From f94673ae5e382db84b3e018e2358fd85a0c55b9c Mon Sep 17 00:00:00 2001 From: Raphael Malikian Date: Wed, 1 Jul 2026 09:38:26 -0700 Subject: [PATCH] ci: update deprecated GitHub Actions to latest versions (Fixes #3577) (#3608) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes #3577 ## Problem GitHub Actions is deprecating Node.js 20 on its runners. Multiple workflows in lancedb use action versions that target Node.js 20 (`actions/checkout@v4`, `actions/setup-node@v4`, `actions/cache@v4`, `actions/upload-artifact@v4`, `actions/download-artifact@v4`, `pnpm/action-setup@v4`). These are being force-run on Node.js 24, generating deprecation warnings. ## Solution Updated all deprecated actions to their latest major versions that support Node.js 24: | Action | Old Version | New Version | |--------|------------|-------------| | `actions/checkout` | @v4 | @v6 | | `actions/setup-node` | @v4 | @v6 | | `actions/cache` | @v4 | @v5 | | `actions/upload-artifact` | @v4 | @v7 | | `actions/download-artifact` | @v4 | @v8 | | `pnpm/action-setup` | @v4 | @v6 | Note: `actions/checkout@v6` and `actions/upload-artifact@v7` are already used in `pypi-publish.yml` — this PR extends the same versions to all remaining workflows. ### Files Changed - `.github/workflows/npm-publish.yml` — Updated checkout, setup-node, cache, upload-artifact, download-artifact, pnpm - `.github/workflows/nodejs.yml` — Updated checkout, setup-node, pnpm - `.github/workflows/python.yml` — Updated checkout - `.github/workflows/rust.yml` — Updated checkout - `.github/workflows/java.yml` — Updated checkout - `.github/workflows/java-publish.yml` — Updated checkout - `.github/workflows/cargo-publish.yml` — Updated checkout - `.github/workflows/docs.yml` — Updated checkout, setup-node - `.github/workflows/dev.yml` — Updated setup-node - `.github/workflows/codex-fix-ci.yml` — Updated checkout, setup-node, pnpm - `.github/workflows/codex-update-lance-dependency.yml` — Updated checkout, setup-node - `.github/workflows/license-header-check.yml` — Updated checkout - `.github/workflows/make-release-commit.yml` — Updated checkout - `.github/workflows/update_package_lock_run.yml` — Updated checkout - `.github/workflows/update_package_lock_run_nodejs.yml` — Updated checkout ## Verification - All 20 YAML files validated with `yaml.safe_load()` — no syntax errors - GitHub Actions CI will validate the actual action versions at runtime ## Changelog | Date | Change | Author | |------|--------|--------| | 2026-07-01 | Updated all deprecated Node 20 actions to latest versions across 15 workflow files | rtmalikian | --- **Disclosure:** This code was developed with assistance from DeepSeek-v4-pro (DeepSeek) via Hermes Agent (Nous Research). All changes were reviewed and verified for correctness. Signed-off-by: rtmalikian --- .github/workflows/cargo-publish.yml | 4 +- .github/workflows/codex-fix-ci.yml | 6 +-- .../codex-update-lance-dependency.yml | 4 +- .github/workflows/dev.yml | 2 +- .github/workflows/docs.yml | 4 +- .github/workflows/java-publish.yml | 4 +- .github/workflows/java.yml | 2 +- .github/workflows/license-header-check.yml | 2 +- .github/workflows/make-release-commit.yml | 2 +- .github/workflows/nodejs.yml | 20 +++++----- .github/workflows/npm-publish.yml | 38 +++++++++---------- .github/workflows/python.yml | 14 +++---- .github/workflows/rust.yml | 14 +++---- .github/workflows/update_package_lock_run.yml | 2 +- .../update_package_lock_run_nodejs.yml | 2 +- 15 files changed, 60 insertions(+), 60 deletions(-) diff --git a/.github/workflows/cargo-publish.yml b/.github/workflows/cargo-publish.yml index ee4e00099..08f01d9a0 100644 --- a/.github/workflows/cargo-publish.yml +++ b/.github/workflows/cargo-publish.yml @@ -25,7 +25,7 @@ jobs: # Only runs on tags that matches the make-release action if: startsWith(github.ref, 'refs/tags/v') steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: Swatinem/rust-cache@v2 with: workspaces: rust @@ -47,7 +47,7 @@ jobs: contents: read issues: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: ./.github/actions/create-failure-issue with: job-results: ${{ toJSON(needs) }} diff --git a/.github/workflows/codex-fix-ci.yml b/.github/workflows/codex-fix-ci.yml index a33a4d90b..8172acfac 100644 --- a/.github/workflows/codex-fix-ci.yml +++ b/.github/workflows/codex-fix-ci.yml @@ -36,14 +36,14 @@ jobs: echo "guidelines = ${{ inputs.guidelines }}" - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: ${{ inputs.branch }} fetch-depth: 0 persist-credentials: true - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: # pnpm 11 (used by the nodejs install step below) requires # Node >= 22.13; use 24 since 22 hits EOL in October. @@ -82,7 +82,7 @@ jobs: cache: maven - name: Setup pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@v6 with: version: 11.1.1 - name: Install Node.js dependencies for TypeScript bindings diff --git a/.github/workflows/codex-update-lance-dependency.yml b/.github/workflows/codex-update-lance-dependency.yml index b164535fb..420daf650 100644 --- a/.github/workflows/codex-update-lance-dependency.yml +++ b/.github/workflows/codex-update-lance-dependency.yml @@ -30,13 +30,13 @@ jobs: echo "tag = ${{ inputs.tag || 'latest' }}" - name: Checkout Repo LanceDB - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 persist-credentials: true - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 20 diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index be2fe016d..f77ba5f77 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -27,7 +27,7 @@ jobs: name: Verify PR title / description conforms to semantic-release runs-on: ubuntu-latest steps: - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: node-version: "18" # These rules are disabled because Github will always ensure there diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 264880bed..e787afb7f 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install dependencies needed for ubuntu run: | sudo apt install -y protobuf-compiler libssl-dev @@ -53,7 +53,7 @@ jobs: python -m pip install --extra-index-url https://pypi.fury.io/lance-format/ --extra-index-url https://pypi.fury.io/lancedb/ -e . python -m pip install --extra-index-url https://pypi.fury.io/lance-format/ --extra-index-url https://pypi.fury.io/lancedb/ -r ../docs/requirements.txt - name: Set up node - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 20 cache: 'npm' diff --git a/.github/workflows/java-publish.yml b/.github/workflows/java-publish.yml index 2d435eb8d..094aa552a 100644 --- a/.github/workflows/java-publish.yml +++ b/.github/workflows/java-publish.yml @@ -32,7 +32,7 @@ jobs: working-directory: ./java steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Java 8 uses: actions/setup-java@v4 with: @@ -73,7 +73,7 @@ jobs: contents: read issues: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: ./.github/actions/create-failure-issue with: job-results: ${{ toJSON(needs) }} diff --git a/.github/workflows/java.yml b/.github/workflows/java.yml index 700bb0ade..7739489cb 100644 --- a/.github/workflows/java.yml +++ b/.github/workflows/java.yml @@ -36,7 +36,7 @@ jobs: working-directory: ./java steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Java 17 uses: actions/setup-java@v4 with: diff --git a/.github/workflows/license-header-check.yml b/.github/workflows/license-header-check.yml index a0a6e64d2..6a9bdabc3 100644 --- a/.github/workflows/license-header-check.yml +++ b/.github/workflows/license-header-check.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install license-header-checker working-directory: /tmp run: | diff --git a/.github/workflows/make-release-commit.yml b/.github/workflows/make-release-commit.yml index c267c396e..a5550acc7 100644 --- a/.github/workflows/make-release-commit.yml +++ b/.github/workflows/make-release-commit.yml @@ -49,7 +49,7 @@ jobs: steps: - name: Output Inputs run: echo "${{ toJSON(github.event.inputs) }}" - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index 6b2bb8710..3452168a5 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -38,14 +38,14 @@ jobs: CC: gcc-12 CXX: g++-12 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true - - uses: pnpm/action-setup@v4 + - uses: pnpm/action-setup@v6 with: version: 11.1.1 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: # pnpm 11 requires Node >= 22.13; use 24 since 22 hits EOL # in October. The library itself still supports Node >= 18 @@ -86,14 +86,14 @@ jobs: shell: bash working-directory: nodejs steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true - - uses: pnpm/action-setup@v4 + - uses: pnpm/action-setup@v6 with: version: 11.1.1 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 name: Setup Node.js 24 for build with: # pnpm 11 requires Node >= 22.13; use 24 since 22 hits EOL @@ -130,7 +130,7 @@ jobs: echo "Run 'pnpm run docs', fix any warnings, and commit the changes." exit 1 fi - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 name: Setup Node.js ${{ matrix.node-version }} for test with: node-version: ${{ matrix.node-version }} @@ -166,14 +166,14 @@ jobs: shell: bash working-directory: nodejs steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true - - uses: pnpm/action-setup@v4 + - uses: pnpm/action-setup@v6 with: version: 11.1.1 - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v6 with: # pnpm 11 requires Node >= 22.13; use 24 since 22 hits EOL # in October. diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index 4351dae63..3ebee5d96 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -32,7 +32,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -170,13 +170,13 @@ jobs: run: working-directory: nodejs steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@v6 with: version: 11.1.1 - name: Setup node - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: # pnpm 11 requires Node >= 22.13; use 24 since 22 hits EOL # in October. @@ -190,7 +190,7 @@ jobs: toolchain: stable targets: ${{ matrix.settings.target }} - name: Cache cargo - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: | ~/.cargo/registry/index/ @@ -244,7 +244,7 @@ jobs: if: ${{ !matrix.settings.docker }} shell: bash - name: Upload artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: lancedb-${{ matrix.settings.target }} path: nodejs/dist/*.node @@ -256,7 +256,7 @@ jobs: run: pnpm tsc - name: Upload Generic Artifacts if: ${{ matrix.settings.target == 'aarch64-apple-darwin' }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: nodejs-dist path: | @@ -287,13 +287,13 @@ jobs: shell: bash working-directory: nodejs steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@v6 with: version: 11.1.1 - name: Setup Node.js 24 for install - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: # pnpm 11 requires Node >= 22.13; use 24 since 22 hits EOL # in October. @@ -303,18 +303,18 @@ jobs: - name: Install dependencies run: pnpm install --frozen-lockfile - name: Setup Node.js ${{ matrix.node }} for test - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: ${{ matrix.node }} - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v8 with: name: lancedb-${{ matrix.settings.target }} path: nodejs/dist/ # For testing purposes: # run-id: 13982782871 # github-token: ${{ secrets.GITHUB_TOKEN }} # token with actions:read permissions on target repo - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@v8 with: name: nodejs-dist path: nodejs/dist @@ -339,13 +339,13 @@ jobs: needs: - test-lancedb steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Setup pnpm - uses: pnpm/action-setup@v4 + uses: pnpm/action-setup@v6 with: version: 11.1.1 - name: Setup node - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: 24 cache: pnpm @@ -353,14 +353,14 @@ jobs: registry-url: "https://registry.npmjs.org" - name: Install dependencies run: pnpm install --frozen-lockfile - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@v8 with: name: nodejs-dist path: nodejs/dist # For testing purposes: # run-id: 13982782871 # github-token: ${{ secrets.GITHUB_TOKEN }} # token with actions:read permissions on target repo - - uses: actions/download-artifact@v4 + - uses: actions/download-artifact@v8 name: Download arch-specific binaries with: pattern: lancedb-* @@ -398,7 +398,7 @@ jobs: contents: read issues: write steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: ./.github/actions/create-failure-issue with: job-results: ${{ toJSON(needs) }} diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index cd52a7ec9..ee8b319bb 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -41,7 +41,7 @@ jobs: shell: bash working-directory: python steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -66,7 +66,7 @@ jobs: shell: bash working-directory: python steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -95,7 +95,7 @@ jobs: shell: bash working-directory: python steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -126,7 +126,7 @@ jobs: shell: bash working-directory: python steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -160,7 +160,7 @@ jobs: shell: bash working-directory: python steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -189,7 +189,7 @@ jobs: shell: bash working-directory: python steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -212,7 +212,7 @@ jobs: shell: bash working-directory: python steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 22b777311..46f1a2479 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -40,7 +40,7 @@ jobs: CC: clang-18 CXX: clang++-18 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -65,7 +65,7 @@ jobs: timeout-minutes: 10 runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: EmbarkStudios/cargo-deny-action@v2 with: command: check advisories bans licenses sources @@ -78,7 +78,7 @@ jobs: CC: clang CXX: clang++ steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 # Building without a lock file often requires the latest Rust version since downstream # dependencies may have updated their minimum Rust version. - uses: actions-rust-lang/setup-rust-toolchain@v1 @@ -113,7 +113,7 @@ jobs: CXX: clang++-18 GH_TOKEN: ${{ secrets.SOPHON_READ_TOKEN }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -152,7 +152,7 @@ jobs: shell: bash working-directory: rust steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 lfs: true @@ -181,7 +181,7 @@ jobs: run: working-directory: rust/lancedb steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set target run: rustup target add ${{ matrix.target }} - uses: Swatinem/rust-cache@v2 @@ -210,7 +210,7 @@ jobs: CC: clang-18 CXX: clang++-18 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: submodules: true - name: Install dependencies diff --git a/.github/workflows/update_package_lock_run.yml b/.github/workflows/update_package_lock_run.yml index 270610c2b..35836a86f 100644 --- a/.github/workflows/update_package_lock_run.yml +++ b/.github/workflows/update_package_lock_run.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: main persist-credentials: false diff --git a/.github/workflows/update_package_lock_run_nodejs.yml b/.github/workflows/update_package_lock_run_nodejs.yml index a5ddc07de..227a94ecc 100644 --- a/.github/workflows/update_package_lock_run_nodejs.yml +++ b/.github/workflows/update_package_lock_run_nodejs.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: ref: main persist-credentials: false