Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump actions/download-artifact from 3 to 4 #3098

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump actions/download-artifact from 3 to 4 #3098

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 18, 2023
edited

Bumps actions/download-artifact from 3 to 4.

Release notes

Sourced from actions/download-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

For more information, see the @​actions/artifact documentation.

New Contributors

Full Changelog: actions/download-artifact@v3...v4.0.0

v3.0.2

v3.0.1

Commits
  • 7a1cd32 Merge pull request #246 from actions/v4-beta
  • 8f32874 licensed cache
  • b5ff844 Merge pull request #245 from actions/robherley/v4-documentation
  • f07a0f7 Update README.md
  • 7226129 update test workflow to use different artifact names for matrix
  • ada9446 update docs and bump @​actions/artifact
  • 7eafc8b Merge pull request #244 from actions/robherley/bump-toolkit
  • 3132d12 consume latest toolkit
  • 5be1d38 Merge pull request #243 from actions/robherley/v4-beta-updates
  • 465b526 consume latest @​actions/toolkit
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot requested a review from hydai as a code owner December 18, 2023 13:57
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Dec 18, 2023
@juntao Flows.network Integration
Copy link
Member

juntao commented Dec 18, 2023
edited

Hello, I am a code review bot on flows.network. Here are my reviews of code commits in this PR.

Commit fdb24d8a36b1ef0677736010a8b121162b9c37e6

Patch Summary:

This pull request updates the version of actions/download-artifact from version 3 to 4. This GitHub action is used to download build artifacts uploaded by the upload-artifact action, which are referenced via uses: actions/download-artifact@v4. The version change happened in two files: .github/workflows/build_for_openwrt.yml and .github/workflows/release.yml. In the case of build_for_openwrt.yml, the action is intended to download an image, while in release.yml, it fetches a tarball.

Potential Issues:

  1. Compatibility: A major version change implies breaking changes. There might be compatibility issues with the new version. The developer must verify that version 4 of actions/download-artifact functions as expected in this context.

  2. Dependencies: Any dependencies that rely on actions/download-artifact might behave unpredictably, given that changes in major versions can introduce instability.

  3. Unforeseen Errors: It's important to check the release notes for this version bump to ensure there are no new errors or issues introduced by this version.

Recommendations:

The developer should ensure the application works as expected after the version bump. It is also advised to thoroughly test the workflow where these downloads are utilized before merging the pull request. Checking the release notes for the new version from the official GitHub page of the download-artifact action may offer more insights to potential problems or added functionalities.

@github-actions github-actions bot added the c-CI label Dec 18, 2023
@dependabot dependabot bot force-pushed the dependabot/github_actions/actions/download-artifact-4 branch from 861f4ac to b49893e Compare December 20, 2023 17:06
hydai
hydai requested changes Dec 23, 2023
View reviewed changes
Copy link
Member

@hydai hydai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is blocked by #3099. We should merge this after the #3099 gets merged.

@dependabot dependabot bot force-pushed the dependabot/github_actions/actions/download-artifact-4 branch 2 times, most recently from 25f9ca3 to 45c12ba Compare January 3, 2024 02:43
@dependabot dependabot bot force-pushed the dependabot/github_actions/actions/download-artifact-4 branch 3 times, most recently from 8fd04f6 to 9e40f2f Compare January 5, 2024 11:31
@dependabot
Bump actions/download-artifact from 3 to 4
fdb24d8 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/github_actions/actions/download-artifact-4 branch from 9e40f2f to fdb24d8 Compare January 9, 2024 09:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hydai hydai hydai requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
c-CI dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@juntao @hydai