diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
index 93990f5a..9b62626c 100644
--- a/.github/workflows/cd.yml
+++ b/.github/workflows/cd.yml
@@ -204,7 +204,7 @@ jobs:
         # kubectl scale rs -n wifi-densepose -l app=wifi-densepose,version!=green --replicas=0
 
     - name: Upload deployment artifacts
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v7
       with:
         name: production-deployment-${{ github.run_number }}
         path: |
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 3bfd7269..3542a12a 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -67,7 +67,7 @@ jobs:
 
     - name: Upload security reports
       continue-on-error: true
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
       if: always()
       with:
         name: security-reports
@@ -232,7 +232,7 @@ jobs:
 
     - name: Upload test results
       continue-on-error: true
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
       if: always()
       with:
         name: test-results-${{ matrix.python-version }}
@@ -292,7 +292,7 @@ jobs:
 
     - name: Upload performance results
       if: always()
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
       with:
         name: performance-results
         path: archive/v1/perf-junit.xml
diff --git a/.github/workflows/cog-ha-matter-release.yml b/.github/workflows/cog-ha-matter-release.yml
index 05f12716..1128081f 100644
--- a/.github/workflows/cog-ha-matter-release.yml
+++ b/.github/workflows/cog-ha-matter-release.yml
@@ -64,7 +64,7 @@ jobs:
           echo "Signed cog-ha-matter-x86_64 ($(wc -c < dist/cog-ha-matter-x86_64.sig) bytes)"
 
       - name: Upload workflow artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: cog-ha-matter-x86_64
           path: |
@@ -126,7 +126,7 @@ jobs:
           echo "Signed cog-ha-matter-arm ($(wc -c < dist/cog-ha-matter-arm.sig) bytes)"
 
       - name: Upload workflow artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: cog-ha-matter-arm
           path: |
diff --git a/.github/workflows/desktop-release.yml b/.github/workflows/desktop-release.yml
index b9eee658..de31924d 100644
--- a/.github/workflows/desktop-release.yml
+++ b/.github/workflows/desktop-release.yml
@@ -72,7 +72,7 @@ jobs:
           zip -r "RuView-Desktop-${{ github.event.inputs.version || '0.4.0' }}-macos-${{ steps.arch.outputs.arch }}.zip" "RuView Desktop.app"
 
       - name: Upload macOS artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: ruview-macos-${{ steps.arch.outputs.arch }}
           path: v2/target/${{ matrix.target }}/release/bundle/macos/*.zip
@@ -111,13 +111,13 @@ jobs:
           TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
 
       - name: Upload Windows MSI artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: ruview-windows-msi
           path: v2/target/release/bundle/msi/*.msi
 
       - name: Upload Windows NSIS artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: ruview-windows-nsis
           path: v2/target/release/bundle/nsis/*.exe
diff --git a/.github/workflows/firmware-ci.yml b/.github/workflows/firmware-ci.yml
index 16ece4fb..f1e017c0 100644
--- a/.github/workflows/firmware-ci.yml
+++ b/.github/workflows/firmware-ci.yml
@@ -163,7 +163,7 @@ jobs:
           echo "See: https://github.com/espressif/qemu/wiki"
 
       - name: Upload firmware artifact (${{ matrix.variant }})
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: esp32-csi-node-firmware-${{ matrix.variant }}
           path: firmware/esp32-csi-node/release-staging/
diff --git a/.github/workflows/firmware-qemu.yml b/.github/workflows/firmware-qemu.yml
index 8bc08220..f10be0fb 100644
--- a/.github/workflows/firmware-qemu.yml
+++ b/.github/workflows/firmware-qemu.yml
@@ -73,7 +73,7 @@ jobs:
           echo "QEMU binary size: $(file_size /opt/qemu-esp32/bin/qemu-system-xtensa) bytes"
 
       - name: Upload QEMU artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: qemu-esp32
           path: /opt/qemu-esp32/
@@ -201,7 +201,7 @@ jobs:
 
       - name: Upload test logs
         if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: qemu-logs-${{ matrix.nvs_config }}
           path: |
@@ -249,7 +249,7 @@ jobs:
 
       - name: Upload fuzz artifacts
         if: failure()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: fuzz-crashes
           path: |
@@ -362,7 +362,7 @@ jobs:
 
       - name: Upload swarm results
         if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: swarm-results
           path: |
diff --git a/.github/workflows/fix-regression-guard.yml b/.github/workflows/fix-regression-guard.yml
index d69e65d1..14f0698c 100644
--- a/.github/workflows/fix-regression-guard.yml
+++ b/.github/workflows/fix-regression-guard.yml
@@ -47,7 +47,7 @@ jobs:
 
       - name: Upload result artifact
         if: always()
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v7
         with:
           name: fix-markers-result
           path: fix-markers-result.json
diff --git a/.github/workflows/pip-release.yml b/.github/workflows/pip-release.yml
index c985b07a..73f8071a 100644
--- a/.github/workflows/pip-release.yml
+++ b/.github/workflows/pip-release.yml
@@ -107,7 +107,7 @@ jobs:
           package-dir: python
           output-dir: wheelhouse
 
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
         with:
           name: wheels-${{ matrix.os }}-${{ matrix.arch }}
           path: wheelhouse/*.whl
@@ -126,7 +126,7 @@ jobs:
       - name: Build sdist
         working-directory: python
         run: maturin sdist --out ../sdist
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
         with:
           name: sdist
           path: sdist/*.tar.gz
@@ -203,7 +203,7 @@ jobs:
             exit 1
           fi
           echo "Tombstone wheel correctly raises ImportError with migration URL."
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
         with:
           name: tombstone
           path: tombstone-dist/*
diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index 6cfb4520..979723d8 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -139,7 +139,7 @@ jobs:
 
     - name: Upload vulnerability reports
       continue-on-error: true
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
       if: always()
       with:
         name: vulnerability-reports
@@ -363,7 +363,7 @@ jobs:
 
     - name: Upload license report
       continue-on-error: true
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
       with:
         name: license-report
         path: licenses.json
@@ -451,7 +451,7 @@ jobs:
 
     - name: Upload security summary
       continue-on-error: true
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
       with:
         name: security-summary
         path: security-summary.md