chore(deps): bump @actions/artifact from 2.1.11 to 5.0.3#19031
chore(deps): bump @actions/artifact from 2.1.11 to 5.0.3#19031
Conversation
Bumps [@actions/artifact](https://github.com/actions/toolkit/tree/HEAD/packages/artifact) from 2.1.11 to 5.0.3. - [Changelog](https://github.com/actions/toolkit/blob/main/packages/artifact/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/artifact) --- updated-dependencies: - dependency-name: "@actions/artifact" dependency-version: 5.0.3 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
8b7a09a to
7f6c0ef
Compare
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
node-overhead report 🧳Note: This is a synthetic benchmark with a minimal express app and does not necessarily reflect the real-world performance impact in an application.
|
| }, | ||
| "dependencies": { | ||
| "@actions/artifact": "2.1.11", | ||
| "@actions/artifact": "5.0.3", |
There was a problem hiding this comment.
Bug: The uploadArtifact function is called with a string for the third parameter, but the updated @actions/artifact@v5 API expects an options object.
Severity: MEDIUM
Suggested Fix
Update the calls to uploadArtifact in size-limit-gh-action/index.mjs and node-overhead-gh-action/index.mjs. The third argument, __dirname, should be removed as the new API version does not require a root directory path in the same way. The call should be await artifactClient.uploadArtifact(ARTIFACT_NAME, files);.
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: dev-packages/size-limit-gh-action/package.json#L17
Potential issue: The `uploadArtifact` function from `@actions/artifact@v5` is being
called with an incompatible signature. The code passes `__dirname`, a string, as the
third argument. However, version 5 of the API expects this argument to be an options
object. This mismatch will likely cause a runtime error when the GitHub Actions workflow
attempts to execute the artifact upload step, preventing artifacts from being saved.
There was a problem hiding this comment.
|
I renamed it to "chore" as only |
Bumps @actions/artifact from 2.1.11 to 5.0.3.
Changelog
Sourced from
@actions/artifact's changelog.Commits
Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for
@actions/artifactsince your current version.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)