Update workflows and configs for dependency and action versions

Pinned GitHub Actions to specific commit SHAs in build, deploy, CodeQL, and super-linter workflows for improved security and reproducibility. Updated Bootstrap version reference in Copilot instructions to v5.3.8. Added 'withastro' to cspell dictionary and referenced content.d.ts in Astro types. Removed unused linter validation in super-linter workflow.

Author: coliff

.astro/types.d.ts

@@ -1 +1,2 @@
 /// <reference types="astro/client" />
+/// <reference path="content.d.ts" />

.cspell.json

@@ -6,6 +6,7 @@
     "Merbivore",
     "Monokai",
     "SARIF",
+    "withastro",
     "ZIZMOR"
   ],
   "allowCompoundWords": true,

.github/copilot-instructions.md

@@ -5,7 +5,7 @@
 - All code should be formatted with Prettier.
 - Use ESLint v8.57.1 to check for JavaScript errors.
 - Node v22 is used for development.
-- Use Bootstrap v5.3.7 for styling.
+- Use Bootstrap v5.3.8 for styling.
 - Use latest Astro for building the website.
 - Locally host JS/CSS - don't use third-party CDNs.
 - All HTML must be accessible.

.github/workflows/build.yml

@@ -18,9 +18,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: ⬇️ Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: false
+
       - name: Install, build, and upload your site
-        uses: withastro/action@v4
+        uses: withastro/action@77fad83745446cf039d76af7037b782f1af80749 # v4.1.0
 
   deploy:
     needs: build
@@ -31,4 +34,4 @@ jobs:
     steps:
       - name: Deploy to GitHub Pages
         id: deployment
-        uses: actions/deploy-pages@v4
+        uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5

.github/workflows/codeql-analysis.yml

@@ -27,10 +27,10 @@ jobs:
           persist-credentials: false
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1
         with:
           languages: 'javascript'
           queries: +security-and-quality
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1

.github/workflows/super-linter.yml

@@ -30,7 +30,7 @@ jobs:
           persist-credentials: false
 
       - name: Super-linter
-        uses: super-linter/super-linter/slim@v8.1.0
+        uses: super-linter/super-linter/slim@ffde3b2b33b745cb612d787f669ef9442b1339a6 # v8.1.0.1.0
         env:
           DEFAULT_BRANCH: main
           FILTER_REGEX_EXCLUDE: '/test/'
@@ -45,7 +45,6 @@ jobs:
           VALIDATE_CSS: false
           VALIDATE_EDITORCONFIG: false
           VALIDATE_GIT_COMMITLINT: false
-          VALIDATE_GITHUB_ACTIONS_ZIZMOR: false
           VALIDATE_HTML_PRETTIER: false
           VALIDATE_JAVASCRIPT_PRETTIER: false
           VALIDATE_JSON_PRETTIER: false