HSLdevcom · Jontzii · Dec 29, 2025 · Dec 29, 2025
diff --git a/.github/workflows/shared-build-and-publish-docker-image.yml b/.github/workflows/shared-build-and-publish-docker-image.yml
@@ -114,7 +114,7 @@ jobs:
 
       - name: Download artifacts
         if: ${{ inputs.artifact-id }}
-        uses: actions/download-artifact@v6
+        uses: actions/download-artifact@v7
         with:
           artifact-ids: ${{ inputs.artifact-id }}
           path: ${{ inputs.artifact-path }}

diff --git a/.github/workflows/shared-run-e2e.yml b/.github/workflows/shared-run-e2e.yml
@@ -233,7 +233,7 @@ jobs:
           cat ${{ github.workspace }}/durations.out.json
 
       - name: Upload test durations
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: "e2e-test-durations-${{ strategy.job-index }}"
           path: ${{ github.workspace }}/durations.out.json
@@ -249,7 +249,7 @@ jobs:
       - name: Upload test reports as an artifact
         # Should be run especially when tests fail
         if: always()
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: cypress-test-results-${{ strategy.job-index }}
           path: ${{ github.workspace }}/ctrf-report.json
@@ -275,7 +275,7 @@ jobs:
 
       - name: Upload test reports as an artifact
         if: always() && steps.copy_test_reports.outputs.test_reports_exist == 'true'
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: cypress-docker-reports-${{ strategy.job-index }}
           path: ${{ github.workspace }}/test-reports
@@ -287,7 +287,7 @@ jobs:
       - run_e2e_tests
     steps:
       - name: Download E2E Test Results
-        uses: actions/download-artifact@v6
+        uses: actions/download-artifact@v7
         continue-on-error: true
         with:
           pattern: cypress-test-results-*
@@ -319,7 +319,7 @@ jobs:
           ssh-key: ${{ secrets.jore4_ci_data_repo_ssh_key }}
 
       - name: Download E2E Test Durations
-        uses: actions/download-artifact@v6
+        uses: actions/download-artifact@v7
         with:
           pattern: e2e-test-durations-*
           path: ${{ github.workspace }}/split-durations

diff --git a/.github/workflows/shared-secret-scan.yml b/.github/workflows/shared-secret-scan.yml
@@ -43,7 +43,7 @@ jobs:
           fetch-depth: 0
 
       - name: Secret Scanning
-        uses: trufflesecurity/trufflehog@05cccb53bc9e13bc6d17997db5a6bcc3df44bf2f # v3.92.3
+        uses: trufflesecurity/trufflehog@ef6e76c3c4023279497fab4721ffa071a722fd05 # v3.92.4
         with:
           extra_args: --results=verified,unverified,unknown --exclude-detectors=AWS
 
@@ -62,7 +62,7 @@ jobs:
     steps:
       - name: Send ${{ matrix.alert_type }} alert
         if: matrix.enabled
-        uses: dawidd6/action-send-mail@6d98ae34d733f9a723a9e04e94f2f24ba05e1402 # v6
+        uses: dawidd6/action-send-mail@6e71c855c9a091d80a519621b9fd3e8d252ca40c # v7
         with:
           server_address: smtp.gmail.com
           server_port: 465

diff --git a/github-actions/setup-e2e-environment/action.yml b/github-actions/setup-e2e-environment/action.yml
@@ -114,7 +114,7 @@ runs:
 
     - name: Download docker-compose bundle from GHA artifact
       if: ${{ inputs.docker_compose_bundle_gha_artifact }}
-      uses: actions/download-artifact@v6
+      uses: actions/download-artifact@v7
       with:
         name: jore4-docker-compose-bundle
         path: ${{ github.workspace }}/docker