Skip to content

ci(deps): Bump actions/upload-artifact from 4 to 7#6

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/upload-artifact-7
Open

ci(deps): Bump actions/upload-artifact from 4 to 7#6
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions/upload-artifact-7

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown

Bumps actions/upload-artifact from 4 to 7.

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.0

v7 What's new

Direct Uploads

Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

New Contributors

Full Changelog: actions/upload-artifact@v6...v7.0.0

v6.0.0

v6 - What's new

[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

... (truncated)

Commits
  • 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
  • 634250c Include changes in typespec/ts-http-runtime 0.3.5
  • e454baa Readme: bump all the example versions to v7 (#796)
  • 74fad66 Update the readme with direct upload details (#795)
  • bbbca2d Support direct file uploads (#764)
  • 589182c Upgrade the module to ESM and bump dependencies (#762)
  • 47309c9 Merge pull request #754 from actions/Link-/add-proxy-integration-tests
  • 02a8460 Add proxy integration test
  • b7c566a Merge pull request #745 from actions/upload-artifact-v6-release
  • e516bc8 docs: correct description of Node.js 24 support in README
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 7.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4...v7)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

exbuf added a commit that referenced this pull request Jul 2, 2026
adopters see themselves first; drop artificial "Home user"
identity segregation

The list opened with **Home user** (least likely PyPI/GitHub
discoverer) and buried the technical roles most likely to reach
peekdocs through Python-packaging channels at positions #10–12
(AI/ML engineer, Engineer, Developer / programmer). A first-time
visitor arriving from a GitHub search for "python document
search cli" scrolled past four non-technical bullets before
seeing themselves.

Also, having **Home user** as one bullet among "Office worker /
Developer / Sysadmin" implicitly framed the other 12 bullets as
NOT home users — contradicting the "entirely on your own
computer" opening. peekdocs is local-only; every user IS a
home user.

**Reordered** so tech-heavy adopters land at the top:

  1. Developer / programmer     (was #12)
  2. Sysadmin                   (was #6)
  3. AI/ML engineer             (was #10)
  4. IT consultant              (was #4, expanded)
  5. Data researcher            (was #9)
  6. Engineer                   (was #11)
  7. Documentation team         (was #7)
  8. Auditor or review          (was #5)
  9. Researcher                 (was #8)
  10. Small business owner      (was #3, absorbed the Home-user
                                 tax-search scenario as a
                                 "Personal side" note)
  11. Office worker             (was #2)

**Dropped two bullets:**

  - **Home user** — the "everybody is a home user" framing now
    lives in the section's opening paragraph ("entirely on your
    own computer"), applying to every bullet rather than being
    one bullet's identity. The tax-search scenario is folded
    into Small business owner as a "Personal side" note so no
    concrete example is lost.

  - **Email archives** — was a file type, not a role. Odd one
    out in a role-shaped list. Already covered by the intro's
    file-type enumeration (Word, PDF, Excel, email, scanned
    documents, archives, and 100+ more).

**Enhanced two one-liners:**

  - **Sysadmin** was "Search 20 GB of log files for a request ID
    across mixed archives." Added the `.gz`/`.bz2`/`.zip`/`.tar`
    detail (read natively without unpacking) and the --watch
    NDJSON streaming detail for pipeline integration.

  - **IT consultant** was "Search a folder of client documents
    for a set of terms." Added the standalone-binary-on-USB
    workflow (--output-dir back to the USB, --no-index for zero
    artifacts) and a cross-link to the Portable / consulting
    use section added earlier this session (fc9fd98).

All other bullets keep their descriptions verbatim — only their
position in the list changed.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
exbuf added a commit that referenced this pull request Jul 2, 2026
"Preparing the USB — one-time setup" walkthrough + two new
gotchas (Windows Group Policy, Tesseract not bundled)

The prior "Setup — done once" paragraph was a one-liner —
"grab the binaries and drop them onto the USB." Too thin for
consultants first attempting the workflow, and left several
practical questions unanswered:

  - Which binaries + what sizes?
  - Do I need Python on the USB too?  (No — the standalone
    binaries ARE Python + deps + peekdocs; this is now stated
    explicitly to head off the question.)
  - How do I verify what I downloaded is what shipped?
  - What USB folder structure is sane?
  - Should I unzip .app bundles now or at the client?
  - What do I do BEFORE the engagement to catch issues?

**Section retitled and expanded — "Preparing the USB — one-time
setup":**

  - Opens with "You do not carry Python on the USB and you do
    not install Python on the client machine." — direct answer
    to the recurring "do I also need a portable-Python
    distribution?" question, before it gets asked.
  - Six-binary + checksums-file listing with per-file sizes
    (78 MB Windows CLI, 103 MB macOS CLI zip, 114 MB Linux
    CLI, 78 MB Windows GUI, 200 MB macOS GUI zip, 114 MB
    Linux GUI, 530 B SHA256SUMS).
  - CLI-vs-GUI decision guidance (preserved from prior edit).
  - SHA-256 verification step — one-liner for macOS/Linux
    (shasum -a 256 -c peekdocs_SHA256SUMS.txt), PowerShell
    equivalent for Windows (Get-FileHash + manual compare).
  - macOS .app pre-unzip guidance with the ExFAT-doesn't-
    preserve-xattrs rationale for why quarantine flag often
    doesn't survive the copy.
  - Recommended USB folder structure (windows/ macos/ linux/
    subdirs + checksums + peekdocs_reports/ output target +
    scripts/ wrapper directory).
  - --check verification step (preserved from prior edit).
  - Rehearsal step — "run the actual command on a scratch
    folder matching the client's OS before you're on the
    clock." Catches paths-with-spaces and aggressive-SmartScreen
    surprises early.

**"Four gotchas" → "Six gotchas" — new #5 and #6:**

  - **#5 Corporate Windows execution restrictions.** Group
    Policy and Windows Defender Controlled Folder Access can
    block .exe launches from removable drives. Verify with
    client IT before assuming the workflow works; fallback
    options named (temporary whitelist / pipx-install on
    client / launch from a Group-Policy-permitted directory).

  - **#6 Tesseract for OCR is NOT bundled.** The standalone
    binaries carry Python + Python dependencies only. If OCR
    of scanned PDFs or image files is in scope: install
    Tesseract on the client (footprint, may need admin),
    pre-OCR docs on own machine before the engagement (produce
    searchable copies), or scope OCR out. Cross-links
    peekdocs --check as the on-site diagnostic that reports
    Tesseract's presence.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
exbuf added a commit that referenced this pull request Jul 2, 2026
Docs-only bump for the Portable / consulting use section
expansions in 788487c (GUI variants coverage in Gotcha 4) and
6b3b57c (Preparing the USB one-time setup walkthrough + new
gotchas #5 Windows Group Policy and #6 Tesseract not bundled).
No code changes.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants