Upgrade GitHub Actions for Node 24 compatibility #24

Open

salmanmkc wants to merge 1 commits from salmanmkc/upgrade-github-actions-node24 into main

pull from: salmanmkc/upgrade-github-actions-node24

merge into: dearsky:main

dearsky:main

dearsky:ruvsense-full-implementation

dearsky:claude/use-cases-implementation-plan-tT4s9

dearsky:claude/wifi-densepose-ruvector-Gj3O9

dearsky:adr-028-esp32-capability-audit

dearsky:adr-027-cross-environment-domain-generalization

dearsky:claude/analyze-repo-structure-aOtgs

dearsky:feat/adr-024-contrastive-csi-embedding

dearsky:feat/windows-wifi-enhanced-fidelity

dearsky:feat/rust-ruvector-sensing-ui

dearsky:security/fix-critical-vulnerabilities

dearsky:claude/validate-code-quality-WNrNw

dearsky:claude/integrate-ruvector-rvf-mF1Hp

dearsky:claude/test-rust-update-python-Q2NLq

dearsky:claude/wifi-mat-disaster-detection-MxxnQ

dearsky:claude/rust-agent-swarm-port-UxwTT

Conversation 0 Commits 1 Files Changed 3 +33 -33

salmanmkc commented 2026-02-15 17:10:55 +08:00 (Migrated from github.com)

Copy Link

Summary

Upgrade GitHub Actions to their latest versions to ensure compatibility with Node 24, as Node 20 will reach end-of-life in April 2026.

Changes

Action	Old Version(s)	New Version	Release	Files
actions/checkout	v4	v6	Release	cd.yml, ci.yml, security-scan.yml
actions/download-artifact	v3	v7	Release	security-scan.yml
actions/github-script	v6	v8	Release	cd.yml, security-scan.yml
actions/setup-python	v4	v6	Release	ci.yml, security-scan.yml
actions/upload-artifact	v3	v6	Release	cd.yml, ci.yml, security-scan.yml

Context

Per GitHub's announcement, Node 20 is being deprecated and runners will begin using Node 24 by default starting March 4th, 2026.

Why this matters

• Node 20 EOL: April 2026
• Node 24 default: March 4th, 2026
• Action: Update to latest action versions that support Node 24

⚠️ Breaking Changes

• actions/upload-artifact (v3 → v6):
  • ⚠️ Artifacts with the same name now MERGE instead of being overwritten
  • ⚠️ Default compression changed - may affect artifact size
  • ⚠️ Consider using overwrite: true if you need the old overwrite behavior
• actions/download-artifact (v3 → v7):
  • ⚠️ When downloading multiple artifacts, they now go into separate directories by default
  • ⚠️ Use merge-multiple: true to get the old behavior of merging into one directory

Security Note

Actions that were previously pinned to commit SHAs remain pinned to SHAs (updated to the latest release SHA) to maintain the security benefits of immutable references.

Testing

These changes only affect CI/CD workflow configurations and should not impact application functionality. The workflows should be tested by running them on a branch before merging.

## Summary Upgrade GitHub Actions to their latest versions to ensure compatibility with Node 24, as Node 20 will reach end-of-life in April 2026. ## Changes | Action | Old Version(s) | New Version | Release | Files | |--------|---------------|-------------|---------|-------| | `actions/checkout` | [`v4`](https://github.com/actions/checkout/releases/tag/v4) | [`v6`](https://github.com/actions/checkout/releases/tag/v6) | [Release](https://github.com/actions/checkout/releases/tag/v6) | cd.yml, ci.yml, security-scan.yml | | `actions/download-artifact` | [`v3`](https://github.com/actions/download-artifact/releases/tag/v3) | [`v7`](https://github.com/actions/download-artifact/releases/tag/v7) | [Release](https://github.com/actions/download-artifact/releases/tag/v7) | security-scan.yml | | `actions/github-script` | [`v6`](https://github.com/actions/github-script/releases/tag/v6) | [`v8`](https://github.com/actions/github-script/releases/tag/v8) | [Release](https://github.com/actions/github-script/releases/tag/v8) | cd.yml, security-scan.yml | | `actions/setup-python` | [`v4`](https://github.com/actions/setup-python/releases/tag/v4) | [`v6`](https://github.com/actions/setup-python/releases/tag/v6) | [Release](https://github.com/actions/setup-python/releases/tag/v6) | ci.yml, security-scan.yml | | `actions/upload-artifact` | [`v3`](https://github.com/actions/upload-artifact/releases/tag/v3) | [`v6`](https://github.com/actions/upload-artifact/releases/tag/v6) | [Release](https://github.com/actions/upload-artifact/releases/tag/v6) | cd.yml, ci.yml, security-scan.yml | ## Context Per [GitHub's announcement](https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/), Node 20 is being deprecated and runners will begin using Node 24 by default starting March 4th, 2026. ### Why this matters - **Node 20 EOL**: April 2026 - **Node 24 default**: March 4th, 2026 - **Action**: Update to latest action versions that support Node 24 ### ⚠️ Breaking Changes - **actions/upload-artifact** (v3 → v6): - ⚠️ Artifacts with the same name now MERGE instead of being overwritten - ⚠️ Default compression changed - may affect artifact size - ⚠️ Consider using `overwrite: true` if you need the old overwrite behavior - **actions/download-artifact** (v3 → v7): - ⚠️ When downloading multiple artifacts, they now go into separate directories by default - ⚠️ Use `merge-multiple: true` to get the old behavior of merging into one directory ### Security Note Actions that were previously pinned to commit SHAs remain pinned to SHAs (updated to the latest release SHA) to maintain the security benefits of immutable references. ### Testing These changes only affect CI/CD workflow configurations and should not impact application functionality. The workflows should be tested by running them on a branch before merging.

This pull request has changes conflicting with the target branch.

• .github/workflows/ci.yml
• .github/workflows/security-scan.yml

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin salmanmkc/upgrade-github-actions-node24:salmanmkc/upgrade-github-actions-node24

git checkout salmanmkc/upgrade-github-actions-node24

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

bug

Something isn't working

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

good first issue

Good for newcomers

help wanted

Extra attention is needed

invalid

This doesn't seem right

question

Further information is requested

security

Security-related issues and hardening

wontfix

This will not be worked on

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

dearsky

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: dearsky/wifi-densepose#24