From e88011f08f49362ebf77052dde559b554d5e0470 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Mar 2026 12:50:07 +0000 Subject: [PATCH] chore(ci): bump actions/upload-artifact from 4 to 7 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci-bootstrap.yml | 4 ++-- .github/workflows/ci-cd-pipeline.yml | 2 +- .github/workflows/ci-cd.yaml | 4 ++-- .github/workflows/ci-gap-closure.yml | 2 +- .github/workflows/ci-unified.yml | 6 +++--- .github/workflows/ci.yml | 4 ++-- .github/workflows/container-scan.yml | 6 +++--- .github/workflows/dast-pipeline.yml | 6 +++--- .github/workflows/dependency-check.yml | 6 +++--- .github/workflows/headybuddy-android.yml | 4 ++-- .github/workflows/performance-baseline.yml | 6 +++--- .github/workflows/promote-to-main.yml | 2 +- .github/workflows/promote-to-staging.yml | 2 +- .github/workflows/promotion-pipeline.yml | 14 +++++++------- .github/workflows/sast-pipeline.yml | 12 ++++++------ .github/workflows/security-gate.yml | 2 +- .github/workflows/security-scan.yml | 4 ++-- 17 files changed, 43 insertions(+), 43 deletions(-) diff --git a/.github/workflows/ci-bootstrap.yml b/.github/workflows/ci-bootstrap.yml index 479dd49ae..f72eb637c 100644 --- a/.github/workflows/ci-bootstrap.yml +++ b/.github/workflows/ci-bootstrap.yml @@ -47,7 +47,7 @@ jobs: output: sbom.json - name: Upload SBOM - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: sbom path: sbom.json @@ -184,7 +184,7 @@ jobs: if: always() run: node domain-verification/verify-all-domains.mjs --json > domain-results.json - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v7 if: always() with: name: domain-verification diff --git a/.github/workflows/ci-cd-pipeline.yml b/.github/workflows/ci-cd-pipeline.yml index 0e7ffebea..206bfa236 100644 --- a/.github/workflows/ci-cd-pipeline.yml +++ b/.github/workflows/ci-cd-pipeline.yml @@ -127,7 +127,7 @@ jobs: run: npm run build || true - name: Upload build artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: heady-build path: | diff --git a/.github/workflows/ci-cd.yaml b/.github/workflows/ci-cd.yaml index 5e43e123c..1e82e3038 100644 --- a/.github/workflows/ci-cd.yaml +++ b/.github/workflows/ci-cd.yaml @@ -66,7 +66,7 @@ jobs: - name: Upload coverage if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: coverage path: coverage/ @@ -106,7 +106,7 @@ jobs: - name: Upload SBOM if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: sbom path: sbom.json diff --git a/.github/workflows/ci-gap-closure.yml b/.github/workflows/ci-gap-closure.yml index f02b77686..1affc5198 100644 --- a/.github/workflows/ci-gap-closure.yml +++ b/.github/workflows/ci-gap-closure.yml @@ -183,7 +183,7 @@ jobs: NODE_ENV: test - name: Upload coverage - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: coverage-report path: coverage/ diff --git a/.github/workflows/ci-unified.yml b/.github/workflows/ci-unified.yml index 968543565..dd758b188 100644 --- a/.github/workflows/ci-unified.yml +++ b/.github/workflows/ci-unified.yml @@ -105,7 +105,7 @@ jobs: continue-on-error: true - name: Upload SBOM - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 if: always() with: name: sbom @@ -149,12 +149,12 @@ jobs: run: npx jest --coverage --ci --reporters=default --passWithNoTests env: JEST_JUNIT_OUTPUT_DIR: ./test-results - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v7 if: always() with: name: coverage path: coverage/ - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v7 if: always() with: name: test-results diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ddd01d1c1..318a23921 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -68,11 +68,11 @@ jobs: - run: npx jest --coverage --ci --reporters=default --reporters=jest-junit env: JEST_JUNIT_OUTPUT_DIR: ./test-results - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v7 with: name: coverage path: coverage/ - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v7 with: name: test-results path: test-results/ diff --git a/.github/workflows/container-scan.yml b/.github/workflows/container-scan.yml index 97fa1aedf..e40c271be 100644 --- a/.github/workflows/container-scan.yml +++ b/.github/workflows/container-scan.yml @@ -94,7 +94,7 @@ jobs: - name: Upload FS scan artifact if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: trivy-fs-report path: trivy-fs.sarif @@ -184,7 +184,7 @@ jobs: - name: Upload image scan artifact if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: trivy-image-${{ steps.image-name.outputs.suffix }}-report path: trivy-image-${{ steps.image-name.outputs.suffix }}.sarif @@ -234,7 +234,7 @@ jobs: - name: Upload hadolint artifact if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: hadolint-report path: hadolint-results.sarif diff --git a/.github/workflows/dast-pipeline.yml b/.github/workflows/dast-pipeline.yml index c4ed5310f..bdf82c308 100644 --- a/.github/workflows/dast-pipeline.yml +++ b/.github/workflows/dast-pipeline.yml @@ -164,7 +164,7 @@ jobs: - name: Upload ZAP reports if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: zap-scan-reports path: | @@ -229,7 +229,7 @@ jobs: - name: Upload Nuclei results if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: nuclei-results path: | @@ -388,7 +388,7 @@ jobs: - name: Upload testssl results if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: testssl-results path: | diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml index 5f66683b7..b496d7cac 100644 --- a/.github/workflows/dependency-check.yml +++ b/.github/workflows/dependency-check.yml @@ -121,7 +121,7 @@ jobs: fi - name: Upload audit report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: npm-audit-production path: audit-report.json @@ -192,7 +192,7 @@ jobs: jq -r 'to_entries | group_by(.value.licenses) | .[] | "- **\(.[0].value.licenses)**: \(length) packages"' license-report.json >> "$GITHUB_STEP_SUMMARY" - name: Upload license report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: license-report path: license-report.json @@ -255,7 +255,7 @@ jobs: - name: Upload Trivy report artifact if: always() && steps.check_dockerfile.outputs.exists == 'true' - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: trivy-${{ matrix.image.name }}-report path: trivy-${{ matrix.image.name }}.sarif diff --git a/.github/workflows/headybuddy-android.yml b/.github/workflows/headybuddy-android.yml index 1f78d9938..3476a837f 100644 --- a/.github/workflows/headybuddy-android.yml +++ b/.github/workflows/headybuddy-android.yml @@ -74,7 +74,7 @@ jobs: - name: Upload test results if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: unit-test-results path: headybuddy-mobile/**/build/reports/tests/ @@ -107,7 +107,7 @@ jobs: - name: Upload instrumented test results if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: instrumented-test-results path: headybuddy-mobile/**/build/reports/androidTests/ diff --git a/.github/workflows/performance-baseline.yml b/.github/workflows/performance-baseline.yml index ec991da72..7c057f683 100644 --- a/.github/workflows/performance-baseline.yml +++ b/.github/workflows/performance-baseline.yml @@ -386,7 +386,7 @@ jobs: # ── 10. Upload baselines as artifacts ──────────────────── - name: Upload performance baseline - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: performance-baseline path: .benchmarks/baseline.json @@ -395,7 +395,7 @@ jobs: overwrite: true - name: Upload bundle baseline - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: bundle-baseline path: bundle-sizes.json @@ -403,7 +403,7 @@ jobs: overwrite: true - name: Upload raw benchmark data - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: raw-benchmarks-${{ github.run_id }} path: | diff --git a/.github/workflows/promote-to-main.yml b/.github/workflows/promote-to-main.yml index 34bd3fed3..ae52e4865 100644 --- a/.github/workflows/promote-to-main.yml +++ b/.github/workflows/promote-to-main.yml @@ -173,7 +173,7 @@ jobs: cat /tmp/validation-report.md - name: Upload validation report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: validation-report path: /tmp/validation-report.md diff --git a/.github/workflows/promote-to-staging.yml b/.github/workflows/promote-to-staging.yml index 133640121..77dd8d1a6 100644 --- a/.github/workflows/promote-to-staging.yml +++ b/.github/workflows/promote-to-staging.yml @@ -85,7 +85,7 @@ jobs: echo "✓ Test orchestrator completed — all suites passed" - name: Upload test report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 if: always() with: name: test-run-report diff --git a/.github/workflows/promotion-pipeline.yml b/.github/workflows/promotion-pipeline.yml index d6ad1d3cc..38cf7a05b 100644 --- a/.github/workflows/promotion-pipeline.yml +++ b/.github/workflows/promotion-pipeline.yml @@ -89,7 +89,7 @@ jobs: - name: Upload ESLint results if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: lint-results-${{ github.sha }} path: | @@ -181,7 +181,7 @@ jobs: - name: Upload security scan results if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: security-results-${{ github.sha }} path: | @@ -300,7 +300,7 @@ jobs: - name: Upload test results if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: test-results-${{ github.sha }} path: | @@ -379,7 +379,7 @@ jobs: - name: Upload benchmark results if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: benchmark-results-${{ github.sha }} path: | @@ -440,7 +440,7 @@ jobs: - name: Upload bundle analysis if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: bundle-analysis-${{ github.sha }} path: bundle-analysis.json @@ -544,7 +544,7 @@ jobs: - name: Upload dependency audit results if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: dependency-audit-${{ github.sha }} path: | @@ -588,7 +588,7 @@ jobs: - name: Upload dead code report if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: dead-code-report-${{ github.sha }} path: dead-code-report.json diff --git a/.github/workflows/sast-pipeline.yml b/.github/workflows/sast-pipeline.yml index 0d7a89b7c..426e1038c 100644 --- a/.github/workflows/sast-pipeline.yml +++ b/.github/workflows/sast-pipeline.yml @@ -93,7 +93,7 @@ jobs: - name: Upload CodeQL SARIF if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: codeql-sarif-${{ matrix.language }} path: codeql-results-${{ matrix.language }} @@ -147,7 +147,7 @@ jobs: - name: Upload Semgrep results artifact if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: semgrep-results path: | @@ -223,7 +223,7 @@ jobs: - name: Upload ESLint results if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: eslint-security-results path: eslint-security.sarif @@ -262,7 +262,7 @@ jobs: - name: Upload npm audit report if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: npm-audit-report path: npm-audit-report.json @@ -311,7 +311,7 @@ jobs: - name: Upload Gitleaks report if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: gitleaks-report path: gitleaks-report.sarif @@ -358,7 +358,7 @@ jobs: " - name: Upload SBOM artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: heady-sbom path: heady-sbom.cdx.json diff --git a/.github/workflows/security-gate.yml b/.github/workflows/security-gate.yml index 93f7b4acc..d4ff05bd4 100644 --- a/.github/workflows/security-gate.yml +++ b/.github/workflows/security-gate.yml @@ -214,7 +214,7 @@ jobs: - name: Upload Gitleaks PR report if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: gitleaks-pr-report path: gitleaks-pr.json diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index fe3269c81..d76203b57 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -94,7 +94,7 @@ jobs: " || echo "Audit completed with warnings" - name: Upload audit results - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 if: always() with: name: npm-audit-${{ github.run_id }} @@ -228,7 +228,7 @@ jobs: echo "✓ License check complete" - name: Upload license report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 if: always() with: name: license-report-${{ github.run_id }}