Bump GitHub Actions to latest major versions

[tomusdrw]

Summary

• Upgrades every GitHub Action used across .github/workflows/ to the latest major release.
• All bumps are major version jumps (some skip multiple majors, e.g. upload-artifact v4 → v7).

Action	Before	After
actions/checkout	v4	v6
actions/upload-artifact	v4	v7
actions/setup-node	v4	v6
actions/upload-pages-artifact	v3	v5
actions/deploy-pages	v4	v5
docker/setup-buildx-action	v3	v4
docker/build-push-action	v5	v7
docker/login-action	v3	v4
oven-sh/setup-bun	v1	v2
peaceiris/actions-mdbook	v1	v2

Things to watch

• actions/upload-artifact@v7 requires unique artifact names per run (immutable artifacts model from v4 onward). Each docker build workflow uploads exactly once, so this should be fine.
• docker/build-push-action@v7 enables provenance/SBOM attestations by default; pushed ghcr.io images will now carry attestation manifests.
• oven-sh/setup-bun@v2 and peaceiris/actions-mdbook@v2 still accept the existing inputs (bun-version, mdbook-version) used here.

Test plan

• Quality Assurance workflow passes on this PR
• Build - Docker - Ajanta / Jade / JAM SDK / polkajam workflows pass (they trigger on PRs)
• Docs workflow build job passes on this PR
• After merge: confirm release-prepare workflow still works on the next release

🤖 Generated with Claude Code

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR updates GitHub Actions to newer major versions across all CI/CD workflows in the repository. Checkouts move to v6, Docker actions to v4–v7, Bun and Node setup tools to v2 and v6 respectively, artifact uploads to v7, and documentation deployment actions to v5. All existing workflow logic, build configuration, tagging schemes, and conditional execution remain unchanged.

Changes

Docker Build Workflows

Layer / File(s)	Summary
Docker build action versions .github/workflows/build-docker-ajanta.yml, .github/workflows/build-docker-jade.yml, .github/workflows/build-docker-jam-sdk.yml, .github/workflows/build-docker-polkajam.yml	actions/checkout bumped to v6 in all checkout steps; docker/setup-buildx-action updated to v4; docker/build-push-action updated to v7 for test and push builds; docker/login-action updated to v4; actions/upload-artifact updated to v7. Build arguments, image tagging, cache settings, and conditional push logic preserved.

NPM, QA, and Release Workflows

Layer / File(s)	Summary
Tool setup action versions .github/workflows/publish-npm-cli.yml, .github/workflows/publish-npm-sdk.yml, .github/workflows/qa.yml, .github/workflows/release-prepare.yml	actions/checkout bumped to v6; oven-sh/setup-bun updated to v2; actions/setup-node updated to v6 (where used). Bun version, Node version, and registry configuration remain unchanged.

Documentation Workflow

Layer / File(s)	Summary
Documentation action versions .github/workflows/docs.yml	actions/checkout updated to v6; peaceiris/actions-mdbook updated to v2; actions/upload-pages-artifact and actions/deploy-pages both updated to v5. Build command and artifact paths unchanged.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• FluffyLabs/jammin#83: Updates action versions in the same Ajanta Docker build workflow.
• FluffyLabs/jammin#30: Adds JAM SDK Docker build infrastructure that is now receiving action version updates in this PR.
• FluffyLabs/jammin#40: Introduces the Jade Docker build workflow that receives action version updates in this PR.

Suggested reviewers

• mateuszsikora
• skoszuta

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and accurately summarizes the main change: upgrading GitHub Actions to latest major versions across all workflows.
Description check	✅ Passed	The description is well-detailed and directly related to the changeset, providing a comprehensive table of version bumps, important caveats, and a clear test plan.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch td-bump-gha-versions

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/build-docker-ajanta.yml:
- Around line 39-42: The checkout step using actions/checkout@v6 is
non-deterministic because it omits a specific ref; update the step that
references repository: jammin-create/jammin-create-ajanta to include a pinned
ref (a specific tag or commit SHA) by adding a ref field with the chosen
tag/SHA, and apply the same change to the equivalent checkout steps in
.github/workflows/build-docker-jade.yml and
.github/workflows/build-docker-jam-sdk.yml so all external example repositories
are checked out deterministically.

In @.github/workflows/build-docker-polkajam.yml:
- Line 17: The workflow uses floating action tags like "actions/checkout@v6"
(and other "uses:" entries at the indicated locations) which should be pinned to
immutable commit SHAs: replace each "uses: owner/repo@vN" with the corresponding
"uses: owner/repo@<40-char-SHA>" while preserving any "# vN" comment for
readability/update tooling; update every "uses:" occurrence (including the ones
called out at lines 26, 29, 48, 56, 64) to reference the full SHA and ensure the
comments remain to indicate the human-friendly version.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: b1700d47-c458-4562-87e1-058d80bc448a

📥 Commits

Reviewing files that changed from the base of the PR and between 6618cb3 and 5987f4b.

📒 Files selected for processing (9)

• .github/workflows/build-docker-ajanta.yml
• .github/workflows/build-docker-jade.yml
• .github/workflows/build-docker-jam-sdk.yml
• .github/workflows/build-docker-polkajam.yml
• .github/workflows/docs.yml
• .github/workflows/publish-npm-cli.yml
• .github/workflows/publish-npm-sdk.yml
• .github/workflows/qa.yml
• .github/workflows/release-prepare.yml