fix: update label from "dependency" to "dependencies" to be consistent with dependabot

2025-12-11 04:46:58 +00:00 · 2025-09-11 19:25:29 +01:00
28 changed files with 50 additions and 624 deletions
--- a/.github/workflows/close-bugs-bot.yml
+++ b/.github/workflows/close-bugs-bot.yml
@@ -7,7 +7,7 @@ jobs:
  stale:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/stale@v10
+      - uses: actions/stale@v9
        with:
          close-issue-message: "This issue does not seem to be a problem with the runner application, it concerns the GitHub actions platform more generally. Could you please post your feedback on the [GitHub Community Support Forum](https://github.com/orgs/community/discussions/categories/actions) which is actively monitored. Using the forum ensures that we route your problem to the correct team. 😃"
          exempt-issue-labels: "keep"
--- a/.github/workflows/close-features-bot.yml
+++ b/.github/workflows/close-features-bot.yml
@@ -7,7 +7,7 @@ jobs:
  stale:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/stale@v10
+      - uses: actions/stale@v9
        with:
          close-issue-message: "Thank you for your interest in the runner application and taking the time to provide your valuable feedback. We kindly ask you to redirect this feedback to the [GitHub Community Support Forum](https://github.com/orgs/community/discussions/categories/actions-and-packages) which our team actively monitors and would be a better place to start a discussion for new feature requests in GitHub Actions. For more information on this policy please [read our contribution guidelines](https://github.com/actions/runner#contribute). 😃"
          exempt-issue-labels: "keep"
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -27,7 +27,7 @@ jobs:
    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v4
+      uses: github/codeql-action/init@v3
      # Override language selection by uncommenting this and choosing your languages
      # with:
      #   languages: go, javascript, csharp, python, cpp, java
@@ -38,4 +38,4 @@ jobs:
      working-directory: src
    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v4
+      uses: github/codeql-action/analyze@v3
--- a/.github/workflows/dependency-check.yml
+++ b/.github/workflows/dependency-check.yml
@@ -1,211 +0,0 @@
 name: Dependency Status Check
 on:
  workflow_dispatch:
    inputs:
      check_type:
        description: "Type of dependency check"
        required: false
        default: "all"
        type: choice
        options:
          - all
          - node
          - dotnet
          - docker
          - npm
  schedule:
    - cron: "0 11 * * 1" # Weekly on Monday at 11 AM
 jobs:
  dependency-status:
    runs-on: ubuntu-latest
    outputs:
      node20-status: ${{ steps.check-versions.outputs.node20-status }}
      node24-status: ${{ steps.check-versions.outputs.node24-status }}
      dotnet-status: ${{ steps.check-versions.outputs.dotnet-status }}
      docker-status: ${{ steps.check-versions.outputs.docker-status }}
      buildx-status: ${{ steps.check-versions.outputs.buildx-status }}
      npm-vulnerabilities: ${{ steps.check-versions.outputs.npm-vulnerabilities }}
      open-dependency-prs: ${{ steps.check-prs.outputs.open-dependency-prs }}
    steps:
      - uses: actions/checkout@v5
      - name: Setup Node.js
        uses: actions/setup-node@v5
        with:
          node-version: "20"
      - name: Check dependency versions
        id: check-versions
        run: |
          echo "## Dependency Status Report" >> $GITHUB_STEP_SUMMARY
          echo "Generated on: $(date)" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          # Check Node versions
          if [[ "${{ github.event.inputs.check_type }}" == "all" || "${{ github.event.inputs.check_type }}" == "node" ]]; then
            echo "### Node.js Versions" >> $GITHUB_STEP_SUMMARY
            VERSIONS_JSON=$(curl -s https://raw.githubusercontent.com/actions/node-versions/main/versions-manifest.json)
            LATEST_NODE20=$(echo "$VERSIONS_JSON" | jq -r '.[] | select(.version | startswith("20.")) | .version' | head -1)
            LATEST_NODE24=$(echo "$VERSIONS_JSON" | jq -r '.[] | select(.version | startswith("24.")) | .version' | head -1)
            CURRENT_NODE20=$(grep "NODE20_VERSION=" src/Misc/externals.sh | cut -d'"' -f2)
            CURRENT_NODE24=$(grep "NODE24_VERSION=" src/Misc/externals.sh | cut -d'"' -f2)
            NODE20_STATUS="✅ up-to-date"
            NODE24_STATUS="✅ up-to-date"
            if [ "$CURRENT_NODE20" != "$LATEST_NODE20" ]; then
              NODE20_STATUS="⚠️ outdated"
            fi
            if [ "$CURRENT_NODE24" != "$LATEST_NODE24" ]; then
              NODE24_STATUS="⚠️ outdated"
            fi
            echo "| Version | Current | Latest | Status |" >> $GITHUB_STEP_SUMMARY
            echo "|---------|---------|--------|--------|" >> $GITHUB_STEP_SUMMARY
            echo "| Node 20 | $CURRENT_NODE20 | $LATEST_NODE20 | $NODE20_STATUS |" >> $GITHUB_STEP_SUMMARY
            echo "| Node 24 | $CURRENT_NODE24 | $LATEST_NODE24 | $NODE24_STATUS |" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "node20-status=$NODE20_STATUS" >> $GITHUB_OUTPUT
            echo "node24-status=$NODE24_STATUS" >> $GITHUB_OUTPUT
          fi
          # Check .NET version
          if [[ "${{ github.event.inputs.check_type }}" == "all" || "${{ github.event.inputs.check_type }}" == "dotnet" ]]; then
            echo "### .NET SDK Version" >> $GITHUB_STEP_SUMMARY
            current_dotnet_version=$(jq -r .sdk.version ./src/global.json)
            current_major_minor=$(echo "$current_dotnet_version" | cut -d '.' -f 1,2)
            latest_dotnet_version=$(curl -sb -H "Accept: application/json" "https://dotnetcli.blob.core.windows.net/dotnet/Sdk/$current_major_minor/latest.version")
            DOTNET_STATUS="✅ up-to-date"
            if [ "$current_dotnet_version" != "$latest_dotnet_version" ]; then
              DOTNET_STATUS="⚠️ outdated"
            fi
            echo "| Component | Current | Latest | Status |" >> $GITHUB_STEP_SUMMARY
            echo "|-----------|---------|--------|--------|" >> $GITHUB_STEP_SUMMARY
            echo "| .NET SDK | $current_dotnet_version | $latest_dotnet_version | $DOTNET_STATUS |" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "dotnet-status=$DOTNET_STATUS" >> $GITHUB_OUTPUT
          fi
          # Check Docker versions
          if [[ "${{ github.event.inputs.check_type }}" == "all" || "${{ github.event.inputs.check_type }}" == "docker" ]]; then
            echo "### Docker Versions" >> $GITHUB_STEP_SUMMARY
            current_docker=$(grep "ARG DOCKER_VERSION=" ./images/Dockerfile | cut -d'=' -f2)
            current_buildx=$(grep "ARG BUILDX_VERSION=" ./images/Dockerfile | cut -d'=' -f2)
            latest_docker=$(curl -s https://download.docker.com/linux/static/stable/x86_64/ | grep -o 'docker-[0-9]*\.[0-9]*\.[0-9]*\.tgz' | sort -V | tail -n 1 | sed 's/docker-\(.*\)\.tgz/\1/')
            latest_buildx=$(curl -s https://api.github.com/repos/docker/buildx/releases/latest | jq -r '.tag_name' | sed 's/^v//')
            DOCKER_STATUS="✅ up-to-date"
            BUILDX_STATUS="✅ up-to-date"
            if [ "$current_docker" != "$latest_docker" ]; then
              DOCKER_STATUS="⚠️ outdated"
            fi
            if [ "$current_buildx" != "$latest_buildx" ]; then
              BUILDX_STATUS="⚠️ outdated"
            fi
            echo "| Component | Current | Latest | Status |" >> $GITHUB_STEP_SUMMARY
            echo "|-----------|---------|--------|--------|" >> $GITHUB_STEP_SUMMARY
            echo "| Docker | $current_docker | $latest_docker | $DOCKER_STATUS |" >> $GITHUB_STEP_SUMMARY
            echo "| Docker Buildx | $current_buildx | $latest_buildx | $BUILDX_STATUS |" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "docker-status=$DOCKER_STATUS" >> $GITHUB_OUTPUT
            echo "buildx-status=$BUILDX_STATUS" >> $GITHUB_OUTPUT
          fi
          # Check npm vulnerabilities
          if [[ "${{ github.event.inputs.check_type }}" == "all" || "${{ github.event.inputs.check_type }}" == "npm" ]]; then
            echo "### NPM Security Audit" >> $GITHUB_STEP_SUMMARY
            cd src/Misc/expressionFunc/hashFiles
            npm install --silent
            AUDIT_OUTPUT=""
            AUDIT_EXIT_CODE=0
            # Run npm audit and capture output and exit code
            if ! AUDIT_OUTPUT=$(npm audit --json 2>&1); then
              AUDIT_EXIT_CODE=$?
            fi
            # Check if output is valid JSON
            if echo "$AUDIT_OUTPUT" | jq . >/dev/null 2>&1; then
              VULN_COUNT=$(echo "$AUDIT_OUTPUT" | jq '.metadata.vulnerabilities.total // 0')
              # Ensure VULN_COUNT is a number
              VULN_COUNT=$(echo "$VULN_COUNT" | grep -o '[0-9]*' | head -1)
              VULN_COUNT=${VULN_COUNT:-0}
              NPM_STATUS="✅ no vulnerabilities"
              if [ "$VULN_COUNT" -gt 0 ] 2>/dev/null; then
                NPM_STATUS="⚠️ $VULN_COUNT vulnerabilities found"
                # Get vulnerability details
                HIGH_VULNS=$(echo "$AUDIT_OUTPUT" | jq '.metadata.vulnerabilities.high // 0')
                CRITICAL_VULNS=$(echo "$AUDIT_OUTPUT" | jq '.metadata.vulnerabilities.critical // 0')
                echo "| Severity | Count |" >> $GITHUB_STEP_SUMMARY
                echo "|----------|-------|" >> $GITHUB_STEP_SUMMARY
                echo "| Critical | $CRITICAL_VULNS |" >> $GITHUB_STEP_SUMMARY
                echo "| High | $HIGH_VULNS |" >> $GITHUB_STEP_SUMMARY
                echo "" >> $GITHUB_STEP_SUMMARY
              else
                echo "No npm vulnerabilities found ✅" >> $GITHUB_STEP_SUMMARY
                echo "" >> $GITHUB_STEP_SUMMARY
              fi
            else
              NPM_STATUS="❌ npm audit failed"
              echo "npm audit failed to run or returned invalid JSON ❌" >> $GITHUB_STEP_SUMMARY
              echo "Exit code: $AUDIT_EXIT_CODE" >> $GITHUB_STEP_SUMMARY
              echo "Output: $AUDIT_OUTPUT" >> $GITHUB_STEP_SUMMARY
              echo "" >> $GITHUB_STEP_SUMMARY
            fi
            echo "npm-vulnerabilities=$NPM_STATUS" >> $GITHUB_OUTPUT
          fi
      - name: Check for open dependency PRs
        id: check-prs
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          echo "### Open Dependency PRs" >> $GITHUB_STEP_SUMMARY
          # Get open PRs with dependency label
          OPEN_PRS=$(gh pr list --label "dependencies" --state open --json number,title,url)
          PR_COUNT=$(echo "$OPEN_PRS" | jq '. | length')
          if [ "$PR_COUNT" -gt 0 ]; then
            echo "Found $PR_COUNT open dependency PR(s):" >> $GITHUB_STEP_SUMMARY
            echo "" >> $GITHUB_STEP_SUMMARY
            echo "$OPEN_PRS" | jq -r '.[] | "- [#\(.number)](\(.url)) \(.title)"' >> $GITHUB_STEP_SUMMARY
          else
            echo "No open dependency PRs found ✅" >> $GITHUB_STEP_SUMMARY
          fi
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "open-dependency-prs=$PR_COUNT" >> $GITHUB_OUTPUT
      - name: Summary
        run: |
          echo "### Summary" >> $GITHUB_STEP_SUMMARY
          echo "- Check for open PRs with the \`dependency\` label before releases" >> $GITHUB_STEP_SUMMARY
          echo "- Review and merge dependency updates regularly" >> $GITHUB_STEP_SUMMARY
          echo "- Critical vulnerabilities should be addressed immediately" >> $GITHUB_STEP_SUMMARY
          echo "" >> $GITHUB_STEP_SUMMARY
          echo "**Automated workflows run weekly to check for updates:**" >> $GITHUB_STEP_SUMMARY
          echo "- Node.js versions (Mondays at 6 AM)" >> $GITHUB_STEP_SUMMARY
          echo "- NPM audit fix (Mondays at 7 AM)" >> $GITHUB_STEP_SUMMARY
          echo "- .NET SDK updates (Mondays at midnight)" >> $GITHUB_STEP_SUMMARY
          echo "- Docker/Buildx updates (Mondays at midnight)" >> $GITHUB_STEP_SUMMARY
--- a/.github/workflows/docker-buildx-upgrade.yml
+++ b/.github/workflows/docker-buildx-upgrade.yml
@@ -2,7 +2,7 @@ name: "Docker/Buildx Version Upgrade"
 on:
  schedule:
-    - cron: "0 0 * * 1" # Run every Monday at midnight
+    - cron: "0 9 * * 1" # Weekly on Monday at 9 AM UTC (independent of other dependencies)
  workflow_dispatch: # Allow manual triggering
 jobs:
@@ -160,7 +160,4 @@ jobs:
          gh pr create -B main -H "$branch_name" \
            --title "$pr_title" \
            --label "dependencies" \
            --label "dependencies-weekly-check" \
            --label "dependencies-not-dependabot" \
            --label "docker" \
            --body-file pr_body.txt
--- a/.github/workflows/dotnet-upgrade.yml
+++ b/.github/workflows/dotnet-upgrade.yml
@@ -96,7 +96,7 @@ jobs:
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
-          gh pr create -B main -H feature/dotnetsdk-upgrade/${{ needs.dotnet-update.outputs.DOTNET_LATEST_MAJOR_MINOR_PATCH_VERSION }} --title "Update dotnet sdk to latest version @${{ needs.dotnet-update.outputs.DOTNET_LATEST_MAJOR_MINOR_PATCH_VERSION }}" --label "dependencies" --label "dependencies-weekly-check" --label "dependencies-not-dependabot" --label "dotnet" --body "
+          gh pr create -B main -H feature/dotnetsdk-upgrade/${{ needs.dotnet-update.outputs.DOTNET_LATEST_MAJOR_MINOR_PATCH_VERSION }} --title "Update dotnet sdk to latest version @${{ needs.dotnet-update.outputs.DOTNET_LATEST_MAJOR_MINOR_PATCH_VERSION }}" --label "dependencies" --body "
            https://dotnetcli.blob.core.windows.net/dotnet/Sdk/${{ needs.dotnet-update.outputs.DOTNET_CURRENT_MAJOR_MINOR_VERSION }}/latest.version
--- a/.github/workflows/node-upgrade.yml
+++ b/.github/workflows/node-upgrade.yml
@@ -32,47 +32,20 @@ jobs:
          echo "Verifying availability in alpine_nodejs..."
          ALPINE_RELEASES=$(curl -s https://api.github.com/repos/actions/alpine_nodejs/releases | jq -r '.[].tag_name')
-          if ! echo "$ALPINE_RELEASES" | grep -q "^v$LATEST_NODE20$"; then
+          if ! echo "$ALPINE_RELEASES" | grep -q "^node20-$LATEST_NODE20$"; then
            echo "::warning title=Node 20 Fallback::Node 20 version $LATEST_NODE20 not found in alpine_nodejs releases, using fallback"
            # Fall back to latest available alpine_nodejs v20 release
-            LATEST_NODE20=$(echo "$ALPINE_RELEASES" | grep "^v20\." | head -1 | sed 's/^v//')
+            LATEST_NODE20=$(echo "$ALPINE_RELEASES" | grep "^node20-" | head -1 | sed 's/^node20-//')
            echo "Using latest available alpine_nodejs Node 20: $LATEST_NODE20"
          fi
-          if ! echo "$ALPINE_RELEASES" | grep -q "^v$LATEST_NODE24$"; then
+          if ! echo "$ALPINE_RELEASES" | grep -q "^node24-$LATEST_NODE24$"; then
            echo "::warning title=Node 24 Fallback::Node 24 version $LATEST_NODE24 not found in alpine_nodejs releases, using fallback"
            # Fall back to latest available alpine_nodejs v24 release
-            LATEST_NODE24=$(echo "$ALPINE_RELEASES" | grep "^v24\." | head -1 | sed 's/^v//')
+            LATEST_NODE24=$(echo "$ALPINE_RELEASES" | grep "^node24-" | head -1 | sed 's/^node24-//')
            echo "Using latest available alpine_nodejs Node 24: $LATEST_NODE24"
          fi
          # Validate that we have non-empty version numbers
          if [ -z "$LATEST_NODE20" ] || [ "$LATEST_NODE20" = "" ]; then
            echo "::error title=Invalid Node 20 Version::Failed to determine valid Node 20 version. Got: '$LATEST_NODE20'"
            echo "Available alpine_nodejs releases:"
            echo "$ALPINE_RELEASES" | head -10
            exit 1
          fi
          if [ -z "$LATEST_NODE24" ] || [ "$LATEST_NODE24" = "" ]; then
            echo "::error title=Invalid Node 24 Version::Failed to determine valid Node 24 version. Got: '$LATEST_NODE24'"
            echo "Available alpine_nodejs releases:"
            echo "$ALPINE_RELEASES" | head -10
            exit 1
          fi
          # Additional validation: ensure versions match expected format (x.y.z)
          if ! echo "$LATEST_NODE20" | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$'; then
            echo "::error title=Invalid Node 20 Format::Node 20 version '$LATEST_NODE20' does not match expected format (x.y.z)"
            exit 1
          fi
          if ! echo "$LATEST_NODE24" | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$'; then
            echo "::error title=Invalid Node 24 Format::Node 24 version '$LATEST_NODE24' does not match expected format (x.y.z)"
            exit 1
          fi
          echo "✅ Validated Node versions: 20=$LATEST_NODE20, 24=$LATEST_NODE24"
          echo "latest_node20=$LATEST_NODE20" >> $GITHUB_OUTPUT
          echo "latest_node24=$LATEST_NODE24" >> $GITHUB_OUTPUT
@@ -109,50 +82,13 @@ jobs:
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          # Final validation before making changes
          NODE20_VERSION="${{ steps.node-versions.outputs.latest_node20 }}"
          NODE24_VERSION="${{ steps.node-versions.outputs.latest_node24 }}"
          echo "Final validation of versions before PR creation:"
          echo "Node 20: '$NODE20_VERSION'"
          echo "Node 24: '$NODE24_VERSION'"
          # Validate versions are not empty and match expected format
          if [ -z "$NODE20_VERSION" ] || ! echo "$NODE20_VERSION" | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$'; then
            echo "::error title=Invalid Node 20 Version::Refusing to create PR with invalid Node 20 version: '$NODE20_VERSION'"
            exit 1
          fi
          if [ -z "$NODE24_VERSION" ] || ! echo "$NODE24_VERSION" | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$'; then
            echo "::error title=Invalid Node 24 Version::Refusing to create PR with invalid Node 24 version: '$NODE24_VERSION'"
            exit 1
          fi
          echo "✅ All versions validated successfully"
          # Update the files
          if [ "${{ steps.node-versions.outputs.needs_update20 }}" == "true" ]; then
-            sed -i 's/NODE20_VERSION="[^"]*"/NODE20_VERSION="'"$NODE20_VERSION"'"/' src/Misc/externals.sh
+            sed -i 's/NODE20_VERSION="[^"]*"/NODE20_VERSION="${{ steps.node-versions.outputs.latest_node20 }}"/' src/Misc/externals.sh
          fi
          if [ "${{ steps.node-versions.outputs.needs_update24 }}" == "true" ]; then
-            sed -i 's/NODE24_VERSION="[^"]*"/NODE24_VERSION="'"$NODE24_VERSION"'"/' src/Misc/externals.sh
+            sed -i 's/NODE24_VERSION="[^"]*"/NODE24_VERSION="${{ steps.node-versions.outputs.latest_node24 }}"/' src/Misc/externals.sh
          fi
          # Verify the changes were applied correctly
          echo "Verifying changes in externals.sh:"
          grep "NODE20_VERSION=" src/Misc/externals.sh
          grep "NODE24_VERSION=" src/Misc/externals.sh
          # Ensure we actually have valid versions in the file
          UPDATED_NODE20=$(grep "NODE20_VERSION=" src/Misc/externals.sh | cut -d'"' -f2)
          UPDATED_NODE24=$(grep "NODE24_VERSION=" src/Misc/externals.sh | cut -d'"' -f2)
          if [ -z "$UPDATED_NODE20" ] || [ -z "$UPDATED_NODE24" ]; then
            echo "::error title=Update Failed::Failed to properly update externals.sh"
            echo "Updated Node 20: '$UPDATED_NODE20'"
            echo "Updated Node 24: '$UPDATED_NODE24'"
            exit 1
          fi
          # Configure git
@@ -162,15 +98,15 @@ jobs:
          # Create branch and commit changes
          branch_name="chore/update-node"
          git checkout -b "$branch_name"
-          git commit -a -m "chore: update Node versions (20: $NODE20_VERSION, 24: $NODE24_VERSION)"
+          git commit -a -m "chore: update Node versions (20: ${{ steps.node-versions.outputs.latest_node20 }}, 24: ${{ steps.node-versions.outputs.latest_node24 }})"
          git push --force origin "$branch_name"
          # Create PR body using here-doc for proper formatting
-          cat > pr_body.txt << EOF
+          cat > pr_body.txt << 'EOF'
          Automated Node.js version update:
-          - Node 20: ${{ steps.node-versions.outputs.current_node20 }} → $NODE20_VERSION
+          - Node 20: ${{ steps.node-versions.outputs.current_node20 }} → ${{ steps.node-versions.outputs.latest_node20 }}
-          - Node 24: ${{ steps.node-versions.outputs.current_node24 }} → $NODE24_VERSION
+          - Node 24: ${{ steps.node-versions.outputs.current_node24 }} → ${{ steps.node-versions.outputs.latest_node24 }}
          This update ensures we're using the latest stable Node.js versions for security and performance improvements.
@@ -185,10 +121,6 @@ jobs:
          gh pr create -B main -H "$branch_name" \
            --title "chore: update Node versions" \
            --label "dependencies" \
            --label "dependencies-weekly-check" \
            --label "dependencies-not-dependabot" \
            --label "node" \
            --label "javascript" \
            --body-file pr_body.txt
          echo "::notice title=PR Created::Successfully created Node.js version update PR on branch $branch_name"
--- a/.github/workflows/npm-audit-typescript.yml
+++ b/.github/workflows/npm-audit-typescript.yml
@@ -9,7 +9,7 @@ jobs:
    steps:
      - uses: actions/checkout@v5
      - name: Setup Node.js
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v4
        with:
          node-version: "20"
      - name: NPM install and audit fix with TypeScript auto-repair
@@ -220,9 +220,9 @@ jobs:
            fi
            # Create PR with appropriate labels
-            labels="dependencies,dependencies-not-dependabot,typescript,npm,security"
+            labels="dependency,typescript"
            if [[ "$build_status" == *"fails"* ]]; then
-              labels="dependencies,dependencies-not-dependabot,typescript,npm,security,needs-manual-review"
+              labels="dependency,typescript,needs-manual-review"
            fi
            # Create PR
--- a/.github/workflows/npm-audit.yml
+++ b/.github/workflows/npm-audit.yml
@@ -12,7 +12,7 @@ jobs:
      - uses: actions/checkout@v5
      - name: Setup Node.js
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v4
        with:
          node-version: "20"
@@ -126,11 +126,6 @@ jobs:
            gh pr create -B main -H "$branch_name" \
              --title "chore: npm audit fix for hashFiles dependencies" \
              --label "dependencies" \
              --label "dependencies-weekly-check" \
              --label "dependencies-not-dependabot" \
              --label "npm" \
              --label "typescript" \
              --label "security" \
              --body-file pr_body.txt
          else
            echo "✅ No changes to commit - npm audit fix did not modify any files"
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -16,7 +16,7 @@ jobs:
    # Make sure ./releaseVersion match ./src/runnerversion
    # Query GitHub release ensure version is not used
    - name: Check version
-      uses: actions/github-script@v8.0.0
+      uses: actions/github-script@v7.0.1
      with:
        github-token: ${{secrets.GITHUB_TOKEN}}
        script: |
@@ -171,7 +171,7 @@ jobs:
    # Create ReleaseNote file
    - name: Create ReleaseNote
      id: releaseNote
-      uses: actions/github-script@v8.0.0
+      uses: actions/github-script@v7.0.1
      with:
        github-token: ${{secrets.GITHUB_TOKEN}}
        script: |
@@ -300,7 +300,7 @@ jobs:
      - name: Compute image version
        id: image
-        uses: actions/github-script@v8.0.0
+        uses: actions/github-script@v7.0.1
        with:
          script: |
            const fs = require('fs');
--- a/.github/workflows/stale-bot.yml
+++ b/.github/workflows/stale-bot.yml
@@ -7,7 +7,7 @@ jobs:
  stale:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/stale@v10
+      - uses: actions/stale@v9
        with:
          stale-issue-message: "This issue is stale because it has been open 365 days with no activity. Remove stale label or comment or this will be closed in 15 days."
          close-issue-message: "This issue was closed because it has been stalled for 15 days with no activity."
--- a/docs/dependency-management.md
+++ b/docs/dependency-management.md
@@ -1,217 +0,0 @@
 # Runner Dependency Management Process
 ## Overview
 This document outlines the automated dependency management process for the GitHub Actions Runner, designed to ensure we maintain up-to-date and secure dependencies while providing predictable release cycles.
 ## Release Schedule
 - **Monthly Runner Releases**: New runner versions are released monthly
 - **Weekly Dependency Checks**: Automated workflows check for dependency updates every Monday
 - **Security Patches**: Critical security vulnerabilities are addressed immediately outside the regular schedule
 ## Automated Workflows
 **Note**: These workflows are implemented across separate PRs for easier review and independent deployment. Each workflow includes comprehensive error handling and security-focused vulnerability detection.
 ### 1. Foundation Labels
 - **Workflow**: `.github/workflows/setup-labels.yml` (PR #4024)
 - **Purpose**: Creates consistent dependency labels for all automation workflows
 - **Labels**: `dependencies`, `security`, `typescript`, `needs-manual-review`
 - **Prerequisite**: Must be merged before other workflows for proper labeling
 ### 2. Node.js Version Updates
 - **Workflow**: `.github/workflows/node-upgrade.yml`
 - **Schedule**: Mondays at 6:00 AM UTC
 - **Purpose**: Updates Node.js 20 and 24 versions in `src/Misc/externals.sh`
 - **Source**: [nodejs.org](https://nodejs.org) and [actions/alpine_nodejs](https://github.com/actions/alpine_nodejs)
 - **Priority**: First (NPM depends on current Node.js versions)
 ### 3. NPM Security Audit
 - **Primary Workflow**: `.github/workflows/npm-audit.yml` ("NPM Audit Fix")
  - **Schedule**: Mondays at 7:00 AM UTC
  - **Purpose**: Automated security vulnerability detection and basic fixes
  - **Location**: `src/Misc/expressionFunc/hashFiles/`
  - **Features**: npm audit, security patch application, PR creation
  - **Dependency**: Runs after Node.js updates for optimal compatibility
 - **Fallback Workflow**: `.github/workflows/npm-audit-typescript.yml` ("NPM Audit Fix with TypeScript Auto-Fix")
  - **Trigger**: Manual dispatch only
  - **Purpose**: Manual security audit with TypeScript compatibility fixes
  - **Use Case**: When scheduled workflow fails or needs custom intervention
  - **Features**: Enhanced TypeScript auto-repair, graduated security response
  - **How to Use**:
    1. If the scheduled "NPM Audit Fix" workflow fails, go to Actions tab
    2. Select "NPM Audit Fix with TypeScript Auto-Fix" workflow
    3. Click "Run workflow" and optionally specify fix level (auto/manual)
    4. Review the generated PR for TypeScript compatibility issues
 ### 4. .NET SDK Updates
 - **Workflow**: `.github/workflows/dotnet-upgrade.yml`
 - **Schedule**: Mondays at midnight UTC
 - **Purpose**: Updates .NET SDK and package versions with build validation
 - **Features**: Global.json updates, NuGet package management, compatibility checking
 - **Independence**: Runs independently of Node.js/NPM updates
 ### 5. Docker/Buildx Updates
 - **Workflow**: `.github/workflows/docker-buildx-upgrade.yml` ("Docker/Buildx Version Upgrade")
 - **Schedule**: Mondays at midnight UTC
 - **Purpose**: Updates Docker and Docker Buildx versions with multi-platform validation
 - **Features**: Container security scanning, multi-architecture build testing
 - **Independence**: Runs independently of other dependency updates
 ### 6. Dependency Monitoring
 - **Workflow**: `.github/workflows/dependency-check.yml` ("Dependency Status Check")
 - **Schedule**: Mondays at 11:00 AM UTC
 - **Purpose**: Comprehensive status report of all dependencies with security audit
 - **Features**: Multi-dependency checking, npm audit status, build validation, choice of specific component checks
 - **Summary**: Runs last to capture results from all morning dependency updates
 ## Release Process Integration
 ### Pre-Release Checklist
 Before each monthly runner release:
 1. **Check Dependency PRs**:
   ```bash
   # List all open dependency PRs
   gh pr list --label "dependencies" --state open
   # List only automated weekly dependency updates
   gh pr list --label "dependencies-weekly-check" --state open
   # List only custom dependency automation (not dependabot)
   gh pr list --label "dependencies-not-dependabot" --state open
   ```
 2. **Run Manual Dependency Check**:
   - Go to Actions tab → "Dependency Status Check" → "Run workflow"
   - Review the summary for any outdated dependencies
 3. **Review and Merge Updates**:
   - Prioritize security-related updates
   - Test dependency updates in development environment
   - Merge approved dependency PRs
 ### Vulnerability Response
 #### Critical Security Vulnerabilities
 - **Response Time**: Within 24 hours
 - **Process**:
  1. Assess impact on runner security
  2. Create hotfix branch if runner data security is affected
  3. Expedite patch release if necessary
  4. Document in security advisory if applicable
 #### Non-Critical Vulnerabilities
 - **Response Time**: Next monthly release
 - **Process**:
  1. Evaluate if vulnerability affects runner functionality
  2. Include fix in regular dependency update cycle
  3. Document in release notes
 ## Monitoring and Alerts
 ### GitHub Actions Workflow Status
 - All dependency workflows create PRs with the `dependencies` label
 - Failed workflows should be investigated immediately
 - Weekly dependency status reports are generated automatically
 ### Manual Checks
 You can manually trigger dependency checks:
 - **Full Status**: Run "Dependency Status Check" workflow
 - **Specific Component**: Use the dropdown to check individual dependencies
 ## Dependency Labels
 All automated dependency PRs are tagged with labels for easy filtering and management:
 ### Primary Labels
 - **`dependencies`**: All automated dependency-related PRs
 - **`dependencies-weekly-check`**: Automated weekly dependency updates from scheduled workflows
 - **`dependencies-not-dependabot`**: Custom dependency automation (not created by dependabot)
 - **`security`**: Security vulnerability fixes and patches  
 - **`typescript`**: TypeScript compatibility and type definition updates
 - **`needs-manual-review`**: Complex updates requiring human verification
 ### Technology-Specific Labels
 - **`node`**: Node.js version updates
 - **`javascript`**: JavaScript runtime and tooling updates
 - **`npm`**: NPM package and security updates
 - **`dotnet`**: .NET SDK and NuGet package updates
 - **`docker`**: Docker and container tooling updates
 ### Workflow-Specific Branches
 - **Node.js updates**: `chore/update-node` branch
 - **NPM security fixes**: `chore/npm-audit-fix-YYYYMMDD` and `chore/npm-audit-fix-with-ts-repair` branches
 - **NuGet/.NET updates**: `feature/dotnetsdk-upgrade/{version}` branches
 - **Docker updates**: `feature/docker-buildx-upgrade` branch
 ## Special Considerations
 ### Node.js Updates
 When updating Node.js versions, remember to:
 1. Create a corresponding release in [actions/alpine_nodejs](https://github.com/actions/alpine_nodejs)
 2. Follow the alpine_nodejs getting started guide
 3. Test container builds with new Node versions
 ### .NET SDK Updates
 - Only patch versions are auto-updated within the same major.minor version
 - Major/minor version updates require manual review and testing
 ### Docker Updates
 - Updates include both Docker Engine and Docker Buildx
 - Verify compatibility with runner container workflows
 ## Troubleshooting
 ### Common Issues
 1. **NPM Audit Workflow Fails**:
   - Check if `package.json` exists in `src/Misc/expressionFunc/hashFiles/`
   - Verify Node.js setup step succeeded
 2. **Version Detection Fails**:
   - Check if upstream APIs are available
   - Verify parsing logic for version extraction
 3. **PR Creation Fails**:
   - Ensure `GITHUB_TOKEN` has sufficient permissions
   - Check if branch already exists
 ### Contact
 For questions about the dependency management process:
 - Create an issue with the `dependencies` label
 - Review existing dependency management workflows
 - Consult the runner team for security-related concerns
 ## Metrics and KPIs
 Track these metrics to measure dependency management effectiveness:
 - Number of open dependency PRs at release time
 - Time to merge dependency updates
 - Number of security vulnerabilities by severity
 - Release cycle adherence (monthly target)
--- a/images/Dockerfile
+++ b/images/Dockerfile
@@ -5,8 +5,8 @@ ARG TARGETOS
 ARG TARGETARCH
 ARG RUNNER_VERSION
 ARG RUNNER_CONTAINER_HOOKS_VERSION=0.7.0
-ARG DOCKER_VERSION=28.5.1
+ARG DOCKER_VERSION=28.4.0
-ARG BUILDX_VERSION=0.29.1
+ARG BUILDX_VERSION=0.28.0
 RUN apt update -y && apt install curl unzip -y
@@ -21,10 +21,6 @@ RUN curl -f -L -o runner-container-hooks.zip https://github.com/actions/runner-c
    && unzip ./runner-container-hooks.zip -d ./k8s \
    && rm runner-container-hooks.zip
 RUN curl -f -L -o runner-container-hooks.zip https://github.com/actions/runner-container-hooks/releases/download/v0.8.0/actions-runner-hooks-k8s-0.8.0.zip \
    && unzip ./runner-container-hooks.zip -d ./k8s-novolume \
    && rm runner-container-hooks.zip
 RUN export RUNNER_ARCH=${TARGETARCH} \
    && if [ "$RUNNER_ARCH" = "amd64" ]; then export DOCKER_ARCH=x86_64 ; fi \
    && if [ "$RUNNER_ARCH" = "arm64" ]; then export DOCKER_ARCH=aarch64 ; fi \
--- a/src/Misc/externals.sh
+++ b/src/Misc/externals.sh
@@ -7,7 +7,7 @@ NODE_ALPINE_URL=https://github.com/actions/alpine_nodejs/releases/download
 # When you update Node versions you must also create a new release of alpine_nodejs at that updated version.
 # Follow the instructions here: https://github.com/actions/alpine_nodejs?tab=readme-ov-file#getting-started
 NODE20_VERSION="20.19.5"
-NODE24_VERSION="24.10.0"
+NODE24_VERSION="24.7.0"
 get_abs_path() {
  # exploits the fact that pwd will print abs path when no args
--- a/src/Runner.Common/RunServer.cs
+++ b/src/Runner.Common/RunServer.cs
@@ -30,7 +30,6 @@ namespace GitHub.Runner.Common
            string environmentUrl,
            IList<Telemetry> telemetry,
            string billingOwnerId,
            string infrastructureFailureCategory,
            CancellationToken token);
        Task<RenewJobResponse> RenewJobAsync(Guid planId, Guid jobId, CancellationToken token);
@@ -81,12 +80,11 @@ namespace GitHub.Runner.Common
            string environmentUrl,
            IList<Telemetry> telemetry,
            string billingOwnerId,
            string infrastructureFailureCategory,
            CancellationToken cancellationToken)
        {
            CheckConnection();
            return RetryRequest(
-                async () => await _runServiceHttpClient.CompleteJobAsync(requestUri, planId, jobId, result, outputs, stepResults, jobAnnotations, environmentUrl, telemetry, billingOwnerId, infrastructureFailureCategory, cancellationToken), cancellationToken,
+                async () => await _runServiceHttpClient.CompleteJobAsync(requestUri, planId, jobId, result, outputs, stepResults, jobAnnotations, environmentUrl, telemetry, billingOwnerId, cancellationToken), cancellationToken,
                shouldRetry: ex =>
                    ex is not VssUnauthorizedException &&               // HTTP status 401
                    ex is not TaskOrchestrationJobNotFoundException);   // HTTP status 404
--- a/src/Runner.Listener/Configuration/ConfigurationManager.cs
+++ b/src/Runner.Listener/Configuration/ConfigurationManager.cs
@@ -284,7 +284,6 @@ namespace GitHub.Runner.Listener.Configuration
                            {
                                var runner = await _dotcomServer.ReplaceRunnerAsync(runnerSettings.PoolId, agent, runnerSettings.GitHubUrl, registerToken, publicKeyXML);
                                runnerSettings.ServerUrlV2 = runner.RunnerAuthorization.ServerUrl;
                                runnerSettings.UseV2Flow = true; // if we are using runner admin, we also need to hit broker
                                agent.Id = runner.Id;
                                agent.Authorization = new TaskAgentAuthorization()
@@ -292,13 +291,6 @@ namespace GitHub.Runner.Listener.Configuration
                                    AuthorizationUrl = runner.RunnerAuthorization.AuthorizationUrl,
                                    ClientId = new Guid(runner.RunnerAuthorization.ClientId)
                                };
                                if (!string.IsNullOrEmpty(runner.RunnerAuthorization.LegacyAuthorizationUrl?.AbsoluteUri))
                                {
                                    agent.Authorization.AuthorizationUrl = runner.RunnerAuthorization.LegacyAuthorizationUrl;
                                    agent.Properties["EnableAuthMigrationByDefault"] = true;
                                    agent.Properties["AuthorizationUrlV2"] = runner.RunnerAuthorization.AuthorizationUrl.AbsoluteUri;
                                }
                            }
                            else
                            {
@@ -342,7 +334,6 @@ namespace GitHub.Runner.Listener.Configuration
                        {
                            var runner = await _dotcomServer.AddRunnerAsync(runnerSettings.PoolId, agent, runnerSettings.GitHubUrl, registerToken, publicKeyXML);
                            runnerSettings.ServerUrlV2 = runner.RunnerAuthorization.ServerUrl;
                            runnerSettings.UseV2Flow = true; // if we are using runner admin, we also need to hit broker
                            agent.Id = runner.Id;
                            agent.Authorization = new TaskAgentAuthorization()
@@ -350,13 +341,6 @@ namespace GitHub.Runner.Listener.Configuration
                                AuthorizationUrl = runner.RunnerAuthorization.AuthorizationUrl,
                                ClientId = new Guid(runner.RunnerAuthorization.ClientId)
                            };
                            if (!string.IsNullOrEmpty(runner.RunnerAuthorization.LegacyAuthorizationUrl?.AbsoluteUri))
                            {
                                agent.Authorization.AuthorizationUrl = runner.RunnerAuthorization.LegacyAuthorizationUrl;
                                agent.Properties["EnableAuthMigrationByDefault"] = true;
                                agent.Properties["AuthorizationUrlV2"] = runner.RunnerAuthorization.AuthorizationUrl.AbsoluteUri;
                            }
                        }
                        else
                        {
--- a/src/Runner.Listener/JobDispatcher.cs
+++ b/src/Runner.Listener/JobDispatcher.cs
@@ -1211,7 +1211,7 @@ namespace GitHub.Runner.Listener
                    jobAnnotations.Add(annotation.Value);
                }
-                await runServer.CompleteJobAsync(message.Plan.PlanId, message.JobId, TaskResult.Failed, outputs: null, stepResults: null, jobAnnotations: jobAnnotations, environmentUrl: null, telemetry: null, billingOwnerId: message.BillingOwnerId, infrastructureFailureCategory: null, CancellationToken.None);
+                await runServer.CompleteJobAsync(message.Plan.PlanId, message.JobId, TaskResult.Failed, outputs: null, stepResults: null, jobAnnotations: jobAnnotations, environmentUrl: null, telemetry: null, billingOwnerId: message.BillingOwnerId, CancellationToken.None);
            }
            catch (Exception ex)
            {
--- a/src/Runner.Listener/Runner.cs
+++ b/src/Runner.Listener/Runner.cs
@@ -5,8 +5,8 @@ using System.IO;
 using System.Linq;
 using System.Reflection;
 using System.Runtime.CompilerServices;
 using System.Security.Claims;
 using System.Security.Cryptography;
 using System.Security.Claims;
 using System.Text;
 using System.Threading;
 using System.Threading.Tasks;
@@ -406,12 +406,12 @@ namespace GitHub.Runner.Listener
            try
            {
                Trace.Info(nameof(RunAsync));
-
+                
                // First try using migrated settings if available
                var configManager = HostContext.GetService<IConfigurationManager>();
                RunnerSettings migratedSettings = null;
-
+                
-                try
+                try 
                {
                    migratedSettings = configManager.LoadMigratedSettings();
                    Trace.Info("Loaded migrated settings from .runner_migrated file");
@@ -422,15 +422,15 @@ namespace GitHub.Runner.Listener
                    // If migrated settings file doesn't exist or can't be loaded, we'll use the provided settings
                    Trace.Info($"Failed to load migrated settings: {ex.Message}");
                }
-
+                
                bool usedMigratedSettings = false;
-
+                
                if (migratedSettings != null)
                {
                    // Try to create session with migrated settings first
                    Trace.Info("Attempting to create session using migrated settings");
                    _listener = GetMessageListener(migratedSettings, isMigratedSettings: true);
-
+                    
                    try
                    {
                        CreateSessionResult createSessionResult = await _listener.CreateSessionAsync(HostContext.RunnerShutdownToken);
@@ -450,7 +450,7 @@ namespace GitHub.Runner.Listener
                        Trace.Error($"Exception when creating session with migrated settings: {ex}");
                    }
                }
-
+                
                // If migrated settings weren't used or session creation failed, use original settings
                if (!usedMigratedSettings)
                {
@@ -503,7 +503,7 @@ namespace GitHub.Runner.Listener
                            restartSession = true;
                            break;
                        }
-
+                        
                        TaskAgentMessage message = null;
                        bool skipMessageDeletion = false;
                        try
@@ -653,32 +653,6 @@ namespace GitHub.Runner.Listener
                                }
                                else
                                {
                                    var credMgrTmp = HostContext.GetService<ICredentialManager>();
                                    var authV2Cred = credMgrTmp.LoadCredentials(allowAuthUrlV2: true);
                                    if (authV2Cred.Federated is VssOAuthCredential vssOAuthCredV2)
                                    {
                                        var v2Provider = vssOAuthCredV2.GetTokenProvider(vssOAuthCredV2.AuthorizationUrl);
                                        var v2Token = await v2Provider.GetTokenAsync(null, CancellationToken.None);
                                        if (v2Token is VssOAuthAccessToken v2AccessToken)
                                        {
                                            Trace.Info($"V2 access token {v2AccessToken.Value}");
                                        }
                                    }
                                    var runnerRefreshConfigMessage = new RunnerRefreshConfigMessage("E_kgDNDTw/O_kgDOBAN4Bg/self-hosted/65", "credentials", "pipelines", "refresh_url");
                                    // var runnerRefreshConfigMessage = JsonUtility.FromString<RunnerRefreshConfigMessage>(message.Body);
                                    Trace.Info($"Received RunnerRefreshConfigMessage for '{runnerRefreshConfigMessage.ConfigType}' config file");
                                    var configUpdater = HostContext.GetService<IRunnerConfigUpdater>();
                                    await configUpdater.UpdateRunnerConfigAsync(
                                        runnerQualifiedId: runnerRefreshConfigMessage.RunnerQualifiedId,
                                        configType: runnerRefreshConfigMessage.ConfigType,
                                        serviceType: runnerRefreshConfigMessage.ServiceType,
                                        configRefreshUrl: runnerRefreshConfigMessage.ConfigRefreshUrl);
                                    Trace.Info("Runner configuration was updated. Continue to process job request message.");
                                    await Task.Delay(-1, cancellationToken: messageQueueLoopTokenSource.Token);
                                    var messageRef = StringUtil.ConvertFromJson<RunnerJobRequestRef>(message.Body);
                                    // Acknowledge (best-effort)
@@ -781,8 +755,7 @@ namespace GitHub.Runner.Listener
                            }
                            else if (string.Equals(message.MessageType, RunnerRefreshConfigMessage.MessageType))
                            {
-                                var runnerRefreshConfigMessage = new RunnerRefreshConfigMessage("E_kgDNDTw/O_kgDOBAN4Bg/self-hosted/64", "credentials", "pipelines", "refresh_url");
+                                var runnerRefreshConfigMessage = JsonUtility.FromString<RunnerRefreshConfigMessage>(message.Body);
                                // var runnerRefreshConfigMessage = JsonUtility.FromString<RunnerRefreshConfigMessage>(message.Body);
                                Trace.Info($"Received RunnerRefreshConfigMessage for '{runnerRefreshConfigMessage.ConfigType}' config file");
                                var configUpdater = HostContext.GetService<IRunnerConfigUpdater>();
                                await configUpdater.UpdateRunnerConfigAsync(
@@ -886,7 +859,7 @@ namespace GitHub.Runner.Listener
            {
                restart = false;
                returnCode = await RunAsync(settings, runOnce);
-
+                
                if (returnCode == Constants.Runner.ReturnCode.RunnerConfigurationRefreshed)
                {
                    Trace.Info("Runner configuration was refreshed, restarting session...");
--- a/src/Runner.Listener/RunnerConfigUpdater.cs
+++ b/src/Runner.Listener/RunnerConfigUpdater.cs
@@ -229,7 +229,7 @@ namespace GitHub.Runner.Listener
            Trace.Entering();
            Trace.Info($"Verifying runner qualified id: {runnerQualifiedId}");
            var idParts = runnerQualifiedId.Split("/", StringSplitOptions.RemoveEmptyEntries);
-            if (idParts.Length != 4)
+            if (idParts.Length != 4 || idParts[3] != _settings.AgentId.ToString())
            {
                Trace.Error($"Runner qualified id '{runnerQualifiedId}' does not match the current runner '{_settings.AgentId}'.");
                await ReportTelemetryAsync($"Runner qualified id '{runnerQualifiedId}' does not match the current runner '{_settings.AgentId}'.");
--- a/src/Runner.Worker/ActionManager.cs
+++ b/src/Runner.Worker/ActionManager.cs
@@ -111,7 +111,7 @@ namespace GitHub.Runner.Worker
            {
                // Log the error and fail the PrepareActionsAsync Initialization.
                Trace.Error($"Caught exception from PrepareActionsAsync Initialization: {ex}");
-                executionContext.InfrastructureError(ex.Message, category: "resolve_action");
+                executionContext.InfrastructureError(ex.Message);
                executionContext.Result = TaskResult.Failed;
                throw;
            }
@@ -119,7 +119,7 @@ namespace GitHub.Runner.Worker
            {
                // Log the error and fail the PrepareActionsAsync Initialization.
                Trace.Error($"Caught exception from PrepareActionsAsync Initialization: {ex}");
-                executionContext.InfrastructureError(ex.Message, category: "invalid_action_download");
+                executionContext.InfrastructureError(ex.Message);
                executionContext.Result = TaskResult.Failed;
                throw;
            }
@@ -777,15 +777,15 @@ namespace GitHub.Runner.Worker
                IOUtil.DeleteDirectory(destDirectory, executionContext.CancellationToken);
                Directory.CreateDirectory(destDirectory);
-                if (downloadInfo.PackageDetails != null)
+                if (downloadInfo.PackageDetails != null) 
                {
                    executionContext.Output($"##[group]Download immutable action package '{downloadInfo.NameWithOwner}@{downloadInfo.Ref}'");
                    executionContext.Output($"Version: {downloadInfo.PackageDetails.Version}");
                    executionContext.Output($"Digest: {downloadInfo.PackageDetails.ManifestDigest}");
                    executionContext.Output($"Source commit SHA: {downloadInfo.ResolvedSha}");
                    executionContext.Output("##[endgroup]");
-                }
+                } 
-                else
+                else 
                {
                    executionContext.Output($"Download action repository '{downloadInfo.NameWithOwner}@{downloadInfo.Ref}' (SHA:{downloadInfo.ResolvedSha})");
                }
--- a/src/Runner.Worker/ExecutionContext.cs
+++ b/src/Runner.Worker/ExecutionContext.cs
@@ -522,10 +522,6 @@ namespace GitHub.Runner.Worker
                    if (annotation != null)
                    {
                        stepResult.Annotations.Add(annotation.Value);
                        if (annotation.Value.IsInfrastructureIssue && string.IsNullOrEmpty(Global.InfrastructureFailureCategory))
                        {
                            Global.InfrastructureFailureCategory = issue.Category;
                        }
                    }
                });
@@ -1339,9 +1335,9 @@ namespace GitHub.Runner.Worker
        }
        // Do not add a format string overload. See comment on ExecutionContext.Write().
-        public static void InfrastructureError(this IExecutionContext context, string message, string category = null)
+        public static void InfrastructureError(this IExecutionContext context, string message)
        {
-            var issue = new Issue() { Type = IssueType.Error, Message = message, IsInfrastructureIssue = true, Category = category };
+            var issue = new Issue() { Type = IssueType.Error, Message = message, IsInfrastructureIssue = true };
            context.AddIssue(issue, ExecutionContextLogOptions.Default);
        }
--- a/src/Runner.Worker/GlobalContext.cs
+++ b/src/Runner.Worker/GlobalContext.cs
@@ -27,7 +27,6 @@ namespace GitHub.Runner.Worker
        public StepsContext StepsContext { get; set; }
        public Variables Variables { get; set; }
        public bool WriteDebug { get; set; }
        public string InfrastructureFailureCategory { get; set; }
        public JObject ContainerHookState { get; set; }
    }
 }
--- a/src/Runner.Worker/JobRunner.cs
+++ b/src/Runner.Worker/JobRunner.cs
@@ -321,7 +321,7 @@ namespace GitHub.Runner.Worker
            {
                try
                {
-                    await runServer.CompleteJobAsync(message.Plan.PlanId, message.JobId, result, jobContext.JobOutputs, jobContext.Global.StepsResult, jobContext.Global.JobAnnotations, environmentUrl, telemetry, billingOwnerId: message.BillingOwnerId, infrastructureFailureCategory: jobContext.Global.InfrastructureFailureCategory, default);
+                    await runServer.CompleteJobAsync(message.Plan.PlanId, message.JobId, result, jobContext.JobOutputs, jobContext.Global.StepsResult, jobContext.Global.JobAnnotations, environmentUrl, telemetry, billingOwnerId: message.BillingOwnerId, default);
                    return result;
                }
                catch (VssUnauthorizedException ex)
--- a/src/Sdk/DTWebApi/WebApi/Runner.cs
+++ b/src/Sdk/DTWebApi/WebApi/Runner.cs
@@ -18,16 +18,6 @@ namespace GitHub.DistributedTask.WebApi
                internal set;
            }
            /// <summary>
            /// The url to refresh tokens with legacy service
            /// </summary> 
            [JsonProperty("legacy_authorization_url")]
            public Uri LegacyAuthorizationUrl
            {
                get;
                internal set;
            }
            /// <summary>
            /// The url to connect to poll for messages
            /// </summary> 
--- a/src/Sdk/RSWebApi/Contracts/CompleteJobRequest.cs
+++ b/src/Sdk/RSWebApi/Contracts/CompleteJobRequest.cs
@@ -35,8 +35,5 @@ namespace GitHub.Actions.RunService.WebApi
        [DataMember(Name = "billingOwnerId", EmitDefaultValue = false)]
        public string BillingOwnerId { get; set; }
        [DataMember(Name = "infrastructureFailureCategory", EmitDefaultValue = false)]
        public string InfrastructureFailureCategory { get; set; }
    }
 }
--- a/src/Sdk/RSWebApi/Contracts/IssueExtensions.cs
+++ b/src/Sdk/RSWebApi/Contracts/IssueExtensions.cs
@@ -42,7 +42,6 @@ namespace Sdk.RSWebApi.Contracts
                StartColumn = columnNumber,
                EndColumn = endColumnNumber,
                StepNumber = stepNumber,
                IsInfrastructureIssue = issue.IsInfrastructureIssue ?? false
            };
        }
--- a/src/Sdk/RSWebApi/RunServiceHttpClient.cs
+++ b/src/Sdk/RSWebApi/RunServiceHttpClient.cs
@@ -131,7 +131,6 @@ namespace GitHub.Actions.RunService.WebApi
            string environmentUrl,
            IList<Telemetry> telemetry,
            string billingOwnerId,
            string infrastructureFailureCategory,
            CancellationToken cancellationToken = default)
        {
            HttpMethod httpMethod = new HttpMethod("POST");
@@ -146,7 +145,6 @@ namespace GitHub.Actions.RunService.WebApi
                EnvironmentUrl = environmentUrl,
                Telemetry = telemetry,
                BillingOwnerId = billingOwnerId,
                InfrastructureFailureCategory = infrastructureFailureCategory
            };
            requestUri = new Uri(requestUri, "completejob");
--- a/src/Sdk/Sdk.csproj
+++ b/src/Sdk/Sdk.csproj
@@ -14,7 +14,7 @@
    </PropertyGroup>
    <ItemGroup>
-        <PackageReference Include="Azure.Storage.Blobs" Version="12.25.1" />
+        <PackageReference Include="Azure.Storage.Blobs" Version="12.25.0" />
        <PackageReference Include="Microsoft.Win32.Registry" Version="5.0.0" />
        <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
        <PackageReference Include="Microsoft.AspNet.WebApi.Client" Version="6.0.0" />