Skip to content

ci(deps): bump actions/download-artifact from 3 to 4 #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 60 commits into from
Closed

ci(deps): bump actions/download-artifact from 3 to 4 #5

wants to merge 60 commits into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 5, 2025

Bumps actions/download-artifact from 3 to 4.

Release notes

Sourced from actions/download-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

  1. The changelog post.
  2. The README.
  3. The migration documentation.
  4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

Full Changelog: actions/download-artifact@v3...v4.0.0

v3.0.2

v3.0.1

Commits
  • d3f86a1 Merge pull request #404 from actions/robherley/v4.3.0
  • fc02353 prep for v4.3.0 release
  • 7745437 Merge pull request #402 from actions/joshmgross/download-by-id-example
  • 84fc7a0 Remove path filters from Check dist workflow
  • 67f2bc3 Fix workflow example for downloading by artifact ID
  • 8ea3c2c Merge pull request #401 from actions/download-by-id
  • d219c63 add supporting unit tests for artifact downloads with ids
  • 54124fb revert getArtifact() changes - for now we have to list and filter by artifa...
  • b83057b bundle
  • 171183c use the same artifactClient.getArtifact structure as seen above in `isSingl...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

scoobyjava added 30 commits April 20, 2025 09:46
@scoobyjava
Initial commit
e4b0f8e
@scoobyjava
Initial stable configuration with working devcontainer setup
f9b2eaa
@scoobyjava
Reset to stable baseline for core build - Phase 0 completion
4acb3fa
@scoobyjava
Phase 1 Step 1: Implement PatrickMemoryManager with tests
98f06be 
- Created PatrickMemoryManager in stubs.py, a simplified memory manager hardcoded for Patrick
- Implemented all required memory management functions with single-user optimizations
- Added comprehensive test suite in test_memory.py with 11 test cases covering all functionality
- Created necessary __init__.py files for proper Python package structure

This completes Step 1 of Phase 1, enabling the Orchestrator to store and retrieve conversation history.
@scoobyjava
Replace PatrickMemoryManager with InMemoryMemoryManagerStub
fa565e7
@scoobyjava
Add core Python dependency installation to setup.sh
63fe948
@scoobyjava
Update orchestrator with interaction endpoint enhancements and add su…
4db1d6f 
…pporting files
@scoobyjava
Update orchestrator with memory management and Figma integration impr…
f9bc0d2 
…ovements
@scoobyjava
Secure credentials: Remove hardcoded tokens and use environment varia…
5c478bb 
…bles
@scoobyjava
Update memory system configuration and add next steps documentation
ac380ec
@scoobyjava
Add Cloud Run configuration for Phidata Agent UI deployment
9eb0a67
@scoobyjava
Update environment to production for deployment
7e95512
@scoobyjava
Update Redis configuration with new production cloud database details
ddaf48a
@scoobyjava
Update scripts and documentation for new Redis configuration
e566159
@scoobyjava
Add Terraform API keys and Redis database endpoint configurations
6ea8809
@scoobyjava
Update .env.example file with new environment variables
6682e10
@scoobyjava
feat: Add GitHub Actions workflow for dev deployment and update cloud…
606c224 
…build.yaml for dynamic secrets
@scoobyjava
Automated commit
77248e9
@scoobyjava
Update Terraform development environment and add example files
822abab
@scoobyjava
Update .gitignore to exclude large files
0911d7c
@scoobyjava
Updated .gitignore to exclude large files
c537f4e
@scoobyjava
Added .gitignore to exclude large files
7d16bf3
@scoobyjava
Update .gitignore and remove virtual environment from tracking
f1e69f3
@scoobyjava
Update .gitignore to exclude large files
8b89c1e
@scoobyjava
Update .gitignore to exclude large files and Terraform state
2bc56e6
@scoobyjava
Fix cloudbuild.yaml syntax error and update Terraform configuration
2c93a9b
@scoobyjava
Update workflow to use organization secrets for authentication
3ca650f
@scoobyjava
Update workflow to trigger on dev branch pushes
9b2113c
@scoobyjava
Trigger deployment workflow with repository-level secrets
611229a
@scoobyjava
Trigger deployment workflow
3b58e26
scoobyjava and others added 25 commits April 30, 2025 17:55
@scoobyjava
fix: Manually verify/apply fixes for CI, imports, Docker, SA
3ba501e
@scoobyjava
fix: Standardize CI workflows to Python 3.11
563cb0e
@scoobyjava
fix: Resolve newspaper4k dependency conflict using explicit python co…
84e254b 
…nstraint
@scoobyjava
chore: Update .gitignore for assessment files
c957d54
@scoobyjava
feat: Apply accumulated updates including migration prep
42d62cd
@scoobyjava
Merge branch 'fix-circular-imports-and-ci'
dcfff3f 
This merge fixes circular imports and enhances CI pipeline with GCP authentication and deployment improvements.
@scoobyjava
Add code analysis pre-commit integration
b05b5b6
@scoobyjava
Add security audit report with findings and recommendations
2b9d445
@scoobyjava
Add security analysis results JSON data
981e6c9
@scoobyjava
Fix circular import issues and add Terraform infrastructure files for…
8638656 
… all environments
@scoobyjava
Fix circular dependencies in Terraform configurations and add Firesto…
e3759ec 
…re module
@scoobyjava
Add Terraform optimization tools and CI/CD enhancements
307102f 
- Enhanced CI/CD workflow with parallel execution and security scanning
- Added terraform-optimizer.sh for easier CLI operations
- Configured .terraformrc for performance improvements
- Added .tflint.hcl with Google Cloud specific rules
- Created comprehensive optimization documentation
@scoobyjava
Add GCP project migration tools and update references
1066dd7 
- Update backend.tf to use new project bucket (tfstate-cherry-ai-project)
- Enhance migrate_github_to_gcp_secrets.sh security by removing hardcoded token
- Create update-project-references.sh automation script for migrating project references
- Add comprehensive GCP_PROJECT_MIGRATION_SUMMARY.md document
@scoobyjava
Fix circular imports and update CI configurations
3fe4d8c
@scoobyjava
feat!: Complete accelerated environment and infra setup
6b1bc7e
@scoobyjava
feat!: Complete accelerated environment and infra setup
32678a3
@scoobyjava
feat!: Complete accelerated environment and infra setup
7ef5996
@scoobyjava
feat!: Complete accelerated environment and infra setup
c0e9ddc
@scoobyjava
Address workspace context and dependency issues: Added missing Terraf…
d0d9398 
…orm secrets and removed requirements-consolidated.txt
@scoobyjava
Enhance DevContainer configuration for improved stability and reprodu…
625e3e2 
…cibility
@scoobyjava
Fix restricted mode issues and update Terraform common environment
c818a7c 
1. Restricted Mode Fix:
- Add comprehensive fix_restricted_mode.sh script
- Add verify_standard_mode.sh for verification
- Update devcontainer configuration and Docker files
- Update documentation

2. Terraform Common Environment:
- Update all resource configurations with best practices
- Add provider version constraints
- Use variables instead of hardcoded values
- Add IAM bindings and security configurations
- Consolidate outputs in dedicated file
- Improve resource lifecycle management
@scoobyjava
Fix GitHub secret scanning false positives in track_migration_progres…
3363f76 
…s.sh

- Add github-actions: allow annotations to sections that handle secrets but don't contain actual credentials
- Add comments to clarify that these sections are retrieving secrets securely, not exposing credentials
@scoobyjava
Add GitHub security configuration files
f89b1db 
- Add .github/secret_scanning.yml to configure secret scanning
- Add .github/SECURITY.md to document security practices
- Add .github/dependabot.yml for automated dependency updates
- Add .gitattributes to mark specific files as generated to avoid false positives
@scoobyjava
Refactor track_migration_progress.sh to use secure_credential_manager.sh
b53e06f
@dependabot
ci(deps): bump actions/download-artifact from 3 to 4
dcfb2ac 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github May 5, 2025

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@scoobyjava scoobyjava closed this May 6, 2025
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github May 6, 2025

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/github_actions/actions/download-artifact-4 branch May 6, 2025 21:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@scoobyjava