artifact actions to v5
.github/workflows/cds-extractor-dist-bundle.yml Updates checkout and setup-node actions to their latest versions

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

jeongsoolee09
jeongsoolee09 approved these changes Nov 7, 2025
View reviewed changes
Copy link
Contributor

@jeongsoolee09 jeongsoolee09 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jeongsoolee09 jeongsoolee09 merged commit d1b77c7 into main Nov 7, 2025
11 checks passed
@jeongsoolee09 jeongsoolee09 deleted the actions-version-updates-nov-2025 branch November 7, 2025 20:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@jeongsoolee09 jeongsoolee09 jeongsoolee09 approved these changes

@mbaluda mbaluda Awaiting requested review from mbaluda

@knewbury01 knewbury01 Awaiting requested review from knewbury01

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@data-douser @jeongsoolee09