fix: update @actions/artifact for Node.js 24 punycode deprecation #744
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…nycode deprecation
Updates @actions/artifact dependency to use the published npm version which includes @azure/storage-blob ^12.29.1 that fixes the punycode deprecation warning on Node.js 24.
yacaovsnc
approved these changes
Dec 12, 2025
There was a problem hiding this comment.
Pull request overview
This PR updates the bundled @actions/artifact package to version 5.0.1 to fix Node.js 24 punycode deprecation warnings. The core change is migrating from the deprecated @azure/core-http package to @azure/core-rest-pipeline by updating @azure/storage-blob from v12.15.0 to v12.29.1.
Key Changes
- Updated
@actions/artifactfrom 5.0.0 to 5.0.1 - Updated
@azure/storage-blobfrom ^12.15.0 to ^12.29.1, which replaces the deprecated@azure/core-httpwith@azure/core-rest-pipeline - Removed numerous deprecated dependencies that were only required by
@azure/core-http(node-fetch, form-data, xml2js, etc.)
Reviewed changes
Copilot reviewed 37 out of 42 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| package-lock.json | Updated @actions/artifact to 5.0.1, @azure/storage-blob to ^12.29.1, removed deprecated @azure/core-http and its transitive dependencies, consolidated duplicate @azure/abort-controller entries |
| dist/upload/index.js | Regenerated bundle with updated dependencies, removed deprecated code paths, updated module IDs for @azure/core-tracing and @azure/abort-controller |
| dist/merge/index.js | Same changes as upload/index.js for consistency |
| .licenses/npm/*.dep.yml | Removed license files for deprecated/removed dependencies (form-data, node-fetch, xml2js, @azure/core-http, etc.), added/updated licenses for consolidated dependencies (@azure/abort-controller, @azure/core-tracing) |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
mergify bot
added a commit
to ArcadeData/arcadedb
that referenced
this pull request
Dec 14, 2025
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5.0.0 to 6.0.0. Release notes *Sourced from [actions/upload-artifact's releases](https://github.com/actions/upload-artifact/releases).* > v6.0.0 > ------ > > v6 - What's new > --------------- > > > [!IMPORTANT] > > actions/upload-artifact@v6 now runs on Node.js 24 (`runs.using: node24`) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading. > > ### Node.js 24 > > This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24. > > What's Changed > -------------- > > * Upload Artifact Node 24 support by [`@salmanmkc`](https://github.com/salmanmkc) in [actions/upload-artifact#719](https://redirect.github.com/actions/upload-artifact/pull/719) > * fix: update `@actions/artifact` for Node.js 24 punycode deprecation by [`@salmanmkc`](https://github.com/salmanmkc) in [actions/upload-artifact#744](https://redirect.github.com/actions/upload-artifact/pull/744) > * prepare release v6.0.0 for Node.js 24 support by [`@salmanmkc`](https://github.com/salmanmkc) in [actions/upload-artifact#745](https://redirect.github.com/actions/upload-artifact/pull/745) > > **Full Changelog**: <actions/upload-artifact@v5.0.0...v6.0.0> Commits * [`b7c566a`](actions/upload-artifact@b7c566a) Merge pull request [#745](https://redirect.github.com/actions/upload-artifact/issues/745) from actions/upload-artifact-v6-release * [`e516bc8`](actions/upload-artifact@e516bc8) docs: correct description of Node.js 24 support in README * [`ddc45ed`](actions/upload-artifact@ddc45ed) docs: update README to correct action name for Node.js 24 support * [`615b319`](actions/upload-artifact@615b319) chore: release v6.0.0 for Node.js 24 support * [`017748b`](actions/upload-artifact@017748b) Merge pull request [#744](https://redirect.github.com/actions/upload-artifact/issues/744) from actions/fix-storage-blob * [`38d4c79`](actions/upload-artifact@38d4c79) chore: rebuild dist * [`7d27270`](actions/upload-artifact@7d27270) chore: add missing license cache files for `@actions/core`, `@actions/io`, and mi... * [`5f643d3`](actions/upload-artifact@5f643d3) chore: update license files for `@actions/artifact`[`@5`](https://github.com/5).0.1 dependencies * [`1df1684`](actions/upload-artifact@1df1684) chore: update package-lock.json with `@actions/artifact`[`@5`](https://github.com/5).0.1 * [`b5b1a91`](actions/upload-artifact@b5b1a91) fix: update `@actions/artifact` to ^5.0.0 for Node.js 24 punycode fix * Additional commits viewable in [compare view](actions/upload-artifact@330a01c...b7c566a) [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
onap-github
pushed a commit
to onap/portal-ng-ui
that referenced
this pull request
Dec 15, 2025
## Release notes Sourced from actions/upload-artifact's releases. v6.0.0 v6 - What's new [!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading. Node.js 24 This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24. What's Changed Upload Artifact Node 24 support by @salmanmkc in actions/upload-artifact#719 fix: update @actions/artifact for Node.js 24 punycode deprecation by @salmanmkc in actions/upload-artifact#744 prepare release v6.0.0 for Node.js 24 support by @salmanmkc in actions/upload-artifact#745 Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0 ## Commits b7c566a Merge pull request #745 from actions/upload-artifact-v6-release e516bc8 docs: correct description of Node.js 24 support in README ddc45ed docs: update README to correct action name for Node.js 24 support 615b319 chore: release v6.0.0 for Node.js 24 support 017748b Merge pull request #744 from actions/fix-storage-blob 38d4c79 chore: rebuild dist 7d27270 chore: add missing license cache files for @actions/core, @actions/io, and mi 5f643d3 chore: update license files for @actions/artifact@5.0.1 dependencies 1df1684 chore: update package-lock.json with @actions/artifact@5.0.1 b5b1a91 fix: update @actions/artifact to ^5.0.0 for Node.js 24 punycode fix Additional commits viewable in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: onap.gh2gerrit <[email protected]> Change-Id: Ifcb9ea1183007068f37dbb15f8e94989b40d410f GitHub-PR: #150 GitHub-Hash: a60016a988958af2
mergify bot
added a commit
to robfrank/linklift
that referenced
this pull request
Dec 15, 2025
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5.0.0 to 6.0.0. Release notes *Sourced from [actions/upload-artifact's releases](https://github.com/actions/upload-artifact/releases).* > v6.0.0 > ------ > > v6 - What's new > --------------- > > > [!IMPORTANT] > > actions/upload-artifact@v6 now runs on Node.js 24 (`runs.using: node24`) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading. > > ### Node.js 24 > > This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24. > > What's Changed > -------------- > > * Upload Artifact Node 24 support by [`@salmanmkc`](https://github.com/salmanmkc) in [actions/upload-artifact#719](https://redirect.github.com/actions/upload-artifact/pull/719) > * fix: update `@actions/artifact` for Node.js 24 punycode deprecation by [`@salmanmkc`](https://github.com/salmanmkc) in [actions/upload-artifact#744](https://redirect.github.com/actions/upload-artifact/pull/744) > * prepare release v6.0.0 for Node.js 24 support by [`@salmanmkc`](https://github.com/salmanmkc) in [actions/upload-artifact#745](https://redirect.github.com/actions/upload-artifact/pull/745) > > **Full Changelog**: <actions/upload-artifact@v5.0.0...v6.0.0> Commits * [`b7c566a`](actions/upload-artifact@b7c566a) Merge pull request [#745](https://redirect.github.com/actions/upload-artifact/issues/745) from actions/upload-artifact-v6-release * [`e516bc8`](actions/upload-artifact@e516bc8) docs: correct description of Node.js 24 support in README * [`ddc45ed`](actions/upload-artifact@ddc45ed) docs: update README to correct action name for Node.js 24 support * [`615b319`](actions/upload-artifact@615b319) chore: release v6.0.0 for Node.js 24 support * [`017748b`](actions/upload-artifact@017748b) Merge pull request [#744](https://redirect.github.com/actions/upload-artifact/issues/744) from actions/fix-storage-blob * [`38d4c79`](actions/upload-artifact@38d4c79) chore: rebuild dist * [`7d27270`](actions/upload-artifact@7d27270) chore: add missing license cache files for `@actions/core`, `@actions/io`, and mi... * [`5f643d3`](actions/upload-artifact@5f643d3) chore: update license files for `@actions/artifact`[`@5`](https://github.com/5).0.1 dependencies * [`1df1684`](actions/upload-artifact@1df1684) chore: update package-lock.json with `@actions/artifact`[`@5`](https://github.com/5).0.1 * [`b5b1a91`](actions/upload-artifact@b5b1a91) fix: update `@actions/artifact` to ^5.0.0 for Node.js 24 punycode fix * Additional commits viewable in [compare view](actions/upload-artifact@330a01c...b7c566a) [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
This was referenced Dec 15, 2025
This was referenced Dec 15, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Updates the bundled
@actions/artifactpackage with the fix for the Node.js 24 punycode deprecation warning.Changes
@azure/storage-blobto^12.29.1which uses@azure/core-rest-pipelineinstead of the deprecated@azure/core-httpRelated PRs
Note
The
package.jsoncurrently references a local path for testing. Once actions/toolkit#2211 is merged and@actions/artifactis published to npm, this will be updated to use the npm version.