chore(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 [skip ci]

mergify[bot] · web-flow · commit 3e2c1d8a3b13 · 2025-10-26T10:27:30.000Z
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5.0.0 to 6.0.0. Release notes *Sourced from [actions/download-artifact's releases](https://github.com/actions/download-artifact/releases).* > v6.0.0 > ------ > > What's Changed > -------------- > > **BREAKING CHANGE:** this update supports Node `v24.x`. This is not a breaking change per-se but we're treating it as such. > > * Update README for download-artifact v5 changes by [`@​yacaovsnc`](https://github.com/yacaovsnc) in [actions/download-artifact#417](https://redirect.github.com/actions/download-artifact/pull/417) > * Update README with artifact extraction details by [`@​yacaovsnc`](https://github.com/yacaovsnc) in [actions/download-artifact#424](https://redirect.github.com/actions/download-artifact/pull/424) > * Readme: spell out the first use of GHES by [`@​danwkennedy`](https://github.com/danwkennedy) in [actions/download-artifact#431](https://redirect.github.com/actions/download-artifact/pull/431) > * Bump `@actions/artifact` to `v4.0.0` > * Prepare `v6.0.0` by [`@​danwkennedy`](https://github.com/danwkennedy) in [actions/download-artifact#438](https://redirect.github.com/actions/download-artifact/pull/438) > > New Contributors > ---------------- > > * [`@​danwkennedy`](https://github.com/danwkennedy) made their first contribution in [actions/download-artifact#431](https://redirect.github.com/actions/download-artifact/pull/431) > > **Full Changelog**: <actions/download-artifact@v5...v6.0.0> Commits * [`018cc2c`](actions/download-artifact@018cc2c) Merge pull request [#438](https://redirect.github.com/actions/download-artifact/issues/438) from actions/danwkennedy/prepare-6.0.0 * [`815651c`](actions/download-artifact@815651c) Revert "Remove `github.dep.yml`" * [`bb3a066`](actions/download-artifact@bb3a066) Remove `github.dep.yml` * [`fa1ce46`](actions/download-artifact@fa1ce46) Prepare `v6.0.0` * [`4a24838`](actions/download-artifact@4a24838) Merge pull request [#431](https://redirect.github.com/actions/download-artifact/issues/431) from danwkennedy/patch-1 * [`5e3251c`](actions/download-artifact@5e3251c) Readme: spell out the first use of GHES * [`abefc31`](actions/download-artifact@abefc31) Merge pull request [#424](https://redirect.github.com/actions/download-artifact/issues/424) from actions/yacaovsnc/update\_readme * [`ac43a60`](actions/download-artifact@ac43a60) Update README with artifact extraction details * [`de96f46`](actions/download-artifact@de96f46) Merge pull request [#417](https://redirect.github.com/actions/download-artifact/issues/417) from actions/yacaovsnc/update\_readme * [`7993cb4`](actions/download-artifact@7993cb4) Remove migration guide for artifact download changes * Additional commits viewable in [compare view](actions/download-artifact@634f93c...018cc2c) [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility\_score?dependency-name=actions/download-artifact&package-manager=github\_actions&previous-version=5.0.0&new-version=6.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
diff --git a/.github/workflows/mvn-test.yml b/.github/workflows/mvn-test.yml
@@ -416,19 +416,19 @@ jobs:
     if: success() || failure()
     steps:
       - name: Download unit test coverage reports
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
         with:
           name: unit-coverage-reports
           path: unit-coverage
 
       - name: Download unit test coverage reports
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
         with:
           name: slow-unit-coverage-reports
           path: slow-unit-coverage
 
       - name: Download integration test coverage reports
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
         with:
           name: integration-coverage-reports
           path: integration-coverage
