From af24440adb135a81d0a61952416ad67fae0167e2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 1 Nov 2025 09:12:38 +0000
Subject: [PATCH] Bump the workflow-actions group with 2 updates

Bumps the workflow-actions group with 2 updates: [actions/download-artifact](https://github.com/actions/download-artifact) and [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/download-artifact` from 5.0.0 to 6.0.0
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/634f93cb2916e3fdff6788551b99b062d0335ce0...018cc2cf5baa6db3ef3c5f8a56943fffe632ef53)

Updates `actions/upload-artifact` from 4.6.2 to 5.0.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/ea165f8d65b6e75b540449e92b4886f43607fa02...330a01c490aca151604b8cf639adc76d48f6c5d4)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: workflow-actions
- dependency-name: actions/upload-artifact
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: workflow-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci-report.yml     | 2 +-
 .github/workflows/ci-tck-report.yml | 8 ++++----
 .github/workflows/ci.yml            | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/ci-report.yml b/.github/workflows/ci-report.yml
index c35327317..5f6f42550 100644
--- a/.github/workflows/ci-report.yml
+++ b/.github/workflows/ci-report.yml
@@ -74,7 +74,7 @@ jobs:
         run: ./mvnw -v
       - name: Download GitHub Actions artifacts for the Develocity build scans
         id: downloadBuildScan
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # 5.0.0
+        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # 6.0.0
         with:
           pattern: build-scan-data-*
           github-token: ${{ github.token }}
diff --git a/.github/workflows/ci-tck-report.yml b/.github/workflows/ci-tck-report.yml
index fe77e18b5..9212e4f3e 100644
--- a/.github/workflows/ci-tck-report.yml
+++ b/.github/workflows/ci-tck-report.yml
@@ -93,7 +93,7 @@ jobs:
           echo "" >> ${{ env.REPORT_FILE }}
 
       - name: Upload TCK Report as an Artifact
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # 4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # 5.0.0
         with:
           name: tck-standalone-report-html-${{matrix.java-version}}
           path: tck-runner/target/surefire-reports/emailable-report.html
@@ -113,7 +113,7 @@ jobs:
           echo "" >> ${{ env.REPORT_FILE }}
           
       - name: Upload TCK Report as an Artifact
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # 4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # 5.0.0
         with:
           name: tck-container-report-html-${{matrix.java-version}}
           path: tck-runner/target/surefire-reports/emailable-report.html
@@ -133,7 +133,7 @@ jobs:
           echo "" >> ${{ env.REPORT_FILE }}
 
       - name: Upload TCK Report as an Artifact
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # 4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # 5.0.0
         with:
           name: tck-signature-report-xml-${{matrix.java-version}}
           path: tck-runner/target/surefire-reports/sigtest/report.xml
@@ -169,7 +169,7 @@ jobs:
           cat ${{ env.REPORT_FILE }}
 
       - name: Upload Final Report as an Artifact
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # 4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # 5.0.0
         with:
           name: final-report-${{matrix.java-version}}
           path: ${{ env.REPORT_FILE }}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 566d2fac0..d59fa0f8e 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -117,7 +117,7 @@ jobs:
       # The actual publishing must be done in a separate job (see ci-report.yml).
       # We don't write to the remote cache as that would be unsafe.
       - name: Upload GitHub Actions artifact for the Develocity build scan
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # 4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # 5.0.0
         if: "${{ github.event_name == 'pull_request' && !cancelled() }}"
         with:
           name: build-scan-data-standalone-${{ matrix.os.name }}
@@ -134,7 +134,7 @@ jobs:
           DEVELOCITY_BASE_URL: "${{ env.DEVELOCITY_BASE_URL || 'https://develocity.commonhaus.dev' }}"
 
       - name: Upload GitHub Actions artifact for the Develocity build scan
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # 4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # 5.0.0
         if: "${{ github.event_name == 'pull_request' && !cancelled() }}"
         with:
           name: build-scan-data-incontainer-${{ matrix.os.name }}