ci(deps): bump actions/upload-artifact from 4 to 7

dependabot[bot] · web-flow · commit 2da0eab9f299 · 2026-03-03T17:14:03.000Z
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -47,7 +47,7 @@ jobs:
           output: codeql-sarif
 
       - name: Upload CodeQL results artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v7
         with:
           name: codeql-${{ matrix.language }}-results
           path: codeql-sarif
diff --git a/.github/workflows/pip-audit.yml b/.github/workflows/pip-audit.yml
@@ -76,7 +76,7 @@ jobs:
 
       - name: Upload pip-audit report
         if: always() && hashFiles('pip-audit.json') != ''
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v7
         with:
           name: pip-audit-report
           path: pip-audit.json
diff --git a/.github/workflows/regression-smoke.yml b/.github/workflows/regression-smoke.yml
@@ -55,7 +55,7 @@ jobs:
           fi
 
       - name: Upload artifact (JSONL + summary)
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: bifurcation-smoke-results
           path: |
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -165,7 +165,7 @@ jobs:
 
       - name: Upload validation logs
         if: ${{ always() && steps.qa.outcome != 'skipped' }}
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v7
         with:
           name: qa-validation-${{ needs.prepare.outputs.version }}
           path: artifacts/qa-validation.log
@@ -220,7 +220,7 @@ jobs:
 
       - name: Upload signed distributions
         if: ${{ always() && steps.build.outcome == 'success' }}
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v7
         with:
           name: tnfr-${{ needs.prepare.outputs.version }}-dist
           path: dist/*
diff --git a/.github/workflows/reproducibility.yml b/.github/workflows/reproducibility.yml
@@ -68,7 +68,7 @@ jobs:
 
       - name: Upload artifacts
         if: always()
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v7
         with:
           name: reproducibility-artifacts
           path: artifacts/
diff --git a/.github/workflows/sast-lint.yml b/.github/workflows/sast-lint.yml
@@ -51,7 +51,7 @@ jobs:
           category: bandit
 
       - name: Upload Bandit SARIF artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v7
         with:
           name: bandit-sarif
           path: bandit.sarif
@@ -111,7 +111,7 @@ jobs:
           category: semgrep
 
       - name: Upload Semgrep SARIF artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v7
         with:
           name: semgrep-sarif
           path: semgrep.sarif
