ci: Bump the gh-actions group with 4 updates

[dependabot]

Bumps the gh-actions group with 4 updates: actions/download-artifact, marocchino/sticky-pull-request-comment, release-drafter/release-drafter and Swatinem/rust-cache.

Updates actions/download-artifact from 8.0.0 to 8.0.1

Release notes

Sourced from actions/download-artifact's releases.

v8.0.1

What's Changed

• Support for CJK characters in the artifact name by @​danwkennedy in actions/download-artifact#471
• Add a regression test for artifact name + content-type mismatches by @​danwkennedy in actions/download-artifact#472

Full Changelog: actions/download-artifact@v8...v8.0.1

Commits

• 3e5f45b Add regression tests for CJK characters (#471)
• e6d03f6 Add a regression test for artifact name + content-type mismatches (#472)
• See full diff in compare view

Updates marocchino/sticky-pull-request-comment from 2.9.4 to 3.0.2

Release notes

Sourced from marocchino/sticky-pull-request-comment's releases.

v3.0.2

What's Changed

• Add comprehensive tests for main.ts covering all branches by @​Copilot in marocchino/sticky-pull-request-comment#1660
• Don't create a comment with hide: true by @​marocchino in marocchino/sticky-pull-request-comment#1661

Full Changelog: marocchino/sticky-pull-request-comment@v3.0.1...v3.0.2

v3.0.1

What's Changed

• Update deps
• Change build system from ncc to rollup
• Use pull_request trigger in github action

Full Changelog: marocchino/sticky-pull-request-comment@v3.0.0...v3.0.1

v3.0.0

What's Changed

• Update node to 24
• Update deps

New Contributors

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.4...v3.0.0

Commits

• 70d2764 📦️ Build
• 308b2fd Don't create a comment with hide: true (#1661)
• 3bbec31 Add comprehensive tests for main.ts covering all branches (#1660)
• aaf6178 🔖 Version bump (#1658)
• 7d67ef6 👷 Use pull_request
• 1ed3d7b ⬆️ Update deps
• 46a16ec build(deps-dev): Bump @​types/node from 24.5.2 to 25.0.3 (#1646)
• 0a36b9e build(deps): Bump @​actions/core from 1.11.1 to 2.0.2 (#1649)
• 74297c9 build(deps-dev): Bump @​vercel/ncc from 0.38.3 to 0.38.4 (#1592)
• e736d73 📦️ Build
• Additional commits viewable in compare view

Updates release-drafter/release-drafter from 6.2.0 to 7.1.1

Release notes

Sourced from release-drafter/release-drafter's releases.

v7.1.1

What's Changed

Bug Fixes

• fix: remove disable-releaser and disable-autolabeler from action.yaml (#1564) @​cchanche

Full Changelog: release-drafter/release-drafter@v7.1.0...v7.1.1

v7.1.0

What's Changed

New

• feat: filter previous releases by range with semver (#1445) @​cchanche
• feat: support advanced substitutions in replacers (#1517) @​cchanche

Bug Fixes

• fix: support pull_request_target event in autolabeler (#1560) @​jmeridth
• fix: empty template when prs all are excluded by labels (#1429) @​Bledai
• fix: fall back to org .github repo when config not found in current repo (#1554) @​jetersen

Maintenance

• ci: make sure PRs have a type label (#1557) @​cchanche

Documentation

• docs: update README with pull_request_target example (#1561) @​jmeridth

Full Changelog: release-drafter/release-drafter@v7.0.0...v7.1.0

v7.0.0

What's Changed

Breaking

• feat: new major version (#1475) @​cchanche

Bug Fixes

• fix: JSON schema too strict with required fields (#1535) @​jetersen

Maintenance

• chore(deps): update vitest to 4.1.0 (#1544) @renovate[bot]
• chore(deps): update linters (#1549) @renovate[bot]
• chore(deps): update dependency nock to 14.0.11 (#1548) @renovate[bot]
• chore(deps): update dependency @​graphql-codegen/near-operation-file-preset to 5.0.0 (#1545) @renovate[bot]

... (truncated)

Commits

• 139054a chore: release v7.1.1
• 114efa7 fix: remove disable-releaser and disable-autolabeler from action.yaml (#1564)
• b23b6d2 test: add semantic prefix replacer example
• 44a942e chore: release v7.1.0
• f1f40a0 docs: update README with pull_request_target example (#1561)
• ebb69bb fix: support pull_request_target event in autolabeler (#1560)
• bddbd54 ci: make sure PRs have a type label (#1557)
• 4a66170 fix: empty template when prs all are excluded by labels (#1429)
• 7431882 feat: filter releases by semver range (#1445)
• 5a8b0d3 ci: restore CodeQL category lost when matrix was removed
• Additional commits viewable in compare view

Updates Swatinem/rust-cache from 2.8.2 to 2.9.1

Release notes

Sourced from Swatinem/rust-cache's releases.

v2.9.1

Fix regression in hash calculation

Full Changelog: Swatinem/rust-cache@v2.9.0...v2.9.1

v2.9.0

What's Changed

• Add support for running rust-cache commands from within a Nix shell by @​marc0246 in Swatinem/rust-cache#290
• Bump taiki-e/install-action from 2.62.57 to 2.62.60 in the actions group by @​dependabot[bot] in Swatinem/rust-cache#291
• Bump the actions group across 1 directory with 5 updates by @​dependabot[bot] in Swatinem/rust-cache#296
• Bump the prd-major group with 3 updates by @​dependabot[bot] in Swatinem/rust-cache#294
• Bump @​types/node from 24.10.1 to 25.0.2 in the dev-major group by @​dependabot[bot] in Swatinem/rust-cache#295
• Consider all installed toolchains in cache key by @​tamird in Swatinem/rust-cache#293
• Compare case-insenitively for full cache key match by @​kbriggs in Swatinem/rust-cache#303
• Migrate to node24 runner by @​rhysd in Swatinem/rust-cache#314
• Bump the actions group across 1 directory with 7 updates by @​dependabot[bot] in Swatinem/rust-cache#312
• Bump the prd-minor group across 1 directory with 2 updates by @​dependabot[bot] in Swatinem/rust-cache#307
• Bump @​types/node from 25.0.2 to 25.2.2 in the dev-minor group by @​dependabot[bot] in Swatinem/rust-cache#309

New Contributors

• @​marc0246 made their first contribution in Swatinem/rust-cache#290
• @​tamird made their first contribution in Swatinem/rust-cache#293
• @​kbriggs made their first contribution in Swatinem/rust-cache#303

Full Changelog: Swatinem/rust-cache@v2.8.2...v2.9.0

Changelog

Sourced from Swatinem/rust-cache's changelog.

Changelog

2.9.1

• Fix regression in hash calculation

2.9.0

• Update to node24
• Support running from within a nix shell
• Consider all installed toolchains for cache key
• Use case-insensitive comparison to determine exact cache hit

2.8.2

• Don't overwrite env for cargo-metadata call

2.8.1

• Set empty CARGO_ENCODED_RUSTFLAGS when retrieving metadata
• Various dependency updates

2.8.0

• Add support for warpbuild cache provider
• Add new cache-workspace-crates feature

2.7.8

• Include CPU arch in the cache key

2.7.7

• Also cache cargo install metadata

2.7.6

• Allow opting out of caching $CARGO_HOME/bin
• Add runner OS in cache key
• Adds an option to do lookup-only of the cache

2.7.5

• Support Cargo.lock format cargo-lock v4
• Only run macOsWorkaround() on macOS

2.7.3

• Work around upstream problem that causes cache saving to hang for minutes.

... (truncated)

Commits

• c193711 2.9.1
• 781e8d9 try reverting pipeline change
• 3d1fa46 add changelog
• c676846 2.9.0
• bf71d02 bump dependencies and rebuild
• 8a02ed5 Bump @​types/node from 25.0.2 to 25.2.2 in the dev-minor group (#309)
• 390157d Bump the prd-minor group across 1 directory with 2 updates (#307)
• 68500c1 Bump the actions group across 1 directory with 7 updates (#312)
• 1a83841 Migrate to node24 runner (#314)
• 11da852 Compare case-insenitively for full cache key match (#303)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (b318270) to head (b8c1dbc).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #311   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           56        56           
  Lines         3218      3218           
=========================================
  Hits          3218      3218           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

Updates pinned GitHub Action dependencies and adjusts chore workflows to align with newer release-drafter behavior (separating PR autolabeling from main-branch release drafting).

Changes:

• Bump Swatinem/rust-cache, actions/download-artifact, marocchino/sticky-pull-request-comment, and release-drafter/release-drafter to newer pinned SHAs.
• Refactor chore workflows: PR workflow now runs title check + autolabeler; main-branch workflow now drafts releases on push to main.
• Update release-drafter usage to v7-style token input and the autolabeler sub-action.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
.github/workflows/copilot-setup-steps.yml	Bumps Rust cache action used during setup.
.github/workflows/ci.yml	Bumps Rust cache action used in CI jobs.
.github/workflows/chore-pr.yml	Updates sticky comment action, switches release-drafter to autolabeler, and limits triggers to PR events.
.github/workflows/chore-main.yml	New workflow to draft releases on main pushes using release-drafter v7.
.github/workflows/build.yml	Bumps download-artifact used during publish step.

Comments suppressed due to low confidence (2)

.github/workflows/chore-pr.yml:18

• marocchino/sticky-pull-request-comment creates/updates PR comments via the Issues comments API, which requires issues: write. This job sets explicit permissions but omits issues: write, so the sticky-comment steps will fail with a 403 once the token permissions are restricted to only contents + pull-requests.
  .github/workflows/chore-pr.yml:59
• release-drafter/.../autolabeler applies labels using the Issues labels API and typically also needs to read the repo config (release-drafter YAML). With only pull-requests: write granted here, the action is likely to fail due to missing issues: write (and potentially contents: read if repo defaults are restricted). Consider explicitly granting the minimal required permissions.