chore(deps): bump actions/upload-artifact from 6 to 7 (#13207)

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6 to 7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v7.0.0</h2> <h2>v7 What's new</h2> <h3>Direct Uploads</h3> <p>Adds support for uploading single files directly (unzipped). Callers can set the new <code>archive</code> parameter to <code>false</code> to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The <code>name</code> parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.</p> <h3>ESM</h3> <p>To support new versions of the <code>@actions/*</code> packages, we've upgraded the package to ESM.</p> <h2>What's Changed</h2> <ul> <li>Add proxy integration test by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li> <li>Upgrade the module to ESM and bump dependencies by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/762">actions/upload-artifact#762</a></li> <li>Support direct file uploads by <a href="https://github.com/danwkennedy"><code>@danwkennedy</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/764">actions/upload-artifact#764</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Link"><code>@Link</code></a>- made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v6...v7.0.0">https://github.com/actions/upload-artifact/compare/v6...v7.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="bbbca2ddaa"><code>bbbca2d</code></a> Support direct file uploads (<a href="https://redirect.github.com/actions/upload-artifact/issues/764">#764</a>)</li> <li><a href="589182c5a4"><code>589182c</code></a> Upgrade the module to ESM and bump dependencies (<a href="https://redirect.github.com/actions/upload-artifact/issues/762">#762</a>)</li> <li><a href="47309c993a"><code>47309c9</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/754">#754</a> from actions/Link-/add-proxy-integration-tests</li> <li><a href="02a8460834"><code>02a8460</code></a> Add proxy integration test</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/v6...v7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=6&new-version=7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2026-03-05 13:35:28 +03:00 · 2026-03-04 18:32:35 -07:00
parent 22f4113ac1
commit be5e8fbd37
5 changed files with 13 additions and 13 deletions
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -47,7 +47,7 @@ jobs:
          echo "pack_output=$PACK_OUTPUT" >> "$GITHUB_OUTPUT"

      - name: Upload staged npm package artifact
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v7
        with:
          name: codex-npm-staging
          path: ${{ steps.stage_npm_package.outputs.pack_output }}
--- a/.github/workflows/rust-ci.yml
+++ b/.github/workflows/rust-ci.yml
@@ -392,7 +392,7 @@ jobs:

      - name: Upload Cargo timings (clippy)
        if: always()
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v7
        with:
          name: cargo-timings-rust-ci-clippy-${{ matrix.target }}-${{ matrix.profile }}
          path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -605,7 +605,7 @@ jobs:

      - name: Upload Cargo timings (nextest)
        if: always()
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v7
        with:
          name: cargo-timings-rust-ci-nextest-${{ matrix.target }}-${{ matrix.profile }}
          path: codex-rs/target/**/cargo-timings/cargo-timing.html
--- a/.github/workflows/rust-release-windows.yml
+++ b/.github/workflows/rust-release-windows.yml
@@ -92,7 +92,7 @@ jobs:
          cargo build --target ${{ matrix.target }} --release --timings ${{ matrix.build_args }}

      - name: Upload Cargo timings
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v7
        with:
          name: cargo-timings-rust-release-windows-${{ matrix.target }}-${{ matrix.bundle }}
          path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -112,7 +112,7 @@ jobs:
          fi

      - name: Upload Windows binaries
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v7
        with:
          name: windows-binaries-${{ matrix.target }}-${{ matrix.bundle }}
          path: |
@@ -257,7 +257,7 @@ jobs:
            "${GITHUB_WORKSPACE}/.github/workflows/zstd" -T0 -19 "$dest/$base"
          done

-      - uses: actions/upload-artifact@v6
+      - uses: actions/upload-artifact@v7
        with:
          name: ${{ matrix.target }}
          path: |
--- a/.github/workflows/rust-release.yml
+++ b/.github/workflows/rust-release.yml
@@ -217,7 +217,7 @@ jobs:
          cargo build --target ${{ matrix.target }} --release --timings --bin codex --bin codex-responses-api-proxy

      - name: Upload Cargo timings
-        uses: actions/upload-artifact@v6
+        uses: actions/upload-artifact@v7
        with:
          name: cargo-timings-rust-release-${{ matrix.target }}
          path: codex-rs/target/**/cargo-timings/cargo-timing.html
@@ -356,7 +356,7 @@ jobs:
            zstd -T0 -19 --rm "$dest/$base"
          done

-      - uses: actions/upload-artifact@v6
+      - uses: actions/upload-artifact@v7
        with:
          name: ${{ matrix.target }}
          # Upload the per-binary .zst files as well as the new .tar.gz
--- a/.github/workflows/shell-tool-mcp.yml
+++ b/.github/workflows/shell-tool-mcp.yml
@@ -158,7 +158,7 @@ jobs:
          mkdir -p "$dest"
          cp bash "$dest/bash"

-      - uses: actions/upload-artifact@v6
+      - uses: actions/upload-artifact@v7
        with:
          name: shell-tool-mcp-bash-${{ matrix.target }}-${{ matrix.variant }}
          path: artifacts/**
@@ -199,7 +199,7 @@ jobs:
          mkdir -p "$dest"
          cp bash "$dest/bash"

-      - uses: actions/upload-artifact@v6
+      - uses: actions/upload-artifact@v7
        with:
          name: shell-tool-mcp-bash-${{ matrix.target }}-${{ matrix.variant }}
          path: artifacts/**
@@ -325,7 +325,7 @@ jobs:
          grep -Fx "smoke-zsh" "$tmpdir/stdout.txt"
          grep -Fx "/bin/echo" "$tmpdir/wrapper.log"

-      - uses: actions/upload-artifact@v6
+      - uses: actions/upload-artifact@v7
        with:
          name: shell-tool-mcp-zsh-${{ matrix.target }}-${{ matrix.variant }}
          path: artifacts/**
@@ -403,7 +403,7 @@ jobs:
          grep -Fx "smoke-zsh" "$tmpdir/stdout.txt"
          grep -Fx "/bin/echo" "$tmpdir/wrapper.log"

-      - uses: actions/upload-artifact@v6
+      - uses: actions/upload-artifact@v7
        with:
          name: shell-tool-mcp-zsh-${{ matrix.target }}-${{ matrix.variant }}
          path: artifacts/**
@@ -500,7 +500,7 @@ jobs:
          filename=$(PACK_INFO="$pack_info" node -e 'const data = JSON.parse(process.env.PACK_INFO); console.log(data[0].filename);')
          mv "dist/npm/${filename}" "dist/npm/codex-shell-tool-mcp-npm-${PACKAGE_VERSION}.tgz"

-      - uses: actions/upload-artifact@v6
+      - uses: actions/upload-artifact@v7
        with:
          name: codex-shell-tool-mcp-npm
          path: dist/npm/codex-shell-tool-mcp-npm-${{ env.PACKAGE_VERSION }}.tgz