Commit 8cff2cd71aa for woocommerce
commit 8cff2cd71aa01c9a6afe7302a41a4d4f45a6736c
Author: Christopher Allford <6451942+ObliviousHarmony@users.noreply.github.com>
Date: Tue Jun 16 00:19:44 2026 -0700
Prevent Automatic GitHub Action Node 24 Upgrade (#65772)
diff --git a/.github/workflows/cherry-pick-milestoned-prs.yml b/.github/workflows/cherry-pick-milestoned-prs.yml
index ed06aad2ffb..71f85a6c34f 100644
--- a/.github/workflows/cherry-pick-milestoned-prs.yml
+++ b/.github/workflows/cherry-pick-milestoned-prs.yml
@@ -9,6 +9,7 @@ on:
branches: [trunk]
env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
GIT_COMMITTER_NAME: 'woocommercebot'
GIT_COMMITTER_EMAIL: 'woocommercebot@users.noreply.github.com'
GIT_AUTHOR_NAME: 'woocommercebot'
diff --git a/.github/workflows/cherry-pick-to-frozen.yml b/.github/workflows/cherry-pick-to-frozen.yml
index 0c496093364..2de376d9db7 100644
--- a/.github/workflows/cherry-pick-to-frozen.yml
+++ b/.github/workflows/cherry-pick-to-frozen.yml
@@ -10,6 +10,7 @@ on:
- 'release/*'
env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
GIT_COMMITTER_NAME: 'woocommercebot'
GIT_COMMITTER_EMAIL: 'woocommercebot@users.noreply.github.com'
GIT_AUTHOR_NAME: 'woocommercebot'
diff --git a/.github/workflows/cherry-pick-to-trunk.yml b/.github/workflows/cherry-pick-to-trunk.yml
index 605eba14a40..986ffa60f12 100644
--- a/.github/workflows/cherry-pick-to-trunk.yml
+++ b/.github/workflows/cherry-pick-to-trunk.yml
@@ -7,6 +7,7 @@ on:
- 'release/*'
env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
GIT_COMMITTER_NAME: 'woocommercebot'
GIT_COMMITTER_EMAIL: 'woocommercebot@users.noreply.github.com'
GIT_AUTHOR_NAME: 'woocommercebot'
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9e6a0534775..16d04d363fd 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -39,6 +39,7 @@ concurrency:
cancel-in-progress: true
env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
FORCE_COLOR: 1
jobs:
diff --git a/.github/workflows/create-trunk-snapshot-build.yml b/.github/workflows/create-trunk-snapshot-build.yml
index 591f52093dd..92195844999 100644
--- a/.github/workflows/create-trunk-snapshot-build.yml
+++ b/.github/workflows/create-trunk-snapshot-build.yml
@@ -3,6 +3,7 @@ on:
workflow_dispatch:
env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
SOURCE_REF: trunk
TARGET_REF: trunk-snapshot
RELEASE_ID: 256718410
diff --git a/.github/workflows/nightly-builds.yml b/.github/workflows/nightly-builds.yml
index 5d075e14ef4..3925549c3fb 100644
--- a/.github/workflows/nightly-builds.yml
+++ b/.github/workflows/nightly-builds.yml
@@ -5,6 +5,7 @@ on:
workflow_dispatch:
env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
SOURCE_REF: trunk
TARGET_REF: nightly
RELEASE_ID: 25945111
diff --git a/.github/workflows/pull-request-post-merge-processing.yml b/.github/workflows/pull-request-post-merge-processing.yml
index 8d2d32ee3e9..8c4610c46f1 100644
--- a/.github/workflows/pull-request-post-merge-processing.yml
+++ b/.github/workflows/pull-request-post-merge-processing.yml
@@ -9,6 +9,9 @@ on:
permissions: {}
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
process-pull-request-after-merge:
name: "Process a pull request after it's merged"
diff --git a/.github/workflows/release-assignment.yml b/.github/workflows/release-assignment.yml
index fcfe7966b47..f04d2980873 100644
--- a/.github/workflows/release-assignment.yml
+++ b/.github/workflows/release-assignment.yml
@@ -8,6 +8,9 @@ permissions:
contents: read
issues: read
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
check-upcoming-release-events:
name: Check for upcoming release events
diff --git a/.github/workflows/release-build-zip-file.yml b/.github/workflows/release-build-zip-file.yml
index 74c742fd8ea..9413a2ad680 100644
--- a/.github/workflows/release-build-zip-file.yml
+++ b/.github/workflows/release-build-zip-file.yml
@@ -37,6 +37,9 @@ permissions: {}
concurrency:
group: release-build-zip-file-${{ inputs.branch }}-${{ ( inputs.create_github_release == true && 'with-release' ) || github.run_id }}
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
verify:
name: 'Pre-build verification'
diff --git a/.github/workflows/release-bump-version.yml b/.github/workflows/release-bump-version.yml
index 2717a8fc24b..145b30283f8 100644
--- a/.github/workflows/release-bump-version.yml
+++ b/.github/workflows/release-bump-version.yml
@@ -35,6 +35,9 @@ permissions:
concurrency:
group: release-bump-version-${{ inputs.branch }}
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
bump-version:
name: Bump WooCommerce Version
diff --git a/.github/workflows/release-cfe-prr-issue-validation.yml b/.github/workflows/release-cfe-prr-issue-validation.yml
index d50be26194f..6bd431eba03 100644
--- a/.github/workflows/release-cfe-prr-issue-validation.yml
+++ b/.github/workflows/release-cfe-prr-issue-validation.yml
@@ -5,6 +5,9 @@ on:
permissions: {}
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
prep:
if: github.event.label.name == 'code freeze exception' || github.event.label.name == 'point release request' || github.event.label.name == 'Approved' || github.event.label.name == 'Rejected'
diff --git a/.github/workflows/release-cherry-pick-pr-check-conflicts.yml b/.github/workflows/release-cherry-pick-pr-check-conflicts.yml
index ce6b907f7fe..d1aaabc9101 100644
--- a/.github/workflows/release-cherry-pick-pr-check-conflicts.yml
+++ b/.github/workflows/release-cherry-pick-pr-check-conflicts.yml
@@ -15,6 +15,9 @@ permissions:
contents: read
pull-requests: read
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
check-conflicts-label:
name: Check for conflicts label
diff --git a/.github/workflows/release-code-freeze.yml b/.github/workflows/release-code-freeze.yml
index 49afbbc4734..e43c9551b08 100644
--- a/.github/workflows/release-code-freeze.yml
+++ b/.github/workflows/release-code-freeze.yml
@@ -13,6 +13,7 @@ concurrency:
group: release-feature-freeze
env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
GIT_COMMITTER_NAME: 'WooCommerce Bot'
GIT_COMMITTER_EMAIL: 'no-reply@woocommerce.com'
GIT_AUTHOR_NAME: 'WooCommerce Bot'
diff --git a/.github/workflows/release-commits-and-contributors.yml b/.github/workflows/release-commits-and-contributors.yml
index 57ef939f197..990cc6d00f8 100644
--- a/.github/workflows/release-commits-and-contributors.yml
+++ b/.github/workflows/release-commits-and-contributors.yml
@@ -13,6 +13,9 @@ on:
required: true
description: 'The release version (in X.Y or X.Y.Z-beta.N formats) to generate the release summary for.'
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
extract-versions:
name: Extract release current and previous versions
diff --git a/.github/workflows/release-compile-changelog.yml b/.github/workflows/release-compile-changelog.yml
index 9d0a891089d..83728a5e73b 100644
--- a/.github/workflows/release-compile-changelog.yml
+++ b/.github/workflows/release-compile-changelog.yml
@@ -23,6 +23,7 @@ concurrency:
group: release-compile-changelog-${{ inputs.version }}
env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
GIT_COMMITTER_NAME: 'woocommercebot'
GIT_COMMITTER_EMAIL: 'woocommercebot@users.noreply.github.com'
GIT_AUTHOR_NAME: 'woocommercebot'
diff --git a/.github/workflows/release-create-tracking-issue.yml b/.github/workflows/release-create-tracking-issue.yml
index ddbf94be940..ecb2e13b6e2 100644
--- a/.github/workflows/release-create-tracking-issue.yml
+++ b/.github/workflows/release-create-tracking-issue.yml
@@ -37,6 +37,9 @@ permissions:
contents: read
issues: read
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
create-tracking-issue:
name: Create Release Tracking Issue
diff --git a/.github/workflows/release-feature-highlights-notification.yml b/.github/workflows/release-feature-highlights-notification.yml
index 20dd9d65527..772ae66c6f1 100644
--- a/.github/workflows/release-feature-highlights-notification.yml
+++ b/.github/workflows/release-feature-highlights-notification.yml
@@ -4,6 +4,9 @@ on:
- cron: '0 9 * * *' # Every day at 9 AM UTC
workflow_dispatch:
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
check-feature-freeze:
runs-on: ubuntu-latest
diff --git a/.github/workflows/release-new-release-published.yml b/.github/workflows/release-new-release-published.yml
index 5c01a377467..d3a85568c8e 100644
--- a/.github/workflows/release-new-release-published.yml
+++ b/.github/workflows/release-new-release-published.yml
@@ -7,6 +7,9 @@ on:
required: true
type: string
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
# Jobs to run after a pre-release is published (triggered by the "prereleased" GH event).
generate-release-commits-and-contributors:
diff --git a/.github/workflows/release-open-issue-warning.yml b/.github/workflows/release-open-issue-warning.yml
index 291f4a0b64c..c1cacde3449 100644
--- a/.github/workflows/release-open-issue-warning.yml
+++ b/.github/workflows/release-open-issue-warning.yml
@@ -8,6 +8,9 @@ permissions:
pull-requests: read
issues: read
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
check-upcoming-release-events:
name: Check for upcoming release events
diff --git a/.github/workflows/release-release-events-proxy.yml b/.github/workflows/release-release-events-proxy.yml
index 74dd8b9418b..af9dec2fd4b 100644
--- a/.github/workflows/release-release-events-proxy.yml
+++ b/.github/workflows/release-release-events-proxy.yml
@@ -4,6 +4,9 @@ on:
release:
types: [prereleased, published]
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
call-new-release-published-workflow:
name: 'Call the release new release published workflow'
diff --git a/.github/workflows/release-trends-analysis.yml b/.github/workflows/release-trends-analysis.yml
index 2f48cdf1c2d..49de454ebec 100644
--- a/.github/workflows/release-trends-analysis.yml
+++ b/.github/workflows/release-trends-analysis.yml
@@ -6,6 +6,9 @@ on:
description: 'Milestone (in X.Y.Z format)'
required: true
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
analyze-trends-cfes:
runs-on: ubuntu-latest
diff --git a/.github/workflows/release-update-stable-tag.yml b/.github/workflows/release-update-stable-tag.yml
index 0838a6677fa..85b630cd318 100644
--- a/.github/workflows/release-update-stable-tag.yml
+++ b/.github/workflows/release-update-stable-tag.yml
@@ -24,6 +24,9 @@ permissions:
concurrency:
group: release-wporg-svn
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
validate-release:
runs-on: ubuntu-latest
diff --git a/.github/workflows/release-upload-to-wporg.yml b/.github/workflows/release-upload-to-wporg.yml
index 141e1465008..5ecd4af65bb 100644
--- a/.github/workflows/release-upload-to-wporg.yml
+++ b/.github/workflows/release-upload-to-wporg.yml
@@ -17,6 +17,9 @@ permissions: {}
concurrency:
group: release-wporg-svn
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
get-and-validate-release-asset:
name: Get intended release details
diff --git a/.github/workflows/release-wc-beta-tester.yml b/.github/workflows/release-wc-beta-tester.yml
index bd196eaf185..3c6428ee82e 100644
--- a/.github/workflows/release-wc-beta-tester.yml
+++ b/.github/workflows/release-wc-beta-tester.yml
@@ -8,6 +8,9 @@ on:
description: 'The version number for the release'
required: true
+env:
+ ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: 'true'
+
jobs:
release:
name: Run release scripts