Skip to content

Upgrade GitHub Actions for Node 24 compatibility#42979

Closed
salmanmkc wants to merge 1 commit intoservo:mainfrom
salmanmkc:upgrade-github-actions-node24
Closed

Upgrade GitHub Actions for Node 24 compatibility#42979
salmanmkc wants to merge 1 commit intoservo:mainfrom
salmanmkc:upgrade-github-actions-node24

Conversation

@salmanmkc
Copy link

@salmanmkc salmanmkc commented Mar 3, 2026

Summary

Upgrade GitHub Actions to their latest versions to ensure compatibility with Node 24, as Node 20 will reach end-of-life in April 2026.

Changes

Action Old Version(s) New Version Release Files
actions/checkout v5 v6 Release android.yml, docs.yml, linux-wpt.yml, linux.yml, mac-arm64.yml, mac-wpt.yml, mac.yml, main.yml, ohos.yml, pull-request-wpt-export.yml, scheduled-wpt-import.yml, try-label.yml, try.yml, windows.yml
actions/download-artifact v4, v7 v8 Release bencher.yml, linux-wpt.yml, mac-wpt.yml, ohos.yml, scheduled-wpt-import.yml, upload_release.yml
actions/github-script v7 v8 Release try-label.yml, try.yml
actions/setup-java v4 v5 Release android.yml
actions/setup-node v4 v6 Release ohos.yml
actions/upload-artifact v6 v7 Release android.yml, linux-wpt.yml, linux.yml, mac-arm64.yml, mac-wpt.yml, mac.yml, ohos.yml, windows.yml

Context

Per GitHub's announcement, Node 20 is being deprecated and runners will begin using Node 24 by default starting June 2nd, 2026.

Why this matters

  • Node 20 EOL: April 2026
  • Node 24 default: June 2nd, 2026
  • Action: Update to latest action versions that support Node 24

⚠️ Breaking Changes

  • actions/checkout (v5 → v6): Major version upgrade — review the release notes for breaking changes
  • actions/setup-java (v4 → v5): Major version upgrade — review the release notes for breaking changes
  • actions/upload-artifact (v6 → v7): Major version upgrade — review the release notes for breaking changes
  • actions/download-artifact (v4 → v8): Major version upgrade — review the release notes for breaking changes
  • actions/setup-node (v4 → v6): Major version upgrade — review the release notes for breaking changes
    • ⚠️ Input always-auth was removed — if your workflow uses it, the step may fail
  • actions/github-script (v7 → v8): Major version upgrade — review the release notes for breaking changes

Security Note

Actions that were previously pinned to commit SHAs remain pinned to SHAs (updated to the latest release SHA) to maintain the security benefits of immutable references.

Testing

These changes only affect CI/CD workflow configurations and should not impact application functionality. The workflows should be tested by running them on a branch before merging.

@salmanmkc
Upgrade GitHub Actions for Node 24 compatibility
26ce3ab 
Signed-off-by: Salman Muin Kayser Chishti <[email protected]>
@salmanmkc salmanmkc requested a review from sagudev as a code owner March 3, 2026 09:19
@servo-highfive servo-highfive added the S-awaiting-review There is new code that needs to be reviewed. label Mar 3, 2026
@mrobinson
Copy link
Member

mrobinson commented Mar 3, 2026

@salmanmkc Was this change or the PR description made with a large language model?

@sagudev sagudev mentioned this pull request Mar 3, 2026
Merged
@sagudev
Copy link
Member

sagudev commented Mar 3, 2026

I think this needs servo/ci-runners#115 before landing.

@delan
Copy link
Member

delan commented Mar 4, 2026

please read our AI contributions policy before contributing.

@delan delan closed this Mar 4, 2026
delan pushed a commit to servo/ci-runners that referenced this pull request Mar 4, 2026
@sagudev
Update GHA runner 2.330.0 -> 2.332.0 (#115)
fd64f0a 
We will need this for stuff like
servo/servo#42979 (I want nonzipped artifacts).

Signed-off-by: Sam <[email protected]>
@salmanmkc
Copy link
Author

salmanmkc commented Mar 7, 2026
edited
Loading

please read our AI contributions policy before contributing.

I believe there may have been a misunderstanding here. This PR was not generated using AI.

I worked on the Node 24 migration for GitHub Actions, and many of the updates referenced here are from work I contributed upstream. For example:

  1. Runner Support for executing Node24 Actions actions/runner#3940
  2. Node 20 -> Node 24 migration feature flagging, opt-in and opt-out environment variables actions/runner#3948
  3. Add Node.js 20 deprecation warning annotation (Phase 1) actions/runner#4242

I contributed to all the actions I listed in this PR. Here's some of the PRs (there's like 50 but the necessary ones for the actions above):

  1. Update actions checkout to use node 24 actions/checkout#2226
  2. Download Artifact Node24 support actions/download-artifact#415
  3. Update Node.js version support to 24.x actions/github-script#637
  4. Upgrade to node 24 actions/setup-java#888
  5. Upgrade @actions/cache to v5 actions/setup-java#968
  6. Upgrade action to use node24 actions/setup-node#1325
  7. Bump @actions/cache to v5.0.1 actions/setup-node#1449
  8. Upload Artifact Node 24 support actions/upload-artifact#719
  9. fix: update @actions/artifact for Node.js 24 punycode deprecation actions/upload-artifact#744

And for example my releases of node 24 actions:

  1. Checkout: https://github.com/actions/checkout/releases/tag/v5.0.0
  2. Upload-artifact: https://github.com/actions/upload-artifact/releases/tag/v6
  3. Download-artifact: https://github.com/actions/download-artifact/releases/tag/v7

@mrobinson @sagudev @delan can it be reopened? Even if it was AI made, which it is indeed not (I don't know how @delan you made that conclusion), I think this is an important update. Hopefully this helps clarify the provenance of the changes. I’d also recommend taking a look at the blog post linked in the PR description, which explains the migration in more detail.

Soon we will start showing a warning annotation in workflows that run actions that aren't on node 24 (mentioned in the blog post).

@salmanmkc
Copy link
Author

salmanmkc commented Mar 7, 2026
edited
Loading

In-fact the PR you approved & merged in to upgrade the runner to 2.332.0 was the release I did last week actions/runner#4264

@webbeef
Copy link
Contributor

webbeef commented Mar 7, 2026

I believe there may have been a misunderstanding here. This PR was not generated using AI.

The question from @mrobinson was:

Was this change or the PR description made with a large language model?

And that is a legitimate question because the PR description has telling signs of a LLM output. Maybe it's just copy/paste you use in various projects? The security note is suspicious since it talks about pinned commits that are kept as such but there are no pinned commits in Servo CI if I understand the PR itself, only version updates.

@salmanmkc
Copy link
Author

salmanmkc commented Mar 7, 2026
edited
Loading

I believe there may have been a misunderstanding here. This PR was not generated using AI.

The question from @mrobinson was:

Was this change or the PR description made with a large language model?

And that is a legitimate question because the PR description has telling signs of a LLM output. Maybe it's just copy/paste you use in various projects? The security note is suspicious since it talks about pinned commits that are kept as such but there are no pinned commits in Servo CI if I understand the PR itself, only version updates.

I template my PRs to have that note about pinned versions. I wasn't talking about the question, I was responding to the fact that it was closed before I even answered the question and was told to read the AI contributions policy. What's telling of AI?

@delan
Copy link
Member

delan commented Mar 7, 2026

Why this matters

  • Node 20 EOL: April 2026

  • Node 24 default: June 2nd, 2026

  • Action: Update to latest action versions that support Node 24

⚠️ Breaking Changes

Testing

These changes only affect CI/CD workflow configurations and should not impact application functionality.

the description reads to me like LLM output, especially these parts. it's unusually verbose and full of headings, it restates things that are clear from the changes (like the "Files" column), the "why this matters" list has three disparate facts that do not make sense to be formatted as a list, i could go on.

but i can see how a human might write this, especially if you wanted something detailed enough to paste into patches to many projects without requiring too many questions from maintainers. i'll leave it to other maintainers to decide whether to reopen.

@salmanmkc
Copy link
Author

salmanmkc commented Mar 11, 2026

Ok no worries at all, the warnings for node 20 are already showing up in all workflows, so whenever you feel like that should be addressed, then this PR is ready.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sagudev sagudev Awaiting requested review from sagudev sagudev is a code owner

Assignees

No one assigned

Labels

S-awaiting-review There is new code that needs to be reviewed.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@salmanmkc @mrobinson @sagudev @delan @webbeef @servo-highfive