chore(deps): bump actions/download-artifact from 5 to 6

[dependabot]

Bumps actions/download-artifact from 5 to 6.

Release notes

Sourced from actions/download-artifact's releases.

v6.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

• Update README for download-artifact v5 changes by @​yacaovsnc in actions/download-artifact#417
• Update README with artifact extraction details by @​yacaovsnc in actions/download-artifact#424
• Readme: spell out the first use of GHES by @​danwkennedy in actions/download-artifact#431
• Bump @actions/artifact to v4.0.0
• Prepare v6.0.0 by @​danwkennedy in actions/download-artifact#438

New Contributors

• @​danwkennedy made their first contribution in actions/download-artifact#431

Full Changelog: actions/download-artifact@v5...v6.0.0

Commits

• 018cc2c Merge pull request #438 from actions/danwkennedy/prepare-6.0.0
• 815651c Revert "Remove github.dep.yml"
• bb3a066 Remove github.dep.yml
• fa1ce46 Prepare v6.0.0
• 4a24838 Merge pull request #431 from danwkennedy/patch-1
• 5e3251c Readme: spell out the first use of GHES
• abefc31 Merge pull request #424 from actions/yacaovsnc/update_readme
• ac43a60 Update README with artifact extraction details
• de96f46 Merge pull request #417 from actions/yacaovsnc/update_readme
• 7993cb4 Remove migration guide for artifact download changes
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated GitHub Actions workflow dependencies for build and deployment processes to use the latest artifact download action version, ensuring compatibility with current infrastructure standards.

[coderabbitai]

Walkthrough

GitHub Actions workflows are updated to upgrade the actions/download-artifact action from version 5 to version 6 across two files. The docker.yml workflow updates two artifact download steps, while forest.yml updates all occurrences across multiple jobs and steps.

Changes

Cohort / File(s)	Summary
Version upgrade of artifact download action .github/workflows/docker.yml, .github/workflows/forest.yml	Bumped actions/download-artifact from v5 to v6 in all artifact retrieval steps. No functional logic changes; control flow remains identical.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

• Straightforward version bumps with no logic modifications
• Homogeneous changes across two files
• No control flow or dependency interaction changes

Possibly related PRs

• chore(deps): bump actions/download-artifact from 4 to 5 #6044 — Previous version bump of the same action (v4→v5) in the same workflows
• chore(deps): bump actions/download-artifact from 4 to 5 #5950 — Related update to actions/download-artifact across docker.yml and forest.yml

Suggested reviewers

• hanabi1224
• LesnyRumcajs
• akaladarshi

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The pull request title "chore(deps): bump actions/download-artifact from 5 to 6" directly and precisely describes the main change in the changeset. The raw summary confirms that both modified workflow files (.github/workflows/docker.yml and .github/workflows/forest.yml) were updated to upgrade the actions/download-artifact GitHub Action from version 5 to version 6. The title is concise, specific, uses conventional commit format, avoids vague language or noise, and clearly communicates the primary change in a way that would be immediately understandable to a developer reviewing the project history.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dependabot/github_actions/actions/download-artifact-6

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 23ec1e5 and 5516d89.

📒 Files selected for processing (2)

• .github/workflows/docker.yml (1 hunks)
• .github/workflows/forest.yml (19 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)

• GitHub Check: Build forest binaries on Linux AMD64
• GitHub Check: All lint checks
• GitHub Check: tests
• GitHub Check: tests-release
• GitHub Check: Build MacOS
• GitHub Check: Build Ubuntu
• GitHub Check: cargo-publish-dry-run

🔇 Additional comments (3)

.github/workflows/docker.yml (1)

139-149: Straightforward action version upgrade.

The actions/download-artifact action is cleanly upgraded from v5 to v6 with no configuration changes needed. All artifact paths and names remain consistent.

Verify that the updated workflow successfully retrieves and uses the artifacts in the Docker build step. You can monitor the next workflow run or trigger a test run to ensure v6 behaves identically to v5 in your CI environment.

.github/workflows/forest.yml (2)

128-220: Comprehensive and consistent action version upgrade across all jobs.

All 14 instances of actions/download-artifact are updated from v5 to v6. The artifact retrieval configuration remains unchanged, and the version bump should be transparent to the workflow logic.

Run the complete integration test suite to confirm all artifact downloads succeed with v6 and that subsequent test steps execute correctly.

---

150-157: Verify intentional duplicate artifact downloads.

Several jobs contain duplicate actions/download-artifact steps that download the same artifact to the same path (e.g., lines 150 & 154 in calibnet-check, lines 187 & 190 in calibnet-stateless-rpc-check). While this is not a blocker, confirm these are intentional and serve a purpose (such as retrying on failure or supporting a specific script requirement).

Also applies to: 187-190, 213-216, 396-399, 422-425

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[LesnyRumcajs]

The checks seemed to have failed to slow download speed of proofs from CF. I re-triggered them.