fix(ci): corrige versões inválidas de GitHub Actions — CI voltando a rodar

[adm01-debug]

Problema

Todos os jobs de CI estavam silenciosamente não executando porque os workflows referenciavam versões de Actions que não existem no marketplace do GitHub:

Action	Versão usada	Versão correta
actions/checkout	@v6	@v4
actions/setup-node	@v6	@v4
actions/upload-artifact	@v7	@v4
denoland/setup-deno	@v2	@v1 (com deno-version: v2.x)

Com versões inválidas, o GitHub não conseguia encontrar as actions e nenhum job de CI executava — nenhum check aparecia nos PRs, tornando impossível validar qualquer mudança.

Solução

Substituição das versões inválidas pelas versões estáveis mais recentes em todos os 6 workflows afetados:

• .github/workflows/ci.yml
• .github/workflows/e2e.yml
• .github/workflows/branch-protection-sentinel.yml
• .github/workflows/codeql.yml
• .github/workflows/security.yml
• .github/workflows/deploy-edge-functions.yml

Plano de testes

• Jobs de CI aparecem e executam no próximo PR aberto contra main
• Job Edge Functions — Deno typecheck executa sem falha imediata
• Vercel build continua funcionando normalmente (não afetado por esta mudança)

https://claude.ai/code/session_01WcZw7BgEJPoKKTsfrQaMfh

---

Generated by Claude Code

---

Summary by cubic

Corrige versões inválidas de GitHub Actions que impediam a CI de rodar. A CI volta a executar e os checks voltam a aparecer nos PRs.

• Bug Fixes
  • Atualiza ações para versões suportadas: actions/checkout@v4, actions/setup-node@v4, actions/upload-artifact@v4, denoland/setup-deno@v1 (com deno-version: v2.x).
  • Aplica a correção nos workflows: .github/workflows/ci.yml, e2e.yml, branch-protection-sentinel.yml, codeql.yml, security.yml, deploy-edge-functions.yml.

^{Written for commit 43083f4. Summary will update on new commits.}

Summary by CodeRabbit

Chores

• Atualização de ações do GitHub: Versões de ações dos workflows foram atualizadas para versões anteriores (actions/checkout de v6 para v4, actions/setup-node de v6 para v4, actions/upload-artifact de v7 para v4, e denoland/setup-deno de v2 para v1) em múltiplos pipelines de CI/CD, mantendo a funcionalidade existente intacta.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
promo-gifts	Ready	Preview, Comment	May 14, 2026 4:55pm

[supabase]

This pull request has been ignored for the connected project doufsxqlfjyuvxuezpln because there are no changes detected in supabase directory. You can change this behaviour in Project Integrations Settings ↗︎.

---

Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: e37c34bc-cd5a-47fd-a158-fe16e70fcffd

📥 Commits

Reviewing files that changed from the base of the PR and between 3469087 and 43083f4.

📒 Files selected for processing (6)

• .github/workflows/branch-protection-sentinel.yml
• .github/workflows/ci.yml
• .github/workflows/codeql.yml
• .github/workflows/deploy-edge-functions.yml
• .github/workflows/e2e.yml
• .github/workflows/security.yml

---

Walkthrough

Este PR realiza downgrade de versões em ações do GitHub Actions em múltiplos workflows. Downgrades consistentes: actions/checkout de v6 para v4, actions/setup-node de v6 para v4, actions/upload-artifact de v7 para v4, e denoland/setup-deno de v2 para v1. Sem mudanças na lógica dos testes ou deployments.

Changes

GitHub Actions workflow version downgrades

Layer / File(s)	Summary
Downgrade actions/checkout (v6 → v4) .github/workflows/branch-protection-sentinel.yml, .github/workflows/ci.yml, .github/workflows/codeql.yml, .github/workflows/deploy-edge-functions.yml, .github/workflows/e2e.yml, .github/workflows/security.yml	Checkout action downgrade aplicado em branch-protection-sentinel, múltiplos jobs do ci (smoke, quality, integration-tests, critical-e2e, ref-warning-suite, hooks-tests, price-freshness-tests, cloud-status-tests, theme-validation), codeql, deploy-edge-functions (list-functions e deploy) e security.
Downgrade actions/setup-node e actions/upload-artifact .github/workflows/ci.yml, .github/workflows/e2e.yml	Setup-node downgrade (v6→v4) em smoke, quality, integration-tests, critical-e2e, ref-warning-suite, hooks-tests, price-freshness-tests, cloud-status-tests, theme-validation e e2e. Upload-artifact downgrade (v7→v4) em integration-tests, critical-e2e, ref-warning-suite, hooks-tests, price-freshness-tests, cloud-status-tests, theme-validation, playwright-report, e2e-smoke-summary, e2e-feature-summary e e2e-evidence.
Downgrade denoland/setup-deno (v2 → v1) .github/workflows/ci.yml	Deno setup downgrade no job edge-functions-typecheck, mantendo a versão v2.x especificada em deno-version.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• adm01-debug/Promo_Gifts#145: Ambos os PRs modificam .github/workflows/deploy-edge-functions.yml, especificamente versões de actions/checkout nos jobs list-functions e deploy.
• adm01-debug/Promo_Gifts#91: Ambos os PRs alteram a versão de actions/checkout nos mesmos workflows e steps (branch-protection-sentinel.yml, security.yml e outros).

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/fix-vercel-bundle-size-ci2St

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

Corrige referências inválidas de versões de GitHub Actions nos workflows, permitindo que CI, E2E, CodeQL, segurança e deploy voltem a ser resolvidos pelo GitHub Actions.

Changes:

• Substitui actions/checkout, actions/setup-node e actions/upload-artifact por @v4.
• Substitui denoland/setup-deno@v2 por @v1 mantendo deno-version: v2.x.
• Aplica a correção nos workflows afetados.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
.github/workflows/security.yml	Atualiza checkout no job de Gitleaks.
.github/workflows/e2e.yml	Atualiza checkout, setup-node e uploads de artefatos do Playwright/E2E.
.github/workflows/deploy-edge-functions.yml	Atualiza checkout nos jobs de detecção e deploy de edge functions.
.github/workflows/codeql.yml	Atualiza checkout no workflow de análise CodeQL.
.github/workflows/ci.yml	Atualiza ações de checkout, Node, upload de artefatos e setup do Deno nos jobs de CI.
.github/workflows/branch-protection-sentinel.yml	Atualiza checkout no workflow sentinela de proteção da branch.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.