From 3eea189925c1623c8a9bfa56a6a1f7ff49e4677e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 15 Apr 2026 00:25:30 +0000
Subject: [PATCH] build(deps): bump the github-actions group with 2 updates

Bumps the github-actions group with 2 updates: [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact).


Updates `actions/upload-artifact` from 4.6.2 to 7.0.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/ea165f8d65b6e75b540449e92b4886f43607fa02...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a)

Updates `actions/download-artifact` from 5.0.0 to 8.0.1
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/634f93cb2916e3fdff6788551b99b062d0335ce0...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/download-artifact
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/build-image.yml   | 2 +-
 .github/workflows/ci.yml            | 6 +++---
 .github/workflows/lint-image.yml    | 2 +-
 .github/workflows/publish-image.yml | 2 +-
 .github/workflows/scan-image.yml    | 4 ++--
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml
index 5b2a6ac..a4cfbc0 100644
--- a/.github/workflows/build-image.yml
+++ b/.github/workflows/build-image.yml
@@ -36,7 +36,7 @@ jobs:
         run: printf '%s\n' '${{ inputs.image }}' > '${{ runner.temp }}/image.txt'
 
       - name: Upload image artifact
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           name: docker-image-${{ inputs.image }}
           path: |
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 28cf302..1630bdb 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -41,7 +41,7 @@ jobs:
       images: ${{ steps.collect.outputs.images }}
     steps:
       - name: Download lint markers
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           pattern: lint-passed-*
           path: ${{ runner.temp }}/lint-markers
@@ -92,7 +92,7 @@ jobs:
       images: ${{ steps.collect.outputs.images }}
     steps:
       - name: Download build artifacts
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           pattern: docker-image-*
           path: ${{ runner.temp }}/build-artifacts
@@ -143,7 +143,7 @@ jobs:
       images: ${{ steps.collect.outputs.images }}
     steps:
       - name: Download scan markers
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           pattern: scan-passed-*
           path: ${{ runner.temp }}/scan-markers
diff --git a/.github/workflows/lint-image.yml b/.github/workflows/lint-image.yml
index 9a542ba..ce3d3a8 100644
--- a/.github/workflows/lint-image.yml
+++ b/.github/workflows/lint-image.yml
@@ -31,7 +31,7 @@ jobs:
 
       - name: Upload lint passed marker
         if: success()
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           name: lint-passed-${{ inputs.image }}
           path: ${{ runner.temp }}/image.txt
diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml
index 1694b0a..0d4bb0a 100644
--- a/.github/workflows/publish-image.yml
+++ b/.github/workflows/publish-image.yml
@@ -28,7 +28,7 @@ jobs:
           echo "image_ref=ghcr.io/trly/${{ inputs.image }}:$version" >> "$GITHUB_OUTPUT"
 
       - name: Download image artifact
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           name: docker-image-${{ inputs.image }}
           path: ${{ runner.temp }}/image
diff --git a/.github/workflows/scan-image.yml b/.github/workflows/scan-image.yml
index bb2315f..a85ef01 100644
--- a/.github/workflows/scan-image.yml
+++ b/.github/workflows/scan-image.yml
@@ -27,7 +27,7 @@ jobs:
           echo "image_ref=ghcr.io/trly/${{ inputs.image }}:$version" >> "$GITHUB_OUTPUT"
 
       - name: Download image artifact
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
         with:
           name: docker-image-${{ inputs.image }}
           path: ${{ runner.temp }}/image
@@ -52,7 +52,7 @@ jobs:
 
       - name: Upload scan passed marker
         if: success()
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           name: scan-passed-${{ inputs.image }}
           path: ${{ runner.temp }}/image.txt