Add proxy integration test

prepare release v6.0.0 for Node.js 24 support

.github/workflows/test-proxy.yml

@@ -0,0 +1,114 @@
+name: Test Proxy
+
+on:
+  push:
+    branches:
+      - main
+    paths-ignore:
+      - '**.md'
+  pull_request:
+    paths-ignore:
+      - '**.md'
+
+permissions:
+  contents: read
+
+jobs:
+  # End to end upload with proxy
+  test-proxy-upload:
+    runs-on: ubuntu-latest
+    container:
+      image: ubuntu:latest
+      options: --cap-add=NET_ADMIN
+    services:
+      squid-proxy:
+        image: ubuntu/squid:latest
+        ports:
+          - 3128:3128
+    env:
+      http_proxy: http://squid-proxy:3128
+      https_proxy: http://squid-proxy:3128
+    steps:
+    - name: Wait for proxy to be ready
+      shell: bash
+      run: |
+        echo "Waiting for squid proxy to be ready..."
+        echo "Resolving squid-proxy hostname:"
+        getent hosts squid-proxy || echo "DNS resolution failed"
+        for i in $(seq 1 30); do
+          if (echo > /dev/tcp/squid-proxy/3128) 2>/dev/null; then
+            echo "Proxy is ready!"
+            exit 0
+          fi
+          echo "Attempt $i: Proxy not ready, waiting..."
+          sleep 2
+        done
+        echo "Proxy failed to become ready"
+        exit 1
+      env:
+        http_proxy: ""
+        https_proxy: ""
+    - name: Install dependencies
+      run: |
+        apt-get update
+        apt-get install -y iptables curl
+    - name: Verify proxy is working
+      run: |
+        echo "Testing proxy connectivity..."
+        curl -s -o /dev/null -w "%{http_code}" --proxy http://squid-proxy:3128 http://github.com || true
+        echo "Proxy verification complete"
+    - name: Block direct traffic (enforce proxy usage)
+      run: |
+        # Get the squid-proxy container IP
+        PROXY_IP=$(getent hosts squid-proxy | awk '{ print $1 }')
+        echo "Proxy IP: $PROXY_IP"
+        
+        # Allow loopback traffic
+        iptables -A OUTPUT -o lo -j ACCEPT
+        
+        # Allow traffic to the proxy container
+        iptables -A OUTPUT -d $PROXY_IP -j ACCEPT
+        
+        # Allow established connections
+        iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
+        
+        # Allow DNS (needed for initial resolution)
+        iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
+        iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT
+        
+        # Block all other outbound traffic (HTTP/HTTPS)
+        iptables -A OUTPUT -p tcp --dport 80 -j REJECT
+        iptables -A OUTPUT -p tcp --dport 443 -j REJECT
+        
+        # Log the iptables rules for debugging
+        iptables -L -v -n
+    - name: Verify direct HTTPS is blocked
+      run: |
+        echo "Testing that direct HTTPS requests fail..."
+        if curl --noproxy '*' -s --connect-timeout 5 https://github.com > /dev/null 2>&1; then
+          echo "ERROR: Direct HTTPS request succeeded - blocking is not working!"
+          exit 1
+        else
+          echo "SUCCESS: Direct HTTPS request was blocked as expected"
+        fi
+        
+        echo "Testing that HTTPS through proxy succeeds..."
+        if curl --proxy http://squid-proxy:3128 -s --connect-timeout 10 https://github.com > /dev/null 2>&1; then
+          echo "SUCCESS: HTTPS request through proxy succeeded"
+        else
+          echo "ERROR: HTTPS request through proxy failed!"
+          exit 1
+        fi
+    - name: Checkout
+      uses: actions/checkout@v4
+    - name: Create artifact file
+      run: |
+        mkdir -p test-artifacts
+        echo "Proxy test artifact - $GITHUB_RUN_ID" > test-artifacts/proxy-test.txt
+        echo "Random data: $RANDOM $RANDOM $RANDOM" >> test-artifacts/proxy-test.txt
+        cat test-artifacts/proxy-test.txt
+    - name: Upload artifact through proxy
+      uses: ./
+      with:
+        name: 'Proxy-Test-Artifact-${{ github.run_id }}'
+        path: test-artifacts/proxy-test.txt

README.md

@@ -11,6 +11,7 @@ Upload [Actions Artifacts](https://docs.github.com/en/actions/using-workflows/st
 See also [download-artifact](https://github.com/actions/download-artifact).
 
 - [`@actions/upload-artifact`](#actionsupload-artifact)
+  - [v6 - What's new](#v6---whats-new)
   - [v4 - What's new](#v4---whats-new)
     - [Improvements](#improvements)
     - [Breaking Changes](#breaking-changes)
@@ -38,6 +39,15 @@ See also [download-artifact](https://github.com/actions/download-artifact).
   - [Where does the upload go?](#where-does-the-upload-go)
 
 
+## v6 - What's new
+
+> [!IMPORTANT]
+> actions/upload-artifact@v6 now runs on Node.js 24 (`runs.using: node24`) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.
+
+### Node.js 24
+
+This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.
+
 ## v4 - What's new
 
 > [!IMPORTANT]

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "upload-artifact",
-  "version": "5.0.0",
+  "version": "6.0.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "upload-artifact",
-      "version": "5.0.0",
+      "version": "6.0.0",
       "license": "MIT",
       "dependencies": {
         "@actions/artifact": "^5.0.0",
@@ -419,6 +419,7 @@
       "integrity": "sha512-e7jT4DxYvIDLk1ZHmU/m/mB19rex9sv0c2ftBtjSBv+kVM/902eh0fINUzD7UwLLNR+jU585GxUJ8/EBfAM5fw==",
       "dev": true,
       "license": "MIT",
+      "peer": true,
       "dependencies": {
         "@babel/code-frame": "^7.27.1",
         "@babel/generator": "^7.28.5",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "upload-artifact",
-  "version": "5.0.0",
+  "version": "6.0.0",
   "description": "Upload an Actions Artifact in a workflow run",
   "main": "dist/upload/index.js",
   "scripts": {