Skip to content

Upgrade GitHub Actions for Node 24 compatibility #2124

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
salmanmkc wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Upgrade GitHub Actions for Node 24 compatibility #2124

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions .github/workflows/ai-service-release-image.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
platform: linux/arm64
runs-on: ${{ matrix.arch.runner }}
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
Expand Down Expand Up @@ -65,7 +65,7 @@ jobs:
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v6
with:
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
Expand All @@ -76,7 +76,7 @@ jobs:
needs: [ build-image ]
steps:
- name: Download digests
uses: actions/download-artifact@v4
uses: actions/download-artifact@v7
with:
path: /tmp/digests
pattern: digests-*
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/ai-service-release-nightly-image.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
platform: linux/arm64
runs-on: ${{ matrix.arch.runner }}
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Login to GitHub Container Registry
Comment on lines +30 to 31
Copy link
Contributor

@coderabbitai coderabbitai bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

cat -n .github/workflows/ai-service-release-nightly-image.yaml | sed -n '25,80p'

Repository: Canner/WrenAI

Length of output: 2422

🌐 Web query:

actions/checkout v6 release notes breaking changes migration

💡 Result:

actions/checkout v6 — release notes (what changed)

  • Credential persistence changed (security hardening): when persist-credentials: true (default), checkout no longer writes credentials into .git/config. Instead, it stores them in a separate file under $RUNNER_TEMP and wires Git up so normal git fetch/push still work. (github.com)
  • Most workflows require no changes: plain git commands you run on the runner (including git push) should continue working without modifications. (github.com)
  • Docker container actions caveat: if you run authenticated git commands from inside a Docker container action, you need GitHub Actions Runner v2.329.0+. (github.com)

Breaking changes / who might be impacted

You’re most likely to be impacted if your workflow (or a third-party action/script) directly inspects or depends on credentials being present in .git/config (for example, parsing .git/config to retrieve the token/credential helper config). In v6, that assumption no longer holds because credentials are persisted via the $RUNNER_TEMP mechanism instead. (github.com)

Migration checklist (v5 → v6)

  1. Change uses: actions/checkout@v5uses: actions/checkout@v6. (github.com)
  2. If you use Docker container actions and do git auth operations inside the container, ensure your runner is v2.329.0+. (github.com)
  3. If anything fails after upgrade, search your workflow/action code for any dependency on .git/config containing auth, and refactor to rely on normal git behavior (or explicitly pass credentials another way). (github.com)

Citations:

🌐 Web query:

actions/upload-artifact v6 release notes breaking changes migration

💡 Result:

actions/upload-artifact v6 — release notes / breaking changes

What changed in v6 (v6.0.0)

  • Runtime upgrade to Node.js 24 (runs.using: node24).
  • Self-hosted runner requirement: GitHub Actions Runner ≥ 2.327.1 (update runners before bumping to @v6).
    These are the key (and effectively breaking) changes called out for v6. [1][2]

Migration guidance

If you’re on GitHub-hosted runners

  • Update your workflow step to:
    • uses: actions/upload-artifact@v6
      No other workflow changes are called out specifically for v6 beyond the Node 24 runtime shift. [1][2]

If you’re on self-hosted runners (most common break)

  1. Upgrade the runner fleet to ≥ 2.327.1.
  2. Then bump:
    • uses: actions/upload-artifact@v6
      Otherwise, v6 may fail to start due to the Node 24 runtime requirement. [1][2]

If you’re migrating from v3 (or earlier) → v6

Most “real” breaking behavior changes happened at v4 (and still apply in v6), notably:

  • Artifacts are immutable: you can’t upload to the same artifact name multiple times (unless you change your approach, e.g., unique names per matrix/job, or use overwrite). [2]
  • Hidden files excluded by default (v4.4+); enable explicitly if needed. [2]
  • Per-job artifact limit: 500 artifacts. [2]
  • Self-hosted networking/firewall rules may need updates (v4 breaking change). [2]

Deprecation context (why you’re likely migrating)

GitHub deprecated v3 on Jan 30, 2025, so moving to v4+ (and thus v6) is required on GitHub.com. [3]

Sources: GitHub Releases for actions/upload-artifact v6.0.0 [1], repository README “v6 – What’s new” and v4 breaking changes [2], GitHub Changelog deprecation notice for v3 [3].

🌐 Web query:

actions/download-artifact v7 release notes breaking changes migration

💡 Result:

actions/download-artifact@v7 (v7.0.0) — release notes / breaking changes

Breaking change

  • Runtime bump to Node.js 24: actions/download-artifact@v7 now runs on Node.js 24 (runs.using: node24). This also introduces a minimum GitHub Actions Runner version of 2.327.1 (relevant for self-hosted runners). Previously, v6 defaulted to Node.js 20. [1][2][3]

Migration checklist (from v6 → v7)

  1. Update your workflow step:
    • uses: actions/download-artifact@v6uses: actions/download-artifact@v7 [1]
  2. If you use self-hosted runners, upgrade the runner to ≥ 2.327.1 before bumping to v7, or your workflow may fail. [1][2]
  3. If you cannot upgrade runners yet, stay on v6 until you can. (The v7 notes explicitly call out the minimum runner requirement.) [1][2]

What changed (high level)

  • Node 24 support + some related maintenance updates (including updated GHES guidance and a dependency update to address a Node 24 deprecation warning). [1]

Ensure self-hosted runners are at version 2.327.1 or later before deploying.

actions/checkout@v6 is safe for this workflow—it only impacts code that directly inspects .git/config for credentials, which doesn't apply here.

However, both actions/upload-artifact@v6 and actions/download-artifact@v7 require GitHub Actions Runner ≥ 2.327.1 due to Node.js 24 runtime. Since this workflow uses custom self-hosted runners (linux_amd64_runner, linux_arm64_runner), verify those runners have been upgraded to the minimum version before this change lands in production.

Also applies to: 63-75

🤖 Prompt for AI Agents 
In @.github/workflows/ai-service-release-nightly-image.yaml around lines 30 -
31, Before merging this workflow change, verify and document that all
self-hosted runners referenced by the workflow (the linux_amd64_runner and
linux_arm64_runner labels) are upgraded to GitHub Actions Runner version 2.327.1
or later because actions/upload-artifact@v6 and actions/download-artifact@v7
require the Node.js 24 runtime; update your release checklist or deployment
notes to block rollout until those runners report >=2.327.1 and re-run the
workflow validation.

uses: docker/login-action@v3
with:
Expand Down Expand Up @@ -60,7 +60,7 @@ jobs:
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v6
with:
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
Expand All @@ -71,7 +71,7 @@ jobs:
needs: [ build-image ]
steps:
- name: Download digests
uses: actions/download-artifact@v4
uses: actions/download-artifact@v7
with:
path: /tmp/digests
pattern: digests-*
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/ai-service-release-stable-image.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
with:
app-id: ${{ vars.CI_APP_ID }}
private-key: ${{ secrets.CI_APP_PRIVATE_KEY }}
- uses: actions/checkout@v4
- uses: actions/checkout@v6
with:
token: ${{ steps.generate-token.outputs.token }}
fetch-depth: 0
Expand All @@ -34,7 +34,7 @@ jobs:
git config --global user.name "wren-ai[bot]"
git config --global user.email "dev@cannerdata.com"
- name: Set up Python 3.12.0
uses: actions/setup-python@v4
uses: actions/setup-python@v6
with:
python-version: 3.12.0
- name: Install Poetry
Expand Down Expand Up @@ -91,7 +91,7 @@ jobs:
platform: linux/arm64
runs-on: ${{ matrix.arch.runner }}
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
with:
ref: ${{ github.ref }}
- name: Login to GitHub Container Registry
Expand Down Expand Up @@ -121,7 +121,7 @@ jobs:
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v6
with:
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
Expand All @@ -132,7 +132,7 @@ jobs:
needs: [ build-image ]
steps:
- name: Download digests
uses: actions/download-artifact@v4
uses: actions/download-artifact@v7
with:
path: /tmp/digests
pattern: digests-*
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/ai-service-test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,13 +31,13 @@ jobs:
runs-on: ubuntu-22.04
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Install Poetry
uses: abatilo/actions-poetry@v3
with:
poetry-version: "1.8.3"
- name: Set up Python
uses: actions/setup-python@v5
uses: actions/setup-python@v6
with:
python-version-file: ./wren-ai-service/pyproject.toml
cache: "poetry"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/create-rc-release-pr.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v6

- name: Setup Git Identity
run: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/create-rc-release.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,12 +15,12 @@ jobs:
if: ${{ github.event_name == 'issue_comment' && contains(github.event.comment.body, '/release-rc') && startsWith(github.event.issue.title, 'Release') }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@v6
with:
ref: main

- name: Set up Go
uses: actions/setup-go@v4
uses: actions/setup-go@v6
with:
Comment on lines 17 to 24
Copy link
Contributor

@coderabbitai coderabbitai bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

actions/checkout v6 release notes breaking changes

💡 Result:

actions/checkout v6: release notes / breaking changes (summary)

  • Credential persistence changed (main “breaking” change): when persist-credentials: true (default), the action no longer writes auth into .git/config; it now stores credentials in a separate file under $RUNNER_TEMP and wires it up so normal git fetch/push still works. (github.com)

    • Who can break: workflows/tools that directly read or modify .git/config expecting the token/extraheader to be there, or that depend on the prior on-disk location/format of the injected credentials. (github.com)

  • Runner requirement for Docker container actions: if you run authenticated git commands from inside a Docker container action, you need GitHub Actions Runner v2.329.0+ for v6 behavior to work. (github.com)

Official “What’s Changed” (v6.0.0)

  • “Persist creds to a separate file” (PR #2286) + README updates (including Node.js 24 requirements details). (github.com)

Citations:

🌐 Web query:

actions/setup-go v6 release notes breaking changes

💡 Result:

actions/setup-go v6.0.0 (released Sep 4) breaking changes:

  • Go toolchain selection/management changed (“Improve toolchain handling…”)—this can affect which Go version gets installed/used compared to v5. [1]
  • Node.js runtime upgraded from Node 20 → Node 24 (can impact self-hosted runners / older environments). [1][2]
  • Runner compatibility requirement: ensure your GitHub Actions runner is v2.327.1+. [1][2]

Sources: GitHub v6.0.0 release notes [1] and repository “Breaking changes in V6” section [2].

Verify actions/checkout@v6 and actions/setup-go@v6 for compatibility with this workflow.

Both actions have breaking changes in v6:

  • actions/checkout@v6: Credential persistence changed (stored in separate file instead of .git/config). This likely won't affect the basic checkout step here unless the workflow directly manipulates .git/config.

  • actions/setup-go@v6: Toolchain selection/management changed, which can affect Go version installation. Verify the go-version input specified is compatible with the new toolchain handling.

Both require GitHub Actions Runner v2.329.0+ (checkout) and v2.327.1+ (setup-go). Confirm your environment meets these minimum versions.

🤖 Prompt for AI Agents 
In @.github/workflows/create-rc-release.yaml around lines 17 - 24, The workflow
uses actions/checkout@v6 and actions/setup-go@v6 which have breaking changes and
require newer runners; verify compatibility by either (a) pinning to a previous
non-breaking major (e.g., actions/checkout@v3 or actions/setup-go@v4) or (b)
updating the workflow to accommodate v6 semantics: ensure you handle credential
persistence changes for actions/checkout and confirm the actions/setup-go input
(go-version) is compatible with the new toolchain selection, and also ensure
your GitHub Actions runner meets the minimum versions (v2.329.0+ for checkout,
v2.327.1+ for setup-go) or add a note/guard in CI to require those runner
versions.

go-version: "1.23.0"

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/pr-tagger.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:

steps:
- name: Checkout code
uses: actions/checkout@v3
uses: actions/checkout@v6
with:
fetch-depth: 0

Expand All @@ -27,7 +27,7 @@ jobs:
uses: tj-actions/changed-files@v46

- name: Tag PR based on changed files and title
uses: actions/github-script@v6
uses: actions/github-script@v8
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/ui-lint.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,15 +25,15 @@ jobs:
if: ${{ github.event.label.name == 'ci/ui' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6
- name: Set up Node.js
uses: actions/setup-node@v2
uses: actions/setup-node@v6
with:
node-version: '18'
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
- uses: actions/cache@v5
Comment on lines +28 to +36
Copy link
Contributor

@coderabbitai coderabbitai bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

actions/checkout v6 release notes breaking changes

💡 Result:

actions/checkout v6 — release notes & breaking changes

Release notes (v6.0.0):

  • “Persist creds to a separate file” (credential-handling refactor) plus README/changelog updates and a v6 beta prep. [1]

What changed (the “breaking-change-ish” parts):

  • Credentials are no longer written into .git/config. When persist-credentials is used, credentials are now stored in a separate file under $RUNNER_TEMP and applied via Git’s conditional include mechanism (includeIf). Most workflows should keep working without changes (e.g., git fetch/git push). [2][3]
  • If you run authenticated git commands inside a Docker container action, you now need GitHub Actions Runner v2.329.0+ for the auth wiring to work. [2]

Who might actually be impacted:

  • Workflows/tools that directly read or depend on the token being present in .git/config (because v6 moves it elsewhere). [2][3]

Sources: GitHub release v6.0.0 notes [1], official README/Marketplace “Checkout v6” notes [2], and the implementing PR description (details on $RUNNER_TEMP + includeIf) [3].

References
[1] (github.com)
[2] (github.com)
[3] (github.com)

Citations:

🌐 Web query:

actions/setup-node v6 release notes breaking changes

💡 Result:

actions/setup-node v6 — breaking changes (from release notes)

  • Automatic caching is now limited to npm: v6.0.0 changes the “automatic caching” behavior so it only applies to npm; Yarn/pnpm caching is no longer automatic and must be configured via the cache input (and workflow/docs may need updates accordingly). [1]
  • always-auth removed: the action no longer supports/handles always-auth (deprecated in npm), so workflows should remove any always-auth usage. This landed in the v6 line (noted in v6 docs and implemented in v6.1.0). [2][3]

Sources: GitHub Releases for v6.0.0 and v6.1.0, plus the Marketplace “Breaking changes in V6” section. [1][2][3]

🌐 Web query:

actions/cache v5 release notes breaking changes

💡 Result:

actions/cache@v5 — breaking/required changes (release notes)

  • Runtime upgrade: actions/cache@v5 now runs on Node.js 24. You must be on GitHub Actions Runner >= 2.327.1 (notably for self-hosted runners), or the action may fail to run. [1]
  • Cache service migration note (not a v5-only breaking change, but commonly relevant during upgrades): the cache backend moved to the newer “cache service (v2) APIs”; older/deprecated action versions were slated to stop working around Feb 1, 2025 if not upgraded. [1]

Source: actions/cache “What’s New” / important changes section. [1]

References

[1] actions/cache repository (README / What’s New): https://github.com/actions/cache

🌐 Web query:

GitHub Actions set-output deprecated replacement

💡 Result:

::set-output is deprecated; replace it by writing step outputs to the GITHUB_OUTPUT environment file. [1][2]

In a workflow (Bash)

- name: Produce output
  id: my_step
  run: echo "my_output=some value" >> "$GITHUB_OUTPUT"

- name: Consume output
  run: echo "${{ steps.my_step.outputs.my_output }}"

[1][2]

PowerShell

- id: my_step
  run: '"my_output=some value" >> $env:GITHUB_OUTPUT'

[2]

Multiline output

{
  echo "my_output<<EOF"
  echo "line 1"
  echo "line 2"
  echo "EOF"
} >> "$GITHUB_OUTPUT"

[2]

If you author JavaScript/TypeScript actions

Update @actions/core to v1.10.0+, which uses the new env-file mechanism under the hood. [1]

Replace deprecated set-output with GITHUB_OUTPUT.

The action versions (checkout@v6, setup-node@v6, cache@v5) are compatible with your workflow configuration. Note that setup-node@v6 disabled automatic Yarn caching; your manual actions/cache configuration mitigates this.

However, line 35 uses the deprecated ::set-output syntax:

run: echo "::set-output name=dir::$(yarn cache dir)"

Replace it with:

run: echo "dir=$(yarn cache dir)" >> "$GITHUB_OUTPUT"
🧰 Tools
🪛 actionlint (1.7.10)

[error] 35-35: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)

🤖 Prompt for AI Agents 
In @.github/workflows/ui-lint.yaml around lines 28 - 36, The step with id
"yarn-cache-dir-path" uses the deprecated ::set-output syntax; update that
step's run command to use the GITHUB_OUTPUT mechanism by writing a line with the
key and yarn cache dir value into the file referenced by the GITHUB_OUTPUT
environment variable (i.e., replace the echo "::set-output name=dir::$(yarn
cache dir)" invocation with an append-to-GITHUB_OUTPUT style write), leaving the
surrounding workflow steps (uses: actions/checkout@v6, uses:
actions/setup-node@v6, uses: actions/cache@v5) unchanged.

Comment on lines 33 to +36
Copy link
Contributor

@coderabbitai coderabbitai bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

GitHub Actions set-output command deprecated GITHUB_OUTPUT

💡 Result:

::set-output (and ::save-state) workflow commands are deprecated because writing commands to stdout could be exploited via untrusted log output. GitHub recommends migrating to environment files instead. (github.blog)

Replace set-output with GITHUB_OUTPUT (step outputs)

Before (deprecated):

- name: Compute
  id: vars
  run: echo "::set-output name=FOO::bar"

After (recommended):

- name: Compute
  id: vars
  run: echo "FOO=bar" >> "$GITHUB_OUTPUT"

- name: Use it
  run: echo "${{ steps.vars.outputs.FOO }}"

GitHub documents step outputs as writing name=value lines to the file referenced by GITHUB_OUTPUT. (docs.github.com)

Important note on “disabled soon”

GitHub previously announced deprecation/removal timelines, but later postponed removal due to continued usage; you may still see warnings encouraging migration. (github.blog)

Citations:

Replace deprecated set-output command with $GITHUB_OUTPUT.

::set-output is deprecated by GitHub and exploitable via untrusted log output; use the $GITHUB_OUTPUT environment file instead.

🔧 Suggested fix 
       - name: Get yarn cache directory path
         id: yarn-cache-dir-path
-        run: echo "::set-output name=dir::$(yarn cache dir)"
+        run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
🧰 Tools
🪛 actionlint (1.7.10)

[error] 35-35: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)

🤖 Prompt for AI Agents 
In @.github/workflows/ui-lint.yaml around lines 33 - 36, The "Get yarn cache
directory path" step (id: yarn-cache-dir-path) uses the deprecated ::set-output
syntax; update the step's run command to write the output variable named "dir"
to the $GITHUB_OUTPUT environment file by appending a line in the form
"dir=<yarn cache dir>" (i.e., capture the result of yarn cache dir and append it
to $GITHUB_OUTPUT) instead of using ::set-output, leaving the rest of the step
and the subsequent actions/cache usage unchanged.

id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: | # should cache node_modules as well
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/ui-release-image-stable.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ jobs:
platform: linux/arm64
runs-on: ${{ matrix.arch.runner }}
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
Expand All @@ -54,7 +54,7 @@ jobs:
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v6
with:
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
Expand All @@ -65,7 +65,7 @@ jobs:
needs: [build-image]
steps:
- name: Download digests
uses: actions/download-artifact@v4
uses: actions/download-artifact@v7
with:
path: /tmp/digests
pattern: digests-*
Expand Down Expand Up @@ -103,7 +103,7 @@ jobs:
with:
app-id: ${{ vars.CI_APP_ID }}
private-key: ${{ secrets.CI_APP_PRIVATE_KEY }}
- uses: actions/checkout@v4
- uses: actions/checkout@v6
with:
token: ${{ steps.generate-token.outputs.token }}
fetch-depth: 0
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/ui-release-image.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
platform: linux/arm64
runs-on: ${{ matrix.arch.runner }}
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
Expand Down Expand Up @@ -64,7 +64,7 @@ jobs:
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@v6
with:
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
Expand All @@ -75,7 +75,7 @@ jobs:
needs: [ build-image ]
steps:
- name: Download digests
uses: actions/download-artifact@v4
uses: actions/download-artifact@v7
with:
path: /tmp/digests
pattern: digests-*
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/ui-test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,15 @@ jobs:
if: ${{ github.event.label.name == 'ci/ui'}}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v6
- name: Set up Node.js
uses: actions/setup-node@v2
uses: actions/setup-node@v6
with:
node-version: '18'
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "::set-output name=dir::$(yarn cache dir)"
- uses: actions/cache@v2
- uses: actions/cache@v5
Comment on lines +27 to +35
Copy link
Contributor

@coderabbitai coderabbitai bot Feb 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

GitHub Actions set-output deprecated $GITHUB_OUTPUT replacement

💡 Result:

To replace the deprecated workflow command:

echo "::set-output name=MY_OUTPUT::$value"

write to the step’s environment file instead:

echo "MY_OUTPUT=$value" >> "$GITHUB_OUTPUT"

Then consume it the same way:

${{ steps.<id>.outputs.MY_OUTPUT }}

For multiline outputs, use the delimiter (“heredoc-style”) format:

{
  echo 'MY_OUTPUT<<EOF'
  printf '%s\n' "$value"
  echo 'EOF'
} >> "$GITHUB_OUTPUT"

GitHub announced the deprecation of set-output (stdout workflow command) in favor of environment files like GITHUB_OUTPUT. [1] [2]

Sources:
[1] GitHub Docs – Workflow commands / setting an output parameter (GITHUB_OUTPUT) and multiline delimiter syntax https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-commands
[2] GitHub Changelog – Deprecating save-state and set-output (move to env files) https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands

🏁 Script executed:

cat -n .github/workflows/ui-test.yaml | sed -n '25,37p'

Repository: Canner/WrenAI

Length of output: 617

Replace deprecated set-output command.

::set-output is deprecated as of October 2022; switch to $GITHUB_OUTPUT to avoid warnings and future breakage.

♻️ Proposed fix 
-        run: echo "::set-output name=dir::$(yarn cache dir)"
+        run: echo "dir=$(yarn cache dir)" >> $GITHUB_OUTPUT
🧰 Tools
🪛 actionlint (1.7.10)

[error] 34-34: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)

🤖 Prompt for AI Agents 
In @.github/workflows/ui-test.yaml around lines 27 - 35, The workflow step with
id "yarn-cache-dir-path" uses the deprecated "::set-output" command; update its
run command to emit the output via the GITHUB_OUTPUT file instead (i.e., write
the key=value pair for "dir" to $GITHUB_OUTPUT) so downstream steps read the
value from steps.yarn-cache-dir-path.outputs.dir; replace the current run that
echoes "::set-output name=dir::$(yarn cache dir)" with a command that appends
"dir=$(yarn cache dir)" to the $GITHUB_OUTPUT file and keep the step id/name
unchanged.

id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
with:
path: | # should cache node_modules as well
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/wren-launcher-ci.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@ jobs:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/checkout@v6
- uses: actions/setup-go@v6
with:
go-version: '1.24'
cache-dependency-path: wren-launcher/go.sum
Expand All @@ -38,9 +38,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@v6
- name: Setup Go
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
go-version: '1.24'
cache-dependency-path: wren-launcher/go.sum
Expand All @@ -67,9 +67,9 @@ jobs:
needs: fmt-and-test
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@v6
- name: Setup Go
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
go-version: '1.24'
cache-dependency-path: wren-launcher/go.sum
Expand Down