Skip to content

build(deps): bump actions/upload-artifact from 4 to 7 in the actions-dependencies group across 1 directory#1

Open
dependabot[bot] wants to merge 17 commits into
mainfrom
dependabot/github_actions/actions-dependencies-674967a53d
Open

build(deps): bump actions/upload-artifact from 4 to 7 in the actions-dependencies group across 1 directory#1
dependabot[bot] wants to merge 17 commits into
mainfrom
dependabot/github_actions/actions-dependencies-674967a53d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 30, 2026
edited
Loading

Copy link
Copy Markdown

Bumps the actions-dependencies group with 1 update in the / directory: actions/upload-artifact.

Updates actions/upload-artifact from 4 to 7

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.0

v7 What's new

Direct Uploads

Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

New Contributors

Full Changelog: actions/upload-artifact@v6...v7.0.0

v6.0.0

v6 - What's new

[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

... (truncated)

Commits
  • 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
  • 634250c Include changes in typespec/ts-http-runtime 0.3.5
  • e454baa Readme: bump all the example versions to v7 (#796)
  • 74fad66 Update the readme with direct upload details (#795)
  • bbbca2d Support direct file uploads (#764)
  • 589182c Upgrade the module to ESM and bump dependencies (#762)
  • 47309c9 Merge pull request #754 from actions/Link-/add-proxy-integration-tests
  • 02a8460 Add proxy integration test
  • b7c566a Merge pull request #745 from actions/upload-artifact-v6-release
  • e516bc8 docs: correct description of Node.js 24 support in README
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 30, 2026
@dependabot dependabot Bot changed the title build(deps): bump actions/upload-artifact from 4 to 7 in the actions-dependencies group build(deps): bump actions/upload-artifact from 4 to 7 in the actions-dependencies group across 1 directory Jun 1, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions-dependencies-674967a53d branch 2 times, most recently from 5d801d4 to 3b6c8f8 Compare June 3, 2026 00:23
MFSGA added 9 commits June 5, 2026 09:16
@MFSGA
chore: Gradle configuration alignment with upstream
cf6d1ef 
- settings.gradle.kts: Update foojay-resolver-convention 0.10.0 → 1.0.0
- gradle.properties: Increase JVM memory Xmx4g → Xmx6g, remove deprecated props
- build.gradle.kts: Apply kotlin.android and rust.android plugins
- gradle/libs.versions.toml: Add rust-android-gradle plugin, remove cargo-ndk
@MFSGA
build: Migrate core module from cargo-ndk to rust-android-gradle
53e934f 
- Rewrite core/build.gradle.kts to use rust-android-gradle plugin
- Configure cargo {} block for Android targets
- Remove obsolete android.sourceset.disallowProvider=false
- Maintain UniFFI integration for Kotlin bindings generation
@MFSGA
feat: Align app module with upstream Android configurations
eed988f 
- Add KSP and Kotlin Lint plugins
- Update compileSdk/targetSdk 36 → 37
- Fix ABI splits: add missing x86 architecture
- Add Material3, lifecycle runtime, activity-compose, navigation-compose dependencies
- Add test dependencies (junit5, mockito, turbomock, etc.)
- Preserve AChimera identity: applicationId, app_name, version logic, UniFFI package
@MFSGA
fix: Add missing import for NotificationHelper in TunService.kt
670a179 
- Add import for rs.chimera.android.util.NotificationHelper
- This was needed for baseline compilation to work
@MFSGA
feat: Align Rust/Cargo workspace with upstream
73492aa 
- uniffi/Cargo.toml: Add async-compat = "0.2.5" to workspace dependencies
- uniffi/chimera-ffi/Cargo.toml:
  * Use workspace version/edition
  * Add features section (default, ffi-trace, jemallocator, mimalloc)
  * Update dependencies (jni 0.22, async-compat, tracing updates)
  * Add build-dependencies for uniffi
  * Preserve AChimera-specific clash-lib fork (TODO: align features later)
- uniffi/uniffi-bindgen/Cargo.toml: Already aligned
@MFSGA
feat: Align CI workflow with upstream
eeec314 
- .github/workflows/ci.yml: Add tag triggers for version releases
- Update Java version from 21 → 25 for GitHub Actions (safe, doesn't affect local JDK 21)
- Make checkout step explicit with named step (matches upstream style)
- Note: Release workflow logic remains in separate release.yml for now
@MFSGA
fix: Correct YAML indentation in .github/workflows/ci.yml
f4f9211 
- Fix improper indentation under 'uses: actions/setup-java@v5' step
- Ensure proper 2-space indentation for YAML map values
- Resolve 'Unexpected value' workflow validation error
@MFSGA
fix: Correct YAML indentation in .github/workflows/ci.yml
aeda57a 
- Fixed indentation error at line 29: removed extra space before steps
- Ensured proper 2-space indentation for all workflow steps
- Verified YAML validity with Python yaml.safe_load
@MFSGA
fix(ci)
2f72097
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions-dependencies-674967a53d branch from 3b6c8f8 to d69f305 Compare June 5, 2026 02:01
MFSGA and others added 8 commits June 5, 2026 10:32
@MFSGA
fix
a2caa0f
@MFSGA
feat(ci): one-click release with major/minor/patch version bump
3bf67d0 
Add a new 'bump' job to release.yml that runs on workflow_dispatch:
- Accepts bump_type choice (major/minor/patch) and optional explicit tag_name
- Reads current version from app/build.gradle.kts (baseVersionName)
- Updates both app/build.gradle.kts and uniffi/Cargo.toml workspace version
- Creates an annotated git tag (vX.Y.Z) and pushes it to origin
- The existing release job then picks up the tag, builds APKs, and
  publishes a GitHub release with a generated changelog

Verified locally:
- All 3 bump types (major/minor/patch) compute correct next version
- Explicit tag override (e.g. v2.5.7) is validated against vX.Y.Z format
- Invalid bump_type and malformed tags are rejected
- sed only updates the [workspace.package] version in Cargo.toml,
  leaving dependency version specs (uniffi, async-compat) untouched
- YAML structure is valid and job dependencies resolve correctly
@github-actions
chore(release): bump version to v0.1.1
40a21b8
@MFSGA
fix(ci): expose bump job outputs to release job
ce4ef16 
The 'Resolve release tag' step in the release job was failing with
'could not resolve release tag' because needs.bump.outputs.tag was
evaluating to empty.

In GitHub Actions, a step's GITHUB_OUTPUT is only accessible to the
same job's subsequent steps. To make it available to downstream jobs
via needs.<job>.outputs.<name>, the producing job must declare an
'outputs' section that maps step outputs to job outputs.

Add outputs.version and outputs.tag to the bump job, so the release
job can resolve the tag that was just created and pushed.
@github-actions
chore(release): bump version to v0.1.2
df035fc
@MFSGA
feat(ci): make release workflow tolerate missing signing secrets
e424559 
When KEYSTORE_BASE64/KEYSTORE_PASSWORD/KEY_ALIAS/KEY_PASSWORD are not
configured, the release job now:
- Logs a warning instead of failing at 'Validate signing secrets'
- Skips the 'Decode keystore' step
- Passes empty keystore env vars to gradle (app/build.gradle.kts already
  returns early from signingConfigs when KEYSTORE_FILE is null, so
  assembleRelease produces an unsigned APK)
- Tags generated artifacts with '-unsigned' suffix in the filename

This lets us verify the full bump + tag + GitHub Release pipeline
end-to-end without having to set up a real keystore first. Configure
the four secrets in Settings → Secrets and variables → Actions to
switch back to signed release builds.
@github-actions
chore(release): bump version to v0.1.3
bedede6
@dependabot
build(deps): bump actions/upload-artifact
473f652 
Bumps the actions-dependencies group with 1 update in the / directory: [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/upload-artifact` from 4 to 7
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4...v7)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions-dependencies-674967a53d branch from d69f305 to 473f652 Compare June 5, 2026 06:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@MFSGA