chore: update actions versions, use frozen bun lockfile

[DaxServer]

Summary by CodeRabbit

• Chores
  • Updated CI/CD workflows to use latest tool versions for improved reliability and consistency.
  • Enhanced dependency installation with stricter version locking to ensure reproducible builds.

[coderabbitai]

Walkthrough

Updated GitHub Actions workflow configurations to use newer action versions (checkout v5, setup-bun v2) and enforced reproducible dependency installation by adding the --frozen-lockfile flag to bun install commands.

Changes

Cohort / File(s)	Summary
GitHub Actions workflow updates .github/workflows/ci.yml, .github/workflows/publish.yml	Updated actions/checkout from v4 to v5 and oven-sh/setup-bun from v1 to v2; added --frozen-lockfile flag to bun install for reproducible dependency resolution

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 With burrow-fresh actions and lockfiles so tight,
Our workflows now bundle with bun in their might!
From v4 to v5, the versions take flight,
While frozen-lock magic keeps builds just right! ✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The PR title "chore: update actions versions, use frozen bun lockfile" directly and accurately reflects the main changes in the changeset. Both workflow files (ci.yml and publish.yml) are updated with newer GitHub Actions versions (checkout v4→v5, setup-bun v1→v2) and the --frozen-lockfile flag is added to bun install commands. The title is concise, specific, and clearly communicates the primary purpose of the changes without vague language or unnecessary details.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 72a0472 and d488c49.

📒 Files selected for processing (2)

• .github/workflows/ci.yml (1 hunks)
• .github/workflows/publish.yml (2 hunks)

🔇 Additional comments (2)

.github/workflows/ci.yml (1)

14-14: Consistency maintained across workflows.

The same action version upgrades and --frozen-lockfile flag are applied consistently across both CI and publish workflows, which aligns well with maintaining uniformity in dependency management.

Also applies to: 17-17, 22-22

.github/workflows/publish.yml (1)

24-24: All upgrades verified as current best practices.

The latest major release of actions/checkout is v5, and oven-sh/setup-bun@v2 is available. The --frozen-lockfile flag is the documented syntax for bun across versions. These changes properly upgrade to current stable versions and use correct syntax for reproducible builds. No breaking change concerns identified.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}