GrammaTonic · GrammaTonic · Dec 18, 2025 · Nov 16, 2025 · Nov 16, 2025 · Nov 17, 2025
@@ -72,7 +72,7 @@ jobs:
             echo "changed=false" >> "$GITHUB_OUTPUT"
           fi
       - name: Upload Docs and Wiki Patch Artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: docs-wiki-full-patch
           path: docs-wiki-full-patch.diff

@@ -260,7 +260,7 @@ jobs:
           chmod +x tests/integration/playwright_screenshot_integration.sh
           CONTAINER_NAME=github-runner-chrome tests/integration/playwright_screenshot_integration.sh
       - name: Upload Playwright screenshot artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: playwright-google-screenshot
           path: test-results/playwright/google_screenshot_*.png
@@ -386,7 +386,7 @@ jobs:
           chmod +x tests/integration/playwright_screenshot_integration.sh
           CONTAINER_NAME=github-runner-chrome-go tests/integration/playwright_screenshot_integration.sh
       - name: Upload Playwright screenshot artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: playwright-chrome-go-google-screenshot
           path: test-results/playwright/google_screenshot_*.png
@@ -404,7 +404,7 @@ jobs:
           fetch-depth: 0
           persist-credentials: false
       - name: Lint Dockerfiles with Hadolint
-        uses: hadolint/hadolint-action@v3.1.0
+        uses: hadolint/hadolint-action@v3.3.0
         with:
           dockerfile: "docker/Dockerfile*"
           recursive: true
@@ -570,13 +570,13 @@ jobs:
           echo "$PRIMARY_TAG" > build-normal-image-tag.txt
           echo "${{ steps.build.outputs.digest }}" > build-normal-image-digest.txt
       - name: Upload normal runner build image tag as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: build-normal-image-tag
           path: build-normal-image-tag.txt
           retention-days: 30
       - name: Upload normal runner build image digest as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: build-normal-image-digest
           path: build-normal-image-digest.txt
@@ -677,13 +677,13 @@ jobs:
           echo "$PRIMARY_TAG" > build-chrome-image-tag.txt
           echo "${{ steps.build-chrome.outputs.digest }}" > build-chrome-image-digest.txt
       - name: Upload Chrome build image tag as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: build-chrome-image-tag
           path: build-chrome-image-tag.txt
           retention-days: 30
       - name: Upload Chrome build image digest as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: build-chrome-image-digest
           path: build-chrome-image-digest.txt
@@ -784,13 +784,13 @@ jobs:
           echo "$PRIMARY_TAG" > build-chrome-go-image-tag.txt
           echo "${{ steps.build-chrome-go.outputs.digest }}" > build-chrome-go-image-digest.txt
       - name: Upload Chrome-Go build image tag as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: build-chrome-go-image-tag
           path: build-chrome-go-image-tag.txt
           retention-days: 30
       - name: Upload Chrome-Go build image digest as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: build-chrome-go-image-digest
           path: build-chrome-go-image-digest.txt
@@ -819,7 +819,7 @@ jobs:
           echo "Running unit tests for obsolete package detection..."
           tests/unit/package-validation.sh
       - name: Upload package validation results
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         if: always()
         with:
           name: package-validation-results
@@ -1066,7 +1066,7 @@ jobs:
             echo "PASSED" > test-results/configuration/status.txt
           fi
       - name: Upload comprehensive test results
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         if: always()
         with:
           name: test-results-${{ matrix.test-suite }}
@@ -1107,7 +1107,7 @@ jobs:
           chmod +x tests/user-deployment/test-user-experience.sh
           tests/user-deployment/test-user-experience.sh
       - name: Upload user deployment test results
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         if: always()
         with:
           name: user-deployment-test-results
@@ -1239,7 +1239,7 @@ jobs:
           fi
           cat deployment-report.md
       - name: Upload deployment report
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: deployment-report
           path: deployment-report.md

@@ -60,7 +60,7 @@ jobs:
         run: |
           git diff origin/main -- docs/ wiki-content/ > docs-full-patch.diff || echo "No doc changes detected."
       - name: Upload Patch Artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: docs-full-patch
           path: docs-full-patch.diff

@@ -364,7 +364,7 @@ jobs:
           fi
 
       - name: Upload security report
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: security-status-report
           path: security-status.md
@@ -732,7 +732,7 @@ jobs:
           EOF
 
       - name: Upload comprehensive health report
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: comprehensive-health-report
           path: comprehensive-health-report.md
@@ -813,7 +813,7 @@ jobs:
           exit 0
 
       - name: Upload maintenance summary
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: maintenance-summary
           path: maintenance-summary.md

@@ -293,7 +293,7 @@ jobs:
           echo "Dependency report generated"
 
       - name: Upload dependency report
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: dependency-health-report
           path: dependency-report.md

@@ -103,7 +103,7 @@ jobs:
           format: spdx-json
           output-file: sbom.spdx.json
       - name: Upload SBOM as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: sbom
           path: sbom.spdx.json
@@ -165,7 +165,7 @@ jobs:
           format: spdx-json
           output-file: sbom-chrome.spdx.json
       - name: Upload SBOM as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: sbom-chrome
           path: sbom-chrome.spdx.json
@@ -224,7 +224,7 @@ jobs:
           format: spdx-json
           output-file: sbom-chrome-go.spdx.json
       - name: Upload SBOM as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: sbom-chrome-go
           path: sbom-chrome-go.spdx.json

@@ -39,6 +39,16 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v6
 
+      - name: Free Disk Space (Ubuntu)
+        run: |
+          echo "Freeing up disk space..."
+          sudo rm -rf /usr/share/dotnet
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /opt/ghc
+          sudo rm -rf /usr/local/share/boost
+          echo "Disk space after cleanup:"
+          df -h
+
       - name: Set up scan parameters
         id: params
         run: |
@@ -133,6 +143,15 @@ jobs:
           output: "trivy-results/container.json"
           severity: ${{ steps.params.outputs.severity_filter }},CRITICAL
 
+      - name: Cleanup standard runner image
+        if: contains(steps.params.outputs.scan_targets, 'container')
+        run: |
+          echo "Cleaning up standard runner image to free space..."
+          docker rmi github-runner:scan || true
+          docker system prune -f || true
+          echo "Disk space after cleanup:"
+          df -h
+
       # Chrome runner container scan
       - name: Build Chrome runner image for scanning
         if: contains(steps.params.outputs.scan_targets, 'chrome')
@@ -258,7 +277,7 @@ jobs:
           echo "total-count=$total_all" >> $GITHUB_OUTPUT
 
       - name: Upload Security Reports
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: security-scan-reports-${{ steps.params.outputs.timestamp }}
           path: |
@@ -310,7 +329,7 @@ jobs:
           EOF
 
       - name: Upload Security Summary
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: security-summary-${{ steps.params.outputs.timestamp }}
           path: security-report.md

@@ -77,7 +77,7 @@ jobs:
           category: "filesystem-scan"
 
       - name: Upload SARIF as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         if: always()
         with:
           name: trivy-filesystem-sarif
@@ -139,7 +139,7 @@ jobs:
           category: "container-scan-${{ matrix.variant }}"
 
       - name: Upload SARIF as artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         if: always()
         with:
           name: trivy-container-${{ matrix.variant }}-sarif

@@ -9,7 +9,7 @@ FROM ubuntu:questing AS builder
 ARG TARGETPLATFORM
 ARG TARGETARCH
 ARG TARGETOS
-ARG RUNNER_VERSION="2.329.0"
+ARG RUNNER_VERSION="2.330.0"
 ARG CROSS_SPAWN_VERSION="7.0.6"
 ARG TAR_VERSION="7.5.2"
 ARG BRACE_EXPANSION_VERSION="2.0.2"
@@ -84,7 +84,7 @@ LABEL version="2.2.0"
 
 # --- ARGUMENTS FOR RUNTIME ---
 ARG TARGETARCH
-ARG RUNNER_VERSION="2.329.0"
+ARG RUNNER_VERSION="2.330.0"
 ARG CROSS_SPAWN_VERSION="7.0.6"
 ARG TAR_VERSION="7.5.2"
 ARG BRACE_EXPANSION_VERSION="2.0.2"

@@ -18,7 +18,7 @@ LABEL version="2.2.0"
 ARG TARGETPLATFORM
 ARG TARGETARCH
 ARG TARGETOS
-ARG RUNNER_VERSION="2.329.0"
+ARG RUNNER_VERSION="2.330.0"
 ARG CHROME_VERSION="142.0.7444.162"
 ARG NODE_VERSION="24.11.1"
 ARG NPM_VERSION="11.6.4"

@@ -19,7 +19,7 @@
 ARG TARGETPLATFORM
 ARG TARGETARCH
 ARG TARGETOS
-ARG RUNNER_VERSION="2.329.0"
+ARG RUNNER_VERSION="2.330.0"
 ARG CHROME_VERSION="142.0.7444.162"
 ARG NODE_VERSION="24.11.1"
 ARG NPM_VERSION="11.6.4"
@@ -151,7 +151,7 @@
 # --- INSTALL GO ---
 # Use BuildKit cache for Go download
 # Go supports both amd64 and arm64 architectures
 RUN --mount=type=cache,target=/tmp/downloads \
    GO_VERSION="1.25.5" \
    && case ${TARGETARCH} in \
        "amd64")  GO_ARCH="amd64"  ;; \

@@ -24,9 +24,9 @@ This document provides a comprehensive overview of all software versions, depend
 
 ### GitHub Actions Runner
 
-- **Version**: `2.329.0`
+- **Version**: `2.330.0`
 - **Source**: GitHub official releases
-- **Download URL**: `https://github.com/actions/runner/releases/download/v2.329.0/`
+- **Download URL**: `https://github.com/actions/runner/releases/download/v2.330.0/`
 - **Security Status**: ✅ Latest stable version
 
 ### Operating System

@@ -74,7 +74,7 @@ NAMESPACE="${DOCKER_NAMESPACE:-grammatonic}"
 IMAGE_NAME="github-runner"
 IMAGE_TAG="chrome-latest"
 PLATFORMS="linux/amd64,linux/arm64"
-RUNNER_VERSION="2.329.0"
+RUNNER_VERSION="2.330.0"
 PUSH_IMAGE=false
 NO_CACHE=false
 MULTI_ARCH=false

@@ -34,7 +34,7 @@ NAMESPACE="${DOCKER_NAMESPACE:-grammatonic}"
 IMAGE_NAME="${IMAGE_NAME:-github-runner}"
 IMAGE_TAG="${IMAGE_TAG:-latest}"
 PLATFORMS="${PLATFORMS:-linux/amd64,linux/arm64}"
-RUNNER_VERSION="${RUNNER_VERSION:-2.329.0}"
+RUNNER_VERSION="${RUNNER_VERSION:-2.330.0}"
 
 # Build arguments
 BUILD_ARGS=(