Skip to content

Bump actions/upload-artifact from 4 to 5 #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 38 commits into from
Closed

Bump actions/upload-artifact from 4 to 5 #3

dependabot wants to merge 38 commits into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Dec 8, 2025
edited
Loading

Bumps actions/upload-artifact from 4 to 5.

Release notes

Sourced from actions/upload-artifact's releases.

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

New Contributors

Full Changelog: actions/upload-artifact@v4...v5.0.0

v4.6.2

What's Changed

New Contributors

Full Changelog: actions/upload-artifact@v4...v4.6.2

v4.6.1

What's Changed

Full Changelog: actions/upload-artifact@v4...v4.6.1

v4.6.0

What's Changed

Full Changelog: actions/upload-artifact@v4...v4.6.0

v4.5.0

What's Changed

New Contributors

... (truncated)

Commits
  • 330a01c Merge pull request #734 from actions/danwkennedy/prepare-5.0.0
  • 03f2824 Update github.dep.yml
  • 905a1ec Prepare v5.0.0
  • 2d9f9cd Merge pull request #725 from patrikpolyak/patch-1
  • 9687587 Merge branch 'main' into patch-1
  • 2848b2c Merge pull request #727 from danwkennedy/patch-1
  • 9b51177 Spell out the first use of GHES
  • cd231ca Update GHES guidance to include reference to Node 20 version
  • de65e23 Merge pull request #712 from actions/nebuk89-patch-1
  • 8747d8c Update README.md
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@radhermit
configure: change package name to scallop and define full version
0568168 
So the header subdir used for the `install-headers` target is scallop
otherwise it would overlap with the regular bash package when plugin
support is enabled (which installs the headers).

Also, this changes $PACKAGE_VERSION to the X.Y.Z.DATE format used by scallop.
@radhermit
Makefile.in: add static and shared library targets
3efaf78
@radhermit
Makefile.in: avoid running autoconf when building library
b778d31 
Previously when building libraries for scallop, the configure target
would trigger autoconf to be run unnecessarily as the bundled configure
script should up-to-date.
@radhermit
Makefile.in: use $(shell ...) instead of backticks to determine Patch…
64c98d2 
…Level

This makes deferred vs immediate expansion work as expected for other
variables using $(PatchLevel).
@radhermit
Makefile.in: install additional headers needed by scallop bindings
03ed1e3
@radhermit
configure.ac: force -fPIC for external shared library creation
eac2825
@radhermit
add configure flag for library build support
9817d90 
And rename main() to bash_main() in order to use it externally when
library support is enabled.
@radhermit
regenerate configure script and remove backup
e2846f4
@radhermit
configure: don't configure doc, examples, po, and support dirs
15d388d
@radhermit
Makefile.in: install scallop pkgconfig file
693beb6
@radhermit
builtins: disable complete plugin if support is disabled
532a557
@radhermit
config-top.h: prefer mkstemp over mktemp to avoid linking warning
bf9545c 
About the security issues with mktemp.
@radhermit
add initial register_builtins() support
8bc7f39 
That allows external code to register builtins internally instead of
always having to using dynamic loading.
@radhermit
add support for a command_not_found_handle builtin as well
c5f47f3 
With the builtin being used if it exists instead of the function.
@radhermit
export lib_init() and lib_reset() to initialize/reset the global state
88f288a 
Bash uses an extensive amount of global state and when used as a library
init/reset actions are required for regular operation.
@radhermit
allow BASH_CMDS and BASH_ALIASES data to be freed on reset
3f9ad83 
Without this both leak their underlying array data whenever lib_reset()
is called.
@radhermit
add longjmp wrappers for sourcing and execution functionality
eb9b019 
Bash uses setjmp/longjmp for error, interrupt, and signal handling cases and
thus initializes jump targets in main() which doesn't get called when
used as a library.

Adding jump targets in the main entry points (sourcing and execution)
allows returning proper error codes during library operation and avoids
issues with unwinding across rust frames (which is currently UB and
generally causes segfaults) when using scallop rust support.

Without this, a segfault occurs if a file with errors is sourced under
library usage and `set -e` enabled since no top level jump target is set
and parse_and_execute() tries to longjmp to a NULL target.

Note that the call stack is tracked from scallop so reentrant calls jump
back to where they entered and not the initial call's entry point.
@radhermit
save and restore the previous top level longjmp on entry/exit
bb6b42e
@radhermit
add initial support for proxying errors and warnings back to rust
0939f32 
Instead of always dumping them into stderr.
@radhermit
add error support that reads the message from shared memory
8d0b53c 
Used via external library to inject errors into bash across process
boundaries (e.g. erroring out from subshells).
@radhermit
jobs: don't set SIGCHLD handler by default when job control is disabled
6ab9ebd 
Installing a SIGCHLD handler by default breaks pkgcraft unit tests that
spawn child processes and use wait() or waitpid() to wait for
completion, e.g. tests for builtins such as `econf`.

When enabled by default the tests fail with ECHILD (errno 10) when
trying to wait on child processes since the installed signal handler
gets control instead during child termination.
@radhermit
use custom values for restricted shell name and static PATH
52b47fa
@radhermit
shell: add support for toggling restricted mode
5ddcb7a
@radhermit
shell: add support to set shell name via lib_init()
92e2b39
@radhermit
redir: allow write redirections to /dev/null under restricted mode
493da14
@radhermit
variables: add set_var_read_write() support
4f2b527 
That allows easily reverting set_var_read_only() settings when toggling
restricted mode.
@radhermit
shell: fix environment propagation for library usage
171f7b9 
Without this the process environment isn't inherited and the bash
initialization methods unset everything.
@radhermit
builtins: use a warning for declare -p with undefined variables
966c3ad 
Instead of raising an error. The exit status of the command should be
enough to signify failure.

This avoids the issue where `declare -p UNDEFINED_VAR` is being used to
determine if a variable is defined causing errors when sourcing the
related file or string.
@radhermit
execute_cmd: always search for special builtins during simple command…
6c62c26 
… exec

This allows externally registered special builtins to always override
functions even when bash isn't built with strict posix mode enabled.

This will also have the affect that special builtins native to bash,
e.g. exit and source (see the full list via `enable -s`), won't be able
to be overridden by functions which in our case shouldn't matter and
probably is a good thing anyway.
@radhermit
shell: support setting the environment via passed in values
972beda
radhermit and others added 8 commits December 6, 2025 19:51
@radhermit
add required scallop configure options and related wrapper script
4c4ab20 
These should be used externally to build with the options required by
scallop otherwise it's unsupported when used for pkgcraft.
@radhermit
ci: add release workflow
b351ede
@radhermit
ci: add test workflow
68caa6c
@radhermit
readme: add initial pkgcraft-related info
9b9c867
@radhermit
shopt: don't copy option names for get_shopt_options()
a3f3842 
This makes the option name handling match get_minus_o_opts() in the
`set` builtin and is what the the only usage for get_shopt_options() in
pcomplete.c expects as it explicitly doesn't free the list members the
same as it does for the set options list.
@radhermit
make enable builtin use register_builtins()
12aaa8f
@radhermit
execute_cmd.h: externally export the_printed_command global variable
570c314
@dependabot
Bump actions/upload-artifact from 4 to 5
41d78bf 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4...v5)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Dec 8, 2025
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Dec 11, 2025

Looks like actions/upload-artifact is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Dec 11, 2025
@dependabot dependabot bot deleted the dependabot/github_actions/actions/upload-artifact-5 branch December 11, 2025 06:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@radhermit