chore(ci): action version bumps by erikburt · Pull Request #21949 · smartcontractkit/chainlink

erikburt · 2026-04-09T20:21:15Z

This updates many reusable GHAs to their latest versions. This is in part testing out a tool I'm building to automate this process.

Other motivation is to update actions that have a node24 version available, because of the upcoming deprecation of node20 actions.

Changes

Updated (27):
  actions/attest-build-provenance                         v3 → v4
  actions/cache/restore                                   v4 → v5
  actions/cache/save                                      v4 → v5
  actions/checkout                                        v5 → v6
  actions/download-artifact                               v4 → v8
  actions/setup-go                                        v6 → v6
  actions/setup-node                                      v4 → v6
  actions/upload-artifact                                 v4 → v7
  aws-actions/amazon-ecr-login                            062b18b96a7a → f2e9fc6c2b35  # v2.1.2
  aws-actions/configure-aws-credentials                   010d0da01d0b → ec61189d14ec  # v6.1.0
  bufbuild/buf-setup-action                               35c243d7f2a9 → a47c93e0b164  # v1.50.0
  docker/setup-buildx-action                              e468171a9de2 → 4d04d5d9486b  # v4.0.0
  extractions/setup-just                                  e33e0265a09d → 53165ef7e734  # v4.0.0
  github/codeql-action/analyze                            v3 → v4
  github/codeql-action/init                               v3 → v4
  golangci/golangci-lint-action                           4afd733a84b1 → 1e7e51e771db  # v9.2.0
  ludeeus/action-shellcheck                               00cae500b08a → 00cae500b08a  # 2.0.0
  peter-evans/create-pull-request                         271a8d034026 → c0f553fe5499  # v8.1.0
  pnpm/action-setup                                       a3252b78c470 → fc06bc1257f3  # v5.0.0
  reviewdog/action-actionlint                             c6ee1eb0a5d4 → 6fb7acc99f4a  # v1.72.0
  slackapi/slack-github-action                            6c661ce58804 → af78098f536e  # v3.0.1
  smartcontractkit/.github/actions/branch-names           branch-names/1.0.0 → branch-names/v1
  smartcontractkit/.github/actions/ctf-build-image        ctf-build-image/0.2.0 → ctf-build-image/v1
  smartcontractkit/.github/actions/release-tag-check      c5c4a8186da4 → release-tag-check/v1
  smartcontractkit/.github/actions/setup-github-token     setup-github-token/1.0.0 → setup-github-token/v1
  sonarsource/sonarqube-scan-action                       aecaf43ae57e → 299e4b793aaa  # v7.1.0
  thollander/actions-comment-pull-request                 fabd468d3a1a → 24bffb9b452b  # v3.0.1

Skipped - already up to date (14):
  actions/checkout
  actions/setup-go
  actions/upload-artifact
  bufbuild/buf-breaking-action
  runs-on/action
  smartcontractkit/.github/actions/advanced-triggers
  smartcontractkit/.github/actions/branch-out-upload
  smartcontractkit/.github/actions/changed-modules-go
  smartcontractkit/.github/actions/ctf-build-image
  smartcontractkit/.github/actions/get-pr-labels
  smartcontractkit/.github/actions/setup-github-token
  smartcontractkit/.github/actions/setup-postgres
  smartcontractkit/.github/actions/slack-notify-git-ref
  tailscale/github-action

Unknown - not in config (10):
  smartcontractkit/.github/.github/workflows/reusable-codeowners-review-analysis.yml
  smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml
  smartcontractkit/.github/.github/workflows/reusable-stale-prs-issues.yml
  smartcontractkit/.github/.github/workflows/run-e2e-tests.yml
  smartcontractkit/.github/actions/ctf-check-mod-version
  smartcontractkit/.github/actions/ecr-image-exists
  smartcontractkit/chainlink-github-actions/docker/image-exists
  smartcontractkit/chainlink-github-actions/github-app-token-issuer
  smartcontractkit/chainlink-github-actions/semver-compare
  smartcontractkit/chainlink-solana/.github/workflows/e2e_custom_cl_reusable.yml

Testing

This PR.

Notes

Undid the actionlint change because it produced so many errors. Will update this in a separate PR, while fixing the errors.

Updated (27): actions/attest-build-provenance v3 → v4 actions/cache/restore v4 → v5 actions/cache/save v4 → v5 actions/checkout v5 → v6 actions/download-artifact v4 → v8 actions/setup-go v6 → v6 actions/setup-node v4 → v6 actions/upload-artifact v4 → v7 aws-actions/amazon-ecr-login 062b18b96a7a → f2e9fc6c2b35 # v2.1.2 aws-actions/configure-aws-credentials 010d0da01d0b → ec61189d14ec # v6.1.0 bufbuild/buf-setup-action 35c243d7f2a9 → a47c93e0b164 # v1.50.0 docker/setup-buildx-action e468171a9de2 → 4d04d5d9486b # v4.0.0 extractions/setup-just e33e0265a09d → 53165ef7e734 # v4.0.0 github/codeql-action/analyze v3 → v4 github/codeql-action/init v3 → v4 golangci/golangci-lint-action 4afd733a84b1 → 1e7e51e771db # v9.2.0 ludeeus/action-shellcheck 00cae500b08a → 00cae500b08a # 2.0.0 peter-evans/create-pull-request 271a8d034026 → c0f553fe5499 # v8.1.0 pnpm/action-setup a3252b78c470 → fc06bc1257f3 # v5.0.0 reviewdog/action-actionlint c6ee1eb0a5d4 → 6fb7acc99f4a # v1.72.0 slackapi/slack-github-action 6c661ce58804 → af78098f536e # v3.0.1 smartcontractkit/.github/actions/branch-names branch-names/1.0.0 → branch-names/v1 smartcontractkit/.github/actions/ctf-build-image ctf-build-image/0.2.0 → ctf-build-image/v1 smartcontractkit/.github/actions/release-tag-check c5c4a8186da4 → release-tag-check/v1 smartcontractkit/.github/actions/setup-github-token setup-github-token/1.0.0 → setup-github-token/v1 sonarsource/sonarqube-scan-action aecaf43ae57e → 299e4b793aaa # v7.1.0 thollander/actions-comment-pull-request fabd468d3a1a → 24bffb9b452b # v3.0.1 Skipped - already up to date (14): actions/checkout actions/setup-go actions/upload-artifact bufbuild/buf-breaking-action runs-on/action smartcontractkit/.github/actions/advanced-triggers smartcontractkit/.github/actions/branch-out-upload smartcontractkit/.github/actions/changed-modules-go smartcontractkit/.github/actions/ctf-build-image smartcontractkit/.github/actions/get-pr-labels smartcontractkit/.github/actions/setup-github-token smartcontractkit/.github/actions/setup-postgres smartcontractkit/.github/actions/slack-notify-git-ref tailscale/github-action Unknown - not in config (10): smartcontractkit/.github/.github/workflows/reusable-codeowners-review-analysis.yml smartcontractkit/.github/.github/workflows/reusable-docker-build-publish.yml smartcontractkit/.github/.github/workflows/reusable-stale-prs-issues.yml smartcontractkit/.github/.github/workflows/run-e2e-tests.yml smartcontractkit/.github/actions/ctf-check-mod-version smartcontractkit/.github/actions/ecr-image-exists smartcontractkit/chainlink-github-actions/docker/image-exists smartcontractkit/chainlink-github-actions/github-app-token-issuer smartcontractkit/chainlink-github-actions/semver-compare smartcontractkit/chainlink-solana/.github/workflows/e2e_custom_cl_reusable.yml

github-actions · 2026-04-09T20:22:44Z

✅ No conflicts with other open PRs targeting develop

trunk-io · 2026-04-09T20:41:25Z

_{View Full Report ↗︎ ⋅ Docs}

cl-sonarqube-production · 2026-04-09T21:06:11Z

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

erikburt self-assigned this Apr 9, 2026

revert: actionlint change

29096e7

fix: update aptos-labs/actions/install-aptos-cli

66a29e3

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(ci): action version bumps#21949

chore(ci): action version bumps#21949
erikburt wants to merge 3 commits intodevelopfrom
chore/bump-gha-deps

erikburt commented Apr 9, 2026 •

edited

Loading

Uh oh!

github-actions bot commented Apr 9, 2026 •

edited

Loading

Uh oh!

trunk-io bot commented Apr 9, 2026 •

edited

Loading

Uh oh!

cl-sonarqube-production bot commented Apr 9, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

erikburt commented Apr 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Changes

Testing

Notes

Uh oh!

github-actions bot commented Apr 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

trunk-io bot commented Apr 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

cl-sonarqube-production bot commented Apr 9, 2026

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

erikburt commented Apr 9, 2026 •

edited

Loading

github-actions bot commented Apr 9, 2026 •

edited

Loading

trunk-io bot commented Apr 9, 2026 •

edited

Loading