ci(deps): update actions to latest versions

[mbhall88]

Summary by CodeRabbit

• Chores
  • Updated CI/CD workflows with newer action versions and improved Python toolchain setup.
  • Upgraded build automation tools for enhanced reliability and maintainability.

[coderabbitai]

Warning

Rate limit exceeded

@mbhall88 has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 47 minutes and 54 seconds before requesting another review.

To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: aae32d43-f743-4729-a536-5245b78bc390

📥 Commits

Reviewing files that changed from the base of the PR and between c01c5c6 and 79a0cf4.

📒 Files selected for processing (3)

• .github/workflows/ci.yaml
• .github/workflows/conventional-prs.yaml
• .github/workflows/release-please.yaml

📝 Walkthrough

Walkthrough

These GitHub Actions workflow updates modernize Python toolchain setup and upgrade action versions. Changes replace traditional Python setup with uv-based installation, upgrade codecov and release-please actions to newer versions, and add caching capabilities.

Changes

Cohort / File(s)	Summary
CI/CD Workflow Updates .github/workflows/ci.yaml, .github/workflows/release-please.yaml	Replaced actions/setup-python@v6 and astral-sh/setup-uv@v7 with cached setup-uv and explicit uv python install commands. Upgraded codecov-action@v5 to @v6 and googleapis/release-please-action@v4 to @v5.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: updating GitHub Actions to latest versions (setup-python, setup-uv, codecov-action, release-please-action).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 47 minutes and 54 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 96.52%. Comparing base (0096e1b) to head (79a0cf4).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #291   +/-   ##
=======================================
  Coverage   96.52%   96.52%           
=======================================
  Files          12       12           
  Lines        1497     1497           
  Branches      309      309           
=======================================
  Hits         1445     1445           
  Misses         24       24           
  Partials       28       28           

Flag	Coverage Δ
unittests	96.45% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/ci.yaml:
- Line 46: The workflow currently references the mutable tag "uses:
codecov/codecov-action@v6"; replace this with an immutable commit SHA (e.g.,
"uses: codecov/codecov-action@61d526b17970389421d731e68ebbe2a06b5e88e8") so the
CI step is pinned to a specific commit, updating the action reference in the
workflow to use the provided commit SHA instead of the major tag.

In @.github/workflows/release-please.yaml:
- Line 13: Replace the mutable tag for the GitHub Action usage of release-please
by pinning googleapis/release-please-action to a specific commit SHA instead of
the v5 tag; update the line that currently uses
"googleapis/release-please-action@v5" so it references the full commit SHA for
that action (matching the security posture used for astral-sh/setup-uv),
ensuring the uses: entry points to the exact commit.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 5999c5b5-b6b7-4a39-b753-f32d78fa5ee8

📥 Commits

Reviewing files that changed from the base of the PR and between 0096e1b and c01c5c6.

📒 Files selected for processing (2)

• .github/workflows/ci.yaml
• .github/workflows/release-please.yaml