Upgrade GitHub Actions to latest versions

[salmanmkc]

Bumps GitHub Actions to their latest versions for bug fixes and security patches.

Changes

Action	Old Version(s)	New Version	Compare	Files
astral-sh/setup-uv	v4	v7	Diff	code-cleanup.yml
crazy-max/ghaction-github-runtime	v3	v4	Diff	_docker-build-template.yml, action.yml, docker.yml
docker/build-push-action	v6	v7	Diff	_docker-build-template.yml, action.yml, docker.yml
docker/login-action	v3	v4	Diff	_docker-build-template.yml, action.yml, docker.yml
docker/setup-buildx-action	v3	v4	Diff	_docker-build-template.yml, action.yml, docker.yml
dorny/paths-filter	v3	v4	Diff	docker.yml
stefanzweifel/git-auto-commit-action	v5	v7	Diff	code-cleanup.yml

Breaking Changes

• docker/setup-buildx-action (v3 → v4):
  • 🗑️ Input install was removed in the new version and has been cleaned up from the workflow

Notes

Worth running the workflows on a branch before merging to make sure everything still works.

[greptile-apps]

Greptile Summary

This PR bumps 7 GitHub Actions to their latest major versions across 4 CI workflow files, primarily for Node.js runtime updates and security patches. The changes are straightforward version bumps.

• Key issue: The docker/setup-buildx-action was upgraded from v3 to v4, which removed the install input. The PR description acknowledges this breaking change but the install: true lines were not actually removed from any of the 3 affected files (action.yml, _docker-build-template.yml, docker.yml). This means install is silently ignored in v4, potentially changing build behavior.
• dorny/paths-filter@v4, docker/login-action@v4, docker/build-push-action@v7, crazy-max/ghaction-github-runtime@v4, astral-sh/setup-uv@v7, and stefanzweifel/git-auto-commit-action@v7 are all valid version bumps with no issues identified.
• Several of the upgraded actions (setup-buildx-action v4, paths-filter v4) now require Node 24 runtime, which requires Actions Runner v2.327.1+. Since this repo uses self-hosted runners, it's worth verifying the runner version is compatible before merging.

Confidence Score: 3/5

• This PR has an incomplete breaking change cleanup that should be addressed before merging.
• The version bumps themselves are correct, but the PR description claims the removed install input "has been cleaned up from the workflow" when it hasn't been. This is a discrepancy between intent and implementation that could affect Docker build behavior. With the install: true lines removed and runner compatibility verified, this would be a 5/5.
• action.yml, _docker-build-template.yml, and docker.yml all still contain the deprecated install: true input for docker/setup-buildx-action@v4

Important Files Changed

Filename	Overview
.github/actions/docker-build/action.yml	Bumps docker actions to v4/v7. Still contains the deprecated install: true input for setup-buildx-action@v4 which was removed in v4.
.github/workflows/_docker-build-template.yml	Bumps docker actions to v4/v7. Still contains deprecated install: true input for setup-buildx-action@v4.
.github/workflows/code-cleanup.yml	Clean version bumps for astral-sh/setup-uv (v4→v7) and stefanzweifel/git-auto-commit-action (v5→v7). No issues found.
.github/workflows/docker.yml	Bumps docker actions and dorny/paths-filter to latest versions. Still contains deprecated install: true input for setup-buildx-action@v4.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["docker.yml"] -->|"calls"| B["_docker-build-template.yml"]
    A -->|"navigation job"| C["docker/setup-buildx-action v4"]
    B --> C
    D["action.yml composite"] --> C
    C -->|"install: true IGNORED"| E["Buildx Setup"]
    E --> F["docker/build-push-action v7"]
    A -->|"check-changes"| G["dorny/paths-filter v4"]
    H["code-cleanup.yml"] --> I["astral-sh/setup-uv v7"]
    H --> J["git-auto-commit-action v7"]
    style C fill:#ff9800,stroke:#e65100,color:#000
    style E fill:#fff3e0,stroke:#e65100,color:#000

Loading

_{Last reviewed commit: c009bda}

[greptile-apps]

install input removed in v4

The docker/setup-buildx-action@v4 removed the deprecated install input (see PR #464 in the setup-buildx-action repo). The PR description even notes this as a breaking change and states it "has been cleaned up from the workflow," but install: true is still present here. Other projects upgrading to v4 have confirmed the warning: Unexpected input(s) 'install', valid inputs are ['version', 'driver', 'driver-opts', 'buildkitd-flags', 'buildkitd-config', 'buildkitd-config-inline', 'use', 'name', 'endpoint', 'platforms', 'append', 'keep-state', 'cache-binary', 'cleanup'].

While GitHub Actions won't fail on unknown inputs, the install flag is now silently ignored, so buildx may not be installed as the default docker build command, which could change build behavior.

This same issue exists in all three files that use docker/setup-buildx-action@v4:

• .github/actions/docker-build/action.yml:46
• .github/workflows/_docker-build-template.yml:135
• .github/workflows/docker.yml:177

Suggested change

	driver: docker-container
	install: true
	use: true
	use: true