[bug](node:1591) [DEP0005] DeprecationWarning:

[pinakighatak]

What happened?

using @v4 creates the following warning:

(node:1591) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead. (Use ``node --trace-deprecation ...`` to show where the warning was created)

What did you expect to happen?

if this is nodejs issue, it should be upgraded, to avoid issues.

How can we reproduce it?

use this as normal, and it shows the error. I used it like this:

- name: Download Artifacts
  uses: actions/download-artifact@v4
  with:
    name: ${{github.run_number}}
    path: ${{github.run_number}}

Anything else we need to know?

Running on ubuntu-latest

What version of the action are you using?

v4

What are your runner environments?

linux

Are you on GitHub Enterprise Server? If so, what version?

No response

[alex-pope-l3]

We get the same deprecation warning: DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead. Also using download-artifact@v4 and Ubuntu.

[rtrad89]

Same with actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e (v4.1.7)

[AndrewQuijano]

I can report I still see this issue, please let me know which version would have this warning removed, especially since it seems v2 and v3 will be deprecated soon.

[mashail]

This could happen if the same file exists in the machine in the same path as the aciotion can not overwrite it. I had the same issue and it was due to the files exists with same name and path

[jamiehankins]

I don't think it involves whether a file exists or not. We get it when we download an artifact that uploaded from a different job and even a different OS.

It works, it just displays this message which leads us to believe that something needs to be done.

Redirecting to blob download url: https://productionresultssa12.blob.core.windows.net/actions-results/c56864ed-55b2-4207-9a4c-9b7810c1f02a/workflow-job-run-ca395085-040a-526b-2ce8-bdc85f692774/artifacts/1779d1632f1f8edae103c076a51bc89dea306781e7a6308f4f7ba9369c85aa9f.zip
Starting download of artifact to: /home/runner/work/Yubico.Production.SDK/Yubico.Production.SDK/Nuget Packages
(node:[14](https://github.com/Yubico/Yubico.Production.SDK/actions/runs/10395781172/job/28788653749#step:2:15)93) [DEP0005] DeprecationWarning: Buffer() is deprecated due to security and usability issues. Please use the Buffer.alloc(), Buffer.allocUnsafe(), or Buffer.from() methods instead.
(Use `node --trace-deprecation ...` to show where the warning was created)

The workflow uses this:

- name: Download NuGet package artifacts
  uses: actions/download-artifact@v4

[larmitage-bjss]

I think it's the same as this issue in actions/toolkit: https://github.com/actions/toolkit/issues/1618 The solution there was to upgrade archiver from 5.3.2 to ^7.0.1 I can see from a license file that this action seems to still be using 5.3.2 but I can't see where to update it as it's not in the package.json file

[polarathene]

I can see from a license file that this action seems to still be using 5.3.2 but I can't see where to update it as it's not in the package.json file

It seems the 4.1.8 release wasn't handled properly, you'll notice the package.json and package-lock.json are still referring to version 4.1.7 too, like the license reference you have for archiver dep.

Yet the action states it's using the 4.1.8 release commit which should include the change, but I'm not familiar with how that's handled it so perhaps it's still technically the 4.1.7 release 🤷‍♂️

https://github.com/actions/download-artifact/pull/341#issuecomment-2392964521