Skip to content

build(deps): bump actions/download-artifact from 7 to 8#3416

Merged
simbit18 merged 1 commit intomasterfrom
dependabot/github_actions/actions/download-artifact-8
Mar 4, 2026
Merged

build(deps): bump actions/download-artifact from 7 to 8#3416
simbit18 merged 1 commit intomasterfrom
dependabot/github_actions/actions/download-artifact-8

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 2, 2026

Bumps actions/download-artifact from 7 to 8.

Release notes

Sourced from actions/download-artifact's releases.

v8.0.0

v8 - What's new

Direct downloads

To support direct uploads in actions/upload-artifact, the action will no longer attempt to unzip all downloaded files. Instead, the action checks the Content-Type header ahead of unzipping and skips non-zipped files. Callers wishing to download a zipped file as-is can also set the new skip-decompress parameter to false.

Enforced checks (breaking)

A previous release introduced digest checks on the download. If a download hash didn't match the expected hash from the server, the action would log a warning. Callers can now configure the behavior on mismatch with the digest-mismatch parameter. To be secure by default, we are now defaulting the behavior to error which will fail the workflow run.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

Full Changelog: actions/download-artifact@v7...v8.0.0

Commits
  • 70fc10c Merge pull request #461 from actions/danwkennedy/digest-mismatch-behavior
  • f258da9 Add change docs
  • ccc058e Fix linting issues
  • bd7976b Add a setting to specify what to do on hash mismatch and default it to error
  • ac21fcf Merge pull request #460 from actions/danwkennedy/download-no-unzip
  • 15999bf Add note about package bumps
  • 974686e Bump the version to v8 and add release notes
  • fbe48b1 Update test names to make it clearer what they do
  • 96bf374 One more test fix
  • b8c4819 Fix skip decompress test
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump actions/download-artifact from 7 to 8
a7dfe33 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7 to 8.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v7...v8)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 2, 2026
@github-actions github-actions bot added Size: XS Area: CI and removed dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 2, 2026
@cederom
Copy link
Contributor

cederom commented Mar 3, 2026

again fetch extract issue, failed ci task restarted.

Configuration/Tool: nucleo-h743zi2/jumbo,CONFIG_ARM_TOOLCHAIN_CLANG
2026-03-03 02:30:09
------------------------------------------------------------------------------------
  Cleaning...
  Configuring...
  Disabling CONFIG_ARM_TOOLCHAIN_GNU_EABI
  Enabling CONFIG_ARM_TOOLCHAIN_CLANG
  Building NuttX...

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
make[1]: *** [littlefs/Make.defs:68: .littlefsunpack] Error 2
make[1]: Target 'context' not remade because of errors.
make: *** [tools/Unix.mk:467: fs/.context] Error 2
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100  496k  100  496k    0     0  1088k      0 --:--:-- --:--:-- --:--:-- 2139k
make: Target 'all' not remade because of errors.
/github/workspace/sources/nuttx/tools/testbuild.sh: line 385: /github/workspace/sources/nuttx/../nuttx/nuttx.manifest: No such file or directory
  [1/1] Normalize nucleo-h743zi2/jumbo

@acassis
Copy link
Contributor

acassis commented Mar 3, 2026

again fetch extract issue, failed ci task restarted.

Configuration/Tool: nucleo-h743zi2/jumbo,CONFIG_ARM_TOOLCHAIN_CLANG
2026-03-03 02:30:09
------------------------------------------------------------------------------------
  Cleaning...
  Configuring...
  Disabling CONFIG_ARM_TOOLCHAIN_GNU_EABI
  Enabling CONFIG_ARM_TOOLCHAIN_CLANG
  Building NuttX...

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
make[1]: *** [littlefs/Make.defs:68: .littlefsunpack] Error 2
make[1]: Target 'context' not remade because of errors.
make: *** [tools/Unix.mk:467: fs/.context] Error 2
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
100  496k  100  496k    0     0  1088k      0 --:--:-- --:--:-- --:--:-- 2139k
make: Target 'all' not remade because of errors.
/github/workspace/sources/nuttx/tools/testbuild.sh: line 385: /github/workspace/sources/nuttx/../nuttx/nuttx.manifest: No such file or directory
  [1/1] Normalize nucleo-h743zi2/jumbo

@cederom maybe it still an issue with Github, but eventually most (or even all) links we are using will fade out, this is why we need to have a mirror.

@cederom
Copy link
Contributor

cederom commented Mar 3, 2026
edited
Loading

@cederom maybe it still an issue with Github, but eventually most (or even all) links we are using will fade out, this is why we need to have a mirror.

Actually it would be best to have our own mirror repo with all of the packages.. so we could pull it aside to nuttx and have full offline build available.. but this is a long story :-)

@simbit18
Copy link
Contributor

simbit18 commented Mar 4, 2026

Hi @lupyuen, again problem with repeated jobs

3 Linux jobs (arm13), one completed, one in a loop, and one in the queue

https://github.com/apache/nuttx-apps/actions/runs/22601145517

@lupyuen
Copy link
Member

lupyuen commented Mar 4, 2026

@simbit18 Yeah wonder if we should report this to GitHub Support?

@acassis
Copy link
Contributor

acassis commented Mar 4, 2026

@lupyuen @simbit18 I noticed github is very unstable this week, no idea what is going on there!

@simbit18
Copy link
Contributor

simbit18 commented Mar 4, 2026

@lupyuen I would wait before reporting it to GitHub support. Let's monitor whether the repeated jobs reappear.

However, I think this PR can be merged.

@lupyuen
Copy link
Member

lupyuen commented Mar 4, 2026

@simbit18 Yep sure. There first time I saw this was 29 days ago. So I don't think it's caused by any of our recent changes to CI.

https://github.com/apache/nuttx/actions/runs/21600990965/job/62279838438

@linguini1
Copy link
Contributor

linguini1 commented Mar 4, 2026

There was a reported problem yesterday that GitHub was down completely. I think this could be related.

@simbit18
Copy link
Contributor

simbit18 commented Mar 4, 2026

@linguini1 Yes, you're right, I just checked the incident history for all GitHub services and there have been some issues.
https://www.githubstatus.com/incidents/n07yy1bk6kc4

I'll merge the PR.

@simbit18 simbit18 merged commit 45d4c70 into master Mar 4, 2026
76 of 78 checks passed
@dependabot dependabot bot deleted the dependabot/github_actions/actions/download-artifact-8 branch March 4, 2026 15:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cederom cederom cederom approved these changes

@jerpelea jerpelea jerpelea approved these changes

@linguini1 linguini1 linguini1 approved these changes

@acassis acassis Awaiting requested review from acassis

@lupyuen lupyuen Awaiting requested review from lupyuen

@simbit18 simbit18 Awaiting requested review from simbit18

Assignees

No one assigned

Labels

Area: CI Size: XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@cederom @acassis @simbit18 @lupyuen @linguini1 @jerpelea