Skip to content

chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.1#164

Open
dependabot[bot] wants to merge 306 commits intomasterfrom
dependabot/github_actions/actions/download-artifact-8.0.1
Open

chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.1#164
dependabot[bot] wants to merge 306 commits intomasterfrom
dependabot/github_actions/actions/download-artifact-8.0.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026

Bumps actions/download-artifact from 7.0.0 to 8.0.1.

Release notes

Sourced from actions/download-artifact's releases.

v8.0.1

What's Changed

Full Changelog: actions/download-artifact@v8...v8.0.1

v8.0.0

v8 - What's new

[!IMPORTANT] actions/download-artifact@v8 has been migrated to an ESM module. This should be transparent to the caller but forks might need to make significant changes.

[!IMPORTANT] Hash mismatches will now error by default. Users can override this behavior with a setting change (see below).

Direct downloads

To support direct uploads in actions/upload-artifact, the action will no longer attempt to unzip all downloaded files. Instead, the action checks the Content-Type header ahead of unzipping and skips non-zipped files. Callers wishing to download a zipped file as-is can also set the new skip-decompress parameter to true.

Enforced checks (breaking)

A previous release introduced digest checks on the download. If a download hash didn't match the expected hash from the server, the action would log a warning. Callers can now configure the behavior on mismatch with the digest-mismatch parameter. To be secure by default, we are now defaulting the behavior to error which will fail the workflow run.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

Full Changelog: actions/download-artifact@v7...v8.0.0

Commits
  • 3e5f45b Add regression tests for CJK characters (#471)
  • e6d03f6 Add a regression test for artifact name + content-type mismatches (#472)
  • 70fc10c Merge pull request #461 from actions/danwkennedy/digest-mismatch-behavior
  • f258da9 Add change docs
  • ccc058e Fix linting issues
  • bd7976b Add a setting to specify what to do on hash mismatch and default it to error
  • ac21fcf Merge pull request #460 from actions/danwkennedy/download-no-unzip
  • 15999bf Add note about package bumps
  • 974686e Bump the version to v8 and add release notes
  • fbe48b1 Update test names to make it clearer what they do
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

yeasy and others added 30 commits August 23, 2018 21:36
@yeasy
Merge pull request #97 from Sunnykaby/master
b307d81 
Add fabric sdk node demo
@stephenmjm
修正gerrit的 URL
cd5c47b 
 https://gerrit.hyperledger.org/r/#/settings/ssh-keys
@yeasy
Merge pull request #98 from stephenmjm/patch-1
e07d809 
Fix gerrit URL
@yeasy
Update with latest progress
14fd593
@yeasy
Update with latest progress
898ac8e
@yeasy
Fix issue#100: byzantine work
3ed119e
@yeasy
Update with latest information
b6a5dc0
@yeasy
Add trust curve figure
86bfc32
Add data field of tx and fix some outdated values
4cd543b
@yeasy
Merge pull request #101 from manxiaqu/master
ce5d50c 
Add data field of tx and fix the outdated encourage values
@yeasy
Refine consensus work
b8509c4
@yeasy
Merge branch 'master' of github.com:yeasy/blockchain_guide
b8df241
@hightall
Add user dashboard guide
b373eb3 
Signed-off-by: Haitao Yue <bjhtyue@cn.ibm.com>
@yeasy
Merge pull request #103 from HaitaoYue/master
8a9903c 
Add Cello user dashboard guide
@yeasy
Update crypto
03b6138
@yeasy
Merge branch 'master' of github.com:yeasy/blockchain_guide
1b3b2b3
@yeasy
Release v1.2.0
ec0451e
@yeasy
Update revision to v1.2.0
8b59147
@guaguawa
fix:创新科技固然现金-->创新科技固然先进
e3f4112
@guaguawa
fix:Paxon-->Paxos
6c5d31e
@guaguawa
Paxon-->Paxos
4ab3b3f
@yeasy
Merge pull request #105 from guaguawa/master
e8b034d 
Fix typos
@yeasy
Add chapter number
bf0172d
@yeasy
Update history
28002ec
@yeasy
Update overview
0495994
@yeasy
Add more usage scenarios
180866c
@yeasy
Add more distributed algorithms
b99d522
@dexhunter
fix table format
e901d0a 
minor fix for table format of markdown
@yeasy
Merge pull request #107 from dexhunter/master
3836e4c 
Fix table format
@yeasy
Add more crypto techniques
d833073
yeasy and others added 28 commits March 31, 2026 07:50
@yeasy
Refine stablecoin outlook
02bca9d
@yeasy
Refresh product lifecycle
bf75ede
@yeasy
Fix Bitcoin timeline chronological order
ee0a2b0
@yeasy
Update cross-reference links to GitBook
6a91336
@yeasy @claude
Add license section to README
76035d4 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@yeasy
ci: remove redundant release-pdf.yml, keep auto-release.yml
cae8eb7
@yeasy @claude
Add release-pdf CI workflow for automated PDF builds
d73fa16 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@yeasy
Remove duplicate release-pdf workflow
f94eec1
@yeasy
Update DeFi TVL data
3481db7
@yeasy
Update GENIUS Act timeline
ff25200
@yeasy
Update DeFi TVL data for 2026 Q1
86bef11
@yeasy
Update DeFi data and fix security incidents
96c928a
@dependabot
chore(deps): bump dependabot/fetch-metadata in the dependencies group
0b27cc7 
Bumps the dependencies group with 1 update: [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata).


Updates `dependabot/fetch-metadata` from 2 to 3
- [Release notes](https://github.com/dependabot/fetch-metadata/releases)
- [Commits](dependabot/fetch-metadata@v2...v3)

---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@github-actions
Merge pull request #162 from yeasy/dependabot/github_actions/dependen…
e02ad39 
…cies-c22e3e74e6

chore(deps): bump dependabot/fetch-metadata from 2 to 3 in the dependencies group
@yeasy
Unify currency format to Chinese style
a53a6bf
@yeasy
Update DeFi data and GENIUS Act timeline
31515b2
@yeasy
Remove stale time annotations from content
3f31284
@yeasy
Update Geth version to 1.17.x
89513d0
@yeasy
Remove outdated audit report
b63e948
@dependabot
chore(deps): bump the dependencies group with 2 updates
46140af 
Bumps the dependencies group with 2 updates: [softprops/action-gh-release](https://github.com/softprops/action-gh-release) and [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata).


Updates `softprops/action-gh-release` from 2 to 3
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](softprops/action-gh-release@v2...v3)

Updates `dependabot/fetch-metadata` from 2 to 3
- [Release notes](https://github.com/dependabot/fetch-metadata/releases)
- [Commits](dependabot/fetch-metadata@v2...v3)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: dependabot/fetch-metadata
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@github-actions
Merge pull request #163 from yeasy/dependabot/github_actions/dependen…
25ffc7c 
…cies-8fe05ed821

chore(deps): bump the dependencies group with 2 updates
@yeasy
Ignore agent workspace directory
f8eae6d
@yeasy
Restructure README with badges and cover
9ba8500
@yeasy
Drop legacy plugins
d1f318f
@yeasy
Enable gitbook plugins
9e5d2c0
@yeasy
Fix duplicated character typo in cert.md
a0075f1
@yeasy
Fix blockchain guide review findings
6b2aa78
@dependabot
chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.1
f0feb68 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7.0.0 to 8.0.1.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@37930b1...3e5f45b)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: 8.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Apr 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.