chore: update GitHub Actions versions across all workflows#266
Open
vladfrangu wants to merge 4 commits intomainfrom
Open
chore: update GitHub Actions versions across all workflows#266vladfrangu wants to merge 4 commits intomainfrom
vladfrangu wants to merge 4 commits intomainfrom
Conversation
github-actions
bot
added
the
t-tooling
Contributor
There was a problem hiding this comment.
Pull request overview
This PR upgrades and pins GitHub Actions used across the repository’s CI/CD and automation workflows, including a migration of Slack notifications to slackapi/slack-github-action@v3’s chat.postMessage API shape.
Changes:
- Upgrade Slack notification steps to
slackapi/slack-github-action@v3.0.1usingmethod: chat.postMessage,token, andchannelin the JSON payload. - Bump various third-party actions (AWS credentials, Docker build/push, github-script, setup-uv, Codecov, Sentry release, Tailscale, add-and-commit, Apify actions) and pin previously unpinned actions to tagged releases.
- Update Node.js defaults/usage in select workflows (e.g., docs and Claude maintenance) and bump
actions/setup-node.
Reviewed changes
Copilot reviewed 20 out of 20 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/tests.yaml | Migrate Slack notifications to Slack action v3 payload/method/token format. |
| .github/workflows/sync_branches_push.yaml | Migrate failure Slack notification to Slack action v3 format. |
| .github/workflows/sync_branches.yaml | Bump actions/github-script and migrate failure Slack notification to Slack action v3 format. |
| .github/workflows/slack.yaml | Update reusable Slack workflow to Slack action v3 format. |
| .github/workflows/release_marker.yaml | Upgrade Sentry release marker action to getsentry/action-release@v3. |
| .github/workflows/python_unit_tests.yaml | Bump setup-uv and codecov-action to newer versions. |
| .github/workflows/python_type_check.yaml | Bump setup-uv to newer version. |
| .github/workflows/python_lint_check.yaml | Bump setup-uv to newer version. |
| .github/workflows/python_integration_tests.yaml | Bump setup-uv and codecov-action to newer versions. |
| .github/workflows/python_docs_check.yaml | Update default Node version and bump setup-uv. |
| .github/workflows/python_bump_and_update_changelog.yaml | Bump setup-uv, pin write-file action, and bump add-and-commit. |
| .github/workflows/pull_request_toolkit.yaml | Pin pull-request-toolkit action to a tagged release. |
| .github/workflows/open_pull_request.yaml | Bump apify/release-pr-action patch version. |
| .github/workflows/local_pr_toolkit.yaml | Pin pull-request-toolkit action to a tagged release. |
| .github/workflows/invalidate_cloudfront.yaml | Bump AWS credentials action to configure-aws-credentials@v6. |
| .github/workflows/get_values.yaml | Bump actions/github-script to v9. |
| .github/workflows/deploy_helmfile.yaml | Bump Slack action, AWS credentials action, and Tailscale action versions. |
| .github/workflows/deploy_cloudformation.yaml | Bump Slack action and AWS credentials action versions. |
| .github/workflows/create_changelog.yaml | Bump release-pr action and migrate failure Slack notification to Slack action v3 format. |
| .github/workflows/claude-md-maintenance.yml | Bump actions/setup-node and update Node version used by the workflow. |
| .github/workflows/check-execute-workflow-dist.yaml | Bump add-and-commit action version. |
| .github/workflows/build_docker_image_and_push_to_ecr.yaml | Bump Slack action, Docker build/login/buildx actions, and AWS credentials action versions. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
vdusek
approved these changes
Apr 15, 2026
Contributor
vdusek
left a comment
vdusek
left a comment
There was a problem hiding this comment.
python-related stuff seems OK
btw. uv started using immutable releases - https://github.com/astral-sh/setup-uv/releases/tag/v8.0.0 , so it is correct to (we have to) pin the full version.
Contributor
|
@vladfrangu did you test the new Slack action? That's the only thing here that deserves more attention IMO |
Member
Author
|
Not really sure how to test the slack action without...well, having a flow that uses it run |
Contributor
Valid point, maybe you could add a manually triggered workflow that uses the new action, bonk it and then remove it? |
- Upgrade slackapi/slack-github-action v1.26.0 → v3.0.1 (new API: method/token instead of env var) - Upgrade aws-actions/configure-aws-credentials v4 → v6 - Upgrade docker actions: setup-buildx v3→v4, login v3→v4, build-push v5→v7 - Upgrade astral-sh/setup-uv v7 → v8.0.0 - Upgrade codecov/codecov-action v5 → v6 - Upgrade actions/github-script v7 → v9, actions/setup-node v4 → v6 - Upgrade getsentry/action-release v1 → v3 - Upgrade EndBug/add-and-commit v9 → v10, tailscale/github-action v2 → v4 - Upgrade apify/release-pr-action v3.5.1 → v3.5.3 - Pin apify/pull-request-toolkit-action to v2.2.0 (was @main) - Pin DamianReeves/write-file-action to v1.3 (was @master) - Bump default Node.js version from 20 to 24
vladfrangu
force-pushed
the
t3code/update-github-actions-versions
branch
from
2a6ba7f to
1ae9595
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
slackapi/slack-github-actionfromv1.26.0tov3.0.1across all workflows; migrates fromchannel-id/env-based token tomethod: chat.postMessagewith inlinetokenandchannelin payloadaws-actions/configure-aws-credentialsfromv4tov6docker/setup-buildx-actionfromv3tov4,docker/login-actionfromv3tov4,docker/build-push-actionfromv5tov7actions/github-scriptfromv7tov9astral-sh/setup-uvfromv7tov8.0.0in all Python workflowscodecov/codecov-actionfromv5tov6getsentry/action-releasefromv1tov3tailscale/github-actionfromv2tov4EndBug/add-and-commitfromv9tov10apify/release-pr-actionfromv3.5.1tov3.5.3apify/pull-request-toolkit-actionfrommaintov2.2.0DamianReeves/write-file-actionfrommastertov1.320to24inpython_docs_checkandclaude-md-maintenanceworkflows; bumpactions/setup-nodefromv4tov6Testing
v3API shape (method,token,channelin payload) — verify Slack messages are delivered on a workflow run that uses aslackChannelIdinputconfigure-aws-credentials@v6upgradesetup-uv@v8codecov-action@v6action-release@v3github-script@v9EndBug/add-and-commit@v10pull-request-toolkit-action@v2.2.0behaves the same as the previously unpinnedmain