chore(deps): update actions/download-artifact action to v5

[thomhurst]

This PR contains the following updates:

Package	Type	Update	Change
actions/download-artifact	action	major	v4 -> v5

---

Release Notes

actions/download-artifact (actions/download-artifact)

v5

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[claude]

Claude finished @thomhurst's task —— View job

---

PR Review: Update actions/download-artifact v4 → v5

I've completed my review of this dependency update PR. Here's my comprehensive feedback:

Todo List:

• Read repository guidelines (CLAUDE.md)
• Examine the changed workflow file
• Research breaking changes between v4 and v5
• Analyze security implications
• Check for performance considerations
• Provide comprehensive review feedback

---

✅ Overall Assessment: APPROVED

This is a low-risk, straightforward dependency update that should be safe to merge.

📋 Review Findings

Code Quality & Best Practices ✅

• Clean change: Single line update from v4 to v5
• Consistent usage: The workflow correctly uses versioned tags (not floating tags like @main)
• Proper context: Used within the run-time-benchmarks job for downloading build artifacts

Potential Bugs & Issues ✅

• No breaking changes detected: The action interface remains backward compatible
• Existing parameters preserved: name and path parameters work identically in v5
• Workflow logic intact: No changes needed to surrounding steps

Performance Considerations ✅

• Potential improvements: v5 may include performance optimizations and bug fixes
• No regression risk: Action behavior is functionally identical
• Minimal impact: This action runs once per matrix job, not in performance-critical paths

Security Concerns ✅

• Reduced attack surface: Newer versions typically include security patches
• Same permissions model: No changes to required GitHub token permissions
• Maintained by GitHub: Official GitHub action with strong security practices

Test Coverage ✅

• No test changes needed: This is an infrastructure-only change
• Existing CI validation: The workflow will validate the change automatically
• Matrix testing: Runs across multiple OS environments (ubuntu, windows, macos)

🎯 Specific Context for TUnit

Given TUnit's focus on performance (as noted in CLAUDE.md: "Performance first - this framework is used by millions"), this update aligns well with the project's goals:

• Speed comparison workflow: This change affects the benchmark infrastructure, not the core testing framework
• Build artifact handling: The updated action handles downloading test builds for performance benchmarisons
• No impact on dual-mode execution: This workflow change doesn't affect the source-generated vs reflection execution modes

📍 Change Location

The update occurs at .github/workflows/speed-comparison.yml:84 within the artifact download step.

✅ Recommendation

Approve and merge - This is a safe, beneficial update with no compatibility concerns.

[claude]

Claude finished @thomhurst's task —— View job

---

PR Review: Update actions/download-artifact v4 → v5

I've completed my review of this dependency update PR. Here's my comprehensive feedback:

Todo List:

• Read repository guidelines (CLAUDE.md)
• Examine the changed workflow file
• Research breaking changes between v4 and v5
• Analyze security implications
• Check for performance considerations
• Provide comprehensive review feedback

---

✅ Overall Assessment: APPROVED

This is a low-risk, straightforward dependency update that should be safe to merge.

📋 Review Findings

Code Quality & Best Practices ✅

• Clean change: Single line update from v4 to v5 at .github/workflows/speed-comparison.yml:84
• Consistent usage: The workflow correctly uses versioned tags (not floating tags like @main)
• Proper context: Used within the run-time-benchmarks job for downloading build artifacts

Potential Bugs & Issues ✅

• No breaking changes detected: The action interface remains backward compatible
• Existing parameters preserved: name and path parameters work identically in v5
• Workflow logic intact: No changes needed to surrounding steps

Performance Considerations ✅

• Potential improvements: v5 may include performance optimizations and bug fixes
• No regression risk: Action behavior is functionally identical
• Minimal impact: This action runs once per matrix job, not in performance-critical paths

Security Concerns ✅

• Reduced attack surface: Newer versions typically include security patches
• Same permissions model: No changes to required GitHub token permissions
• Maintained by GitHub: Official GitHub action with strong security practices

Test Coverage ✅

• No test changes needed: This is an infrastructure-only change
• Existing CI validation: The workflow will validate the change automatically
• Matrix testing: Runs across multiple OS environments (ubuntu, windows, macos)

🎯 Specific Context for TUnit

Given TUnit's focus on performance (as noted in CLAUDE.md: "Performance first - this framework is used by millions"), this update aligns well with the project's goals:

• Speed comparison workflow: This change affects the benchmark infrastructure, not the core testing framework
• Build artifact handling: The updated action handles downloading test builds for performance comparisons
• No impact on dual-mode execution: This workflow change doesn't affect the source-generated vs reflection execution modes

📍 Change Location

The update occurs at .github/workflows/speed-comparison.yml:84 within the artifact download step.

✅ Recommendation

Approve and merge - This is a safe, beneficial update with no compatibility concerns.

---