Upgrade GitHub Actions to Node.js 24 compatibility

[michieldegezelle]

Summary

• Deadline: June 16, 2026 — all caller repos (be_market and others) inherit this fix automatically via uses: silverfin/bso_github_actions/.github/workflows/...
• actions/checkout v4 → v6 across all 6 workflow files
• actions/setup-node v4 → v6 in run_tests.yml and check_auth.yml
• tj-actions/changed-files v41 → v46 in run_tests.yml
• Replaced deprecated ref: "main" with base_sha: 'main' in run_tests.yml (the ref input was removed in v43+; check_tests.yml already used v46 with base_sha: 'main' as the correct pattern)
• node-version: 20 → node-version: 22 in run_tests.yml

Files changed

File	Changes
.github/workflows/run_tests.yml	checkout v6, changed-files v46, ref → base_sha, setup-node v6, node 20 → 22
.github/workflows/check_auth.yml	checkout v6, setup-node v6
.github/workflows/check_tests.yml	checkout v6
.github/workflows/check_dependencies.yml	checkout v6
.github/workflows/slack_changelog.yml	checkout v6
.github/workflows/update_templates_production.yml	checkout v6 (×2)

Test plan

• Verify a PR in a caller repo (e.g. be_market) triggers run_tests.yml and the changed-files step resolves correctly with base_sha: 'main'
• Confirm check_auth.yml runs Node 22 without errors
• Confirm check_tests.yml, check_dependencies.yml, slack_changelog.yml, and update_templates_production.yml still pass after the checkout bump

🤖 Generated with Claude Code

[coderabbitai]

Walkthrough

Six GitHub Actions workflows are updated to use newer action versions. The actions/checkout action is uniformly upgraded from v4 to v6 across all files. Node setup actions are upgraded to v6, and Node runtime in run_tests.yml is bumped from v20 to v22. The tj-actions/changed-files action is upgraded with a configuration parameter change.

Changes

GitHub Actions Version Upgrades

Layer / File(s)	Summary
Checkout action v4 → v6 upgrades across all workflows .github/workflows/check_auth.yml, .github/workflows/check_dependencies.yml, .github/workflows/check_tests.yml, .github/workflows/run_tests.yml, .github/workflows/slack_changelog.yml, .github/workflows/update_templates_production.yml	All six workflow files upgrade actions/checkout from v4 to v6. check_auth.yml also upgrades actions/setup-node from v4 to v6. run_tests.yml upgrades actions/checkout to v6 in both jobs, upgrades tj-actions/changed-files to v46 with configuration change from ref: "main" to base_sha: 'main', upgrades actions/setup-node to v6, and changes Node runtime from v20 to v22.

---

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The title mentions Node.js 24 compatibility, but the actual changes show Node.js 22 upgrades and GitHub Actions version bumps; the title does not accurately reflect the primary changes.	Update the title to accurately reflect the main changes, such as 'Upgrade GitHub Actions and Node.js to latest versions' or 'Update Actions workflows: checkout/setup-node v6, Node 22, and tj-actions v46'.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description is comprehensive with a clear summary of changes, a detailed table of affected files, and a test plan; however, it lacks explicit Type of change and Checklist sections from the template.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch upgrade/node24-actions

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 6

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/check_auth.yml:
- Line 20: Replace the tag-pinned actions in the workflow so they use immutable
commit SHAs: locate the `uses: actions/checkout@v6` and `uses:
actions/setup-node@v6` entries in the `.github/workflows/check_auth.yml` file
and replace `@v6` with the corresponding full commit SHAs for each action (use
the official actions repos to copy the current recommended commit SHA for
actions/checkout and actions/setup-node), ensuring the workflow references the
exact commit rather than a moving tag.

In @.github/workflows/check_dependencies.yml:
- Line 59: The workflow step currently uses the mutable tag "uses:
actions/checkout@v6"; replace that reference with the corresponding immutable
40-character commit SHA for the actions/checkout repository (i.e., "uses:
actions/checkout@<full-40-char-SHA>") so the workflow is pinned to a specific
commit; locate the "uses: actions/checkout@v6" entry in the workflow and update
it to the full commit SHA from the actions/checkout GitHub repo for the v6
release.

In @.github/workflows/check_tests.yml:
- Line 15: Replace the mutable tag usage of actions/checkout@v6 with an
immutable full commit SHA: locate the uses: actions/checkout entry currently set
to actions/checkout@v6 and change it to actions/checkout@<full-commit-sha> (use
the official actions/checkout repository commit SHA you intend to pin); commit
the updated workflow and verify the workflow runs to ensure the pinned SHA is
valid.

In @.github/workflows/run_tests.yml:
- Line 24: Replace mutable action tags with immutable commit SHAs: update the
workflow entries referencing actions/checkout@v6, tj-actions/changed-files@v46,
and actions/setup-node@v6 to use their respective commit SHAs (e.g.,
actions/checkout@<sha>, tj-actions/changed-files@<sha>,
actions/setup-node@<sha>). Locate the three `uses:` lines that reference those
exact module strings and pin each to the latest verified commit SHA from the
action's repository, then commit the updated workflow.

In @.github/workflows/slack_changelog.yml:
- Line 16: Replace the moving tag reference to actions/checkout@v6 with a pinned
commit SHA: locate the workflow step that uses the actions/checkout action (the
line with "uses: actions/checkout@v6") and update it to the specific full commit
SHA for the actions/checkout repository (e.g.,
actions/checkout@<full-commit-sha>) so the workflow uses an immutable reference
and mitigates supply-chain risk.

In @.github/workflows/update_templates_production.yml:
- Line 17: Replace the mutable uses: actions/checkout@v6 occurrences with the
corresponding immutable commit SHAs (i.e., uses:
actions/checkout@<full-commit-sha>) so the workflow is pinned; update both
instances of "uses: actions/checkout@v6" in this file and search other
.github/workflows/* for the same pattern and pin them as well, ensuring the
chosen commit SHAs match the v6 release you intend to track.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: e262bc21-633b-466c-ae2d-5c482abe4f1d

📥 Commits

Reviewing files that changed from the base of the PR and between 2c6efe5 and 8697a2d.

📒 Files selected for processing (6)

• .github/workflows/check_auth.yml
• .github/workflows/check_dependencies.yml
• .github/workflows/check_tests.yml
• .github/workflows/run_tests.yml
• .github/workflows/slack_changelog.yml
• .github/workflows/update_templates_production.yml