ci: bump deprecated GitHub Actions to Node 24 versions#3
Merged
Conversation
Resolves the Node 20 deprecation warning surfaced by every run since GitHub's 2025-09 announcement. From 2026-06-02 GitHub will force the Node 24 default on runners; pinning Node 20 actions past then needs an ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION opt-out, which we don't want. - actions/checkout@v4 → @v6 - actions/setup-node@v4 → @v6 - actions/setup-java@v4 → @v5 - android-actions/setup-android@v3 → @v4 All four major bumps ship the same input schema we use (node-version, distribution/java-version/cache, registry-url, fetch-depth) and are backward-compatible with our usage. Changeset added as patch so this also validates the full CI release pipeline end-to-end (Trusted Publishing OIDC + provenance attestation + tag creation under the new tag-protection ruleset). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Bumps the four GitHub Actions still bundled on Node 20 to their latest Node-24-supporting major versions. Resolves the deprecation warning surfaced by every recent run.
GitHub forces the Node 24 default on 2026-06-02. Pinning Node 20 actions past then requires opting in via
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION, which we don't want.Changes
actions/checkoutactions/setup-nodeactions/setup-javaandroid-actions/setup-androidAll four use the same input schema we already pass (
node-version,distribution/java-version/cache,registry-url,fetch-depth) — fully backward-compatible.Applied to both
.github/workflows/ci.ymland.github/workflows/release.yml.Secondary goal: end-to-end CI pipeline validation
Changeset included as a patch bump. After merge:
changesets/action@v1auto-opens a "Version Packages" PR bumping all 4 publishable packages to 0.1.2release.ymlscripts/publish.shpublishes 0.1.2 via Trusted Publishing OIDC (noNPM_TOKENneeded for auth, only as fallback)@inoxth/*tag ruleset, immutable from here onThis validates everything we set up after 0.1.1 actually works.
Verification post-merge
npm view @inoxth/react-native-edot-sdk version→0.1.2@inoxth/react-native-edot-{shared,sdk,navigation,tracer-provider}@0.1.2git fetch --tagsrelease.ymlrun is greenFollow-up after this PR + Version PR ship
NPM_TOKENandNODE_AUTH_TOKENfromrelease.ymlenv block + delete the GitHub secret (TP makes them unnecessary)🤖 Generated with Claude Code