From f12232634fd8fa66396b357ac888a04fec8f3cf2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 05:33:45 -0800 Subject: [PATCH 1/3] [skip changelog] Bump actions/download-artifact from 6 to 7 (#3067) Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 6 to 7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/publish-go-nightly-task.yml | 6 +++--- .github/workflows/publish-go-tester-task.yml | 2 +- .github/workflows/release-go-task.yml | 6 +++--- .github/workflows/sync-labels.yml | 2 +- .github/workflows/test-go-task.yml | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/publish-go-nightly-task.yml b/.github/workflows/publish-go-nightly-task.yml index 2805356f5b2..ec7bb0672d9 100644 --- a/.github/workflows/publish-go-nightly-task.yml +++ b/.github/workflows/publish-go-nightly-task.yml @@ -105,7 +105,7 @@ jobs: uses: actions/checkout@v6 - name: Download artifacts - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: name: ${{ env.ARTIFACT_NAME }}-${{ matrix.artifact.artifact-suffix }} path: ${{ env.DIST_DIR }} @@ -210,7 +210,7 @@ jobs: uses: actions/checkout@v6 - name: Download artifacts - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: name: ${{ env.ARTIFACT_NAME }}-Windows_64bit path: ${{ env.DIST_DIR }} @@ -264,7 +264,7 @@ jobs: uses: actions/checkout@v6 - name: Download artifact - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: pattern: ${{ env.ARTIFACT_NAME }}-* merge-multiple: true diff --git a/.github/workflows/publish-go-tester-task.yml b/.github/workflows/publish-go-tester-task.yml index c2095f1ea7a..8c26b7d646d 100644 --- a/.github/workflows/publish-go-tester-task.yml +++ b/.github/workflows/publish-go-tester-task.yml @@ -164,7 +164,7 @@ jobs: steps: - name: Download build artifacts - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 - name: Output checksum run: | TAG="${{ needs.package-name-prefix.outputs.prefix }}git-snapshot" diff --git a/.github/workflows/release-go-task.yml b/.github/workflows/release-go-task.yml index d7ba506dd95..c8564938a22 100644 --- a/.github/workflows/release-go-task.yml +++ b/.github/workflows/release-go-task.yml @@ -103,7 +103,7 @@ jobs: uses: actions/checkout@v6 - name: Download artifacts - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: name: ${{ env.ARTIFACT_NAME }}-${{ matrix.artifact.artifact-suffix }} path: ${{ env.DIST_DIR }} @@ -208,7 +208,7 @@ jobs: uses: actions/checkout@v6 - name: Download artifacts - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: name: ${{ env.ARTIFACT_NAME }}-Windows_64bit path: ${{ env.DIST_DIR }} @@ -262,7 +262,7 @@ jobs: uses: actions/checkout@v6 - name: Download artifact - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: pattern: ${{ env.ARTIFACT_NAME }}-* merge-multiple: true diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index 67a3005fee0..1d61e865a3d 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -109,7 +109,7 @@ jobs: uses: actions/checkout@v6 - name: Download configuration files artifact - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: pattern: ${{ env.CONFIGURATIONS_ARTIFACT }}-* merge-multiple: true diff --git a/.github/workflows/test-go-task.yml b/.github/workflows/test-go-task.yml index fe75a7a2ebe..5ccfba016ff 100644 --- a/.github/workflows/test-go-task.yml +++ b/.github/workflows/test-go-task.yml @@ -182,7 +182,7 @@ jobs: run: go install github.com/wadey/gocovmerge@b5bfa59 - name: Download coverage data artifact - uses: actions/download-artifact@v6 + uses: actions/download-artifact@v7 with: pattern: ${{ env.COVERAGE_ARTIFACT }}-* merge-multiple: true From 1b9a7a36c458574227075ab6458c5b35765e1b2f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 05:34:15 -0800 Subject: [PATCH 2/3] [skip changelog] Bump actions/upload-artifact from 5 to 6 (#3066) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/check-go-dependencies-task.yml | 2 +- .github/workflows/publish-go-nightly-task.yml | 6 +++--- .github/workflows/publish-go-tester-task.yml | 4 ++-- .github/workflows/release-go-task.yml | 6 +++--- .github/workflows/sync-labels.yml | 2 +- .github/workflows/test-go-task.yml | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml index 6721cdf0fd3..65975a0caa9 100644 --- a/.github/workflows/check-go-dependencies-task.yml +++ b/.github/workflows/check-go-dependencies-task.yml @@ -102,7 +102,7 @@ jobs: # Some might find it convenient to have CI generate the cache rather than setting up for it locally - name: Upload cache to workflow artifact if: failure() && steps.diff.outcome == 'failure' - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: if-no-files-found: error include-hidden-files: true diff --git a/.github/workflows/publish-go-nightly-task.yml b/.github/workflows/publish-go-nightly-task.yml index ec7bb0672d9..5b3cf0b328f 100644 --- a/.github/workflows/publish-go-nightly-task.yml +++ b/.github/workflows/publish-go-nightly-task.yml @@ -76,7 +76,7 @@ jobs: run: echo "version=$(task general:get-version)" >> $GITHUB_OUTPUT - name: Upload artifacts - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: if-no-files-found: error name: ${{ env.ARTIFACT_NAME }}-${{ matrix.os.task }} @@ -185,7 +185,7 @@ jobs: echo "PACKAGE_FILENAME=$PACKAGE_FILENAME" >> $GITHUB_ENV - name: Upload notarized artifact - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: if-no-files-found: error name: ${{ env.ARTIFACT_NAME }}-${{ matrix.artifact.artifact-suffix }} @@ -240,7 +240,7 @@ jobs: "${{ env.SIGNTOOL_PATH }}" sign -d "Arduino CLI" -f ${{ env.INSTALLER_CERT_WINDOWS_CER}} -csp "eToken Base Cryptographic Provider" -k "[{{${{ env.CERT_PASSWORD }}}}]=${{ env.CONTAINER_NAME }}" -fd sha256 -tr http://timestamp.digicert.com -td SHA256 -v "${{ env.MSI_FILE }}" - name: Upload artifacts - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 env: MSI_FILE: ${{ steps.buildmsi.outputs.msi }} with: diff --git a/.github/workflows/publish-go-tester-task.yml b/.github/workflows/publish-go-tester-task.yml index 8c26b7d646d..b9387144179 100644 --- a/.github/workflows/publish-go-tester-task.yml +++ b/.github/workflows/publish-go-tester-task.yml @@ -151,7 +151,7 @@ jobs: # Transfer builds to artifacts job - name: Upload build artifact - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: path: ${{ env.DIST_DIR }}/${{ matrix.artifact.path }} name: ${{ matrix.artifact.name }} @@ -178,7 +178,7 @@ jobs: done - name: Upload checksum artifact - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: path: ./*checksums.txt name: checksums diff --git a/.github/workflows/release-go-task.yml b/.github/workflows/release-go-task.yml index c8564938a22..7f334094fbf 100644 --- a/.github/workflows/release-go-task.yml +++ b/.github/workflows/release-go-task.yml @@ -74,7 +74,7 @@ jobs: run: echo "version=$(task general:get-version)" >> $GITHUB_OUTPUT - name: Upload artifacts - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: if-no-files-found: error name: ${{ env.ARTIFACT_NAME }}-${{ matrix.env.os }} @@ -183,7 +183,7 @@ jobs: echo "PACKAGE_FILENAME=$PACKAGE_FILENAME" >> $GITHUB_ENV - name: Upload notarized artifact - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: if-no-files-found: error name: ${{ env.ARTIFACT_NAME }}-${{ matrix.artifact.artifact-suffix }} @@ -238,7 +238,7 @@ jobs: "${{ env.SIGNTOOL_PATH }}" sign -d "Arduino CLI" -f ${{ env.INSTALLER_CERT_WINDOWS_CER}} -csp "eToken Base Cryptographic Provider" -k "[{{${{ env.CERT_PASSWORD }}}}]=${{ env.CONTAINER_NAME }}" -fd sha256 -tr http://timestamp.digicert.com -td SHA256 -v "${{ env.MSI_FILE }}" - name: Upload artifacts - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 env: MSI_FILE: ${{ steps.buildmsi.outputs.msi }} with: diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index 1d61e865a3d..e558d1cb397 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -71,7 +71,7 @@ jobs: file-url: https://raw.githubusercontent.com/arduino/tooling-project-assets/main/workflow-templates/assets/sync-labels/${{ matrix.filename }} - name: Pass configuration files to next job via workflow artifact - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: path: | *.yaml diff --git a/.github/workflows/test-go-task.yml b/.github/workflows/test-go-task.yml index 5ccfba016ff..dc7ca4afa4d 100644 --- a/.github/workflows/test-go-task.yml +++ b/.github/workflows/test-go-task.yml @@ -114,7 +114,7 @@ jobs: mv coverage_integration.txt coverage_integration_${{ matrix.operating-system }}_${{ matrix.tests }}.txt - name: Upload coverage data to workflow artifact - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: if-no-files-found: error name: ${{ env.COVERAGE_ARTIFACT }}-test-integration-${{ matrix.operating-system }}-${{ matrix.tests }} @@ -157,7 +157,7 @@ jobs: - name: Upload coverage data to workflow artifact if: runner.os == 'Linux' - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: if-no-files-found: error name: ${{ env.COVERAGE_ARTIFACT }}-test-${{ matrix.operating-system }} From 6e43d4d1eb36ed2e94700887d8765967b5e2f823 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Dec 2025 19:53:27 +0100 Subject: [PATCH 3/3] [skip-changelog] Bump validator from 13.15.20 to 13.15.23 (#3055) Bumps [validator](https://github.com/validatorjs/validator.js) from 13.15.20 to 13.15.23. - [Release notes](https://github.com/validatorjs/validator.js/releases) - [Changelog](https://github.com/validatorjs/validator.js/blob/master/CHANGELOG.md) - [Commits](https://github.com/validatorjs/validator.js/compare/13.15.20...13.15.23) --- updated-dependencies: - dependency-name: validator dependency-version: 13.15.23 dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 4d6f407bf05..854ec85253d 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1058,9 +1058,9 @@ "dev": true }, "node_modules/validator": { - "version": "13.15.20", - "resolved": "https://registry.npmjs.org/validator/-/validator-13.15.20.tgz", - "integrity": "sha512-KxPOq3V2LmfQPP4eqf3Mq/zrT0Dqp2Vmx2Bn285LwVahLc+CsxOM0crBHczm8ijlcjZ0Q5Xd6LW3z3odTPnlrw==", + "version": "13.15.23", + "resolved": "https://registry.npmjs.org/validator/-/validator-13.15.23.tgz", + "integrity": "sha512-4yoz1kEWqUjzi5zsPbAS/903QXSYp0UOtHsPpp7p9rHAw/W+dkInskAE386Fat3oKRROwO98d9ZB0G4cObgUyw==", "dev": true, "engines": { "node": ">= 0.10" @@ -1895,9 +1895,9 @@ "dev": true }, "validator": { - "version": "13.15.20", - "resolved": "https://registry.npmjs.org/validator/-/validator-13.15.20.tgz", - "integrity": "sha512-KxPOq3V2LmfQPP4eqf3Mq/zrT0Dqp2Vmx2Bn285LwVahLc+CsxOM0crBHczm8ijlcjZ0Q5Xd6LW3z3odTPnlrw==", + "version": "13.15.23", + "resolved": "https://registry.npmjs.org/validator/-/validator-13.15.23.tgz", + "integrity": "sha512-4yoz1kEWqUjzi5zsPbAS/903QXSYp0UOtHsPpp7p9rHAw/W+dkInskAE386Fat3oKRROwO98d9ZB0G4cObgUyw==", "dev": true }, "wrappy": {