Upgrade GitHub Actions to latest versions

[salmanmkc]

Summary

Upgrade GitHub Actions to their latest versions for improved features, bug fixes, and security updates.

Changes

Action	Old Version(s)	New Version	Release	Files
pnpm/action-setup	v2	v4	Release	v3-ci.yml

Why upgrade?

Keeping GitHub Actions up to date ensures:

• Security: Latest security patches and fixes
• Features: Access to new functionality and improvements
• Compatibility: Better support for current GitHub features
• Performance: Optimizations and efficiency improvements

⚠️ Breaking Changes

• pnpm/action-setup (v2 → v4): Major version upgrade — review the release notes for breaking changes

Security Note

Actions that were previously pinned to commit SHAs remain pinned to SHAs (updated to the latest release SHA) to maintain the security benefits of immutable references.

Testing

These changes only affect CI/CD workflow configurations and should not impact application functionality. The workflows should be tested by running them on a branch before merging.

[bono-bot]

Code Review: PR #1249

Verdict: ✅ APPROVE

Clean and focused PR. Single dependency bump, no scope creep.

---

What it does

Bumps pnpm/action-setup from v2 → v4 in 4 places across .github/workflows/v3-ci.yml (build, test, lint, and type-check jobs).

Review

• All 4 occurrences updated consistently
• pnpm/action-setup@v4 is the current latest stable version
• The version: ${{ env.PNPM_VERSION }} parameter is preserved, which is compatible with v4
• No security concerns

Minor note

The PR description mentions SHA pinning, but the actual diff uses tag references (@v4), not SHA pins. This is fine but worth noting for consistency with the description. PR #1248 from the same author may be the SHA-pinned variant.

---

🤖 Review by Claude Code