ci: bump pinned action versions (pass 1 of #367)

[fpelliccioni]

First of three CI maintenance passes from #367.

Bumps the four heavily-used third-party actions to current upstream majors:

Action	Old	New
`actions/checkout`	v4.3.1	v7.0.0
`actions/upload-artifact`	v4.6.2	v7.0.1
`actions/download-artifact`	v4.3.0	v8.0.1
`actions/setup-python`	v5.6.0	v6.2.0

SHAs and version comments updated together so the supply-chain pinning is preserved. `actions/cache` is already on its current major (v5.0.5) so it's left alone.

Pass 2 (runner images / container images) and pass 3 (compilers) are tracked separately.

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (17)

• .github/workflows/build-deps-with-container.yml is excluded by !.github/** and included by none
• .github/workflows/build-deps-without-container.yml is excluded by !.github/** and included by none
• .github/workflows/build-wasm.yml is excluded by !.github/** and included by none
• .github/workflows/build-with-container.yml is excluded by !.github/** and included by none
• .github/workflows/build-without-container.yml is excluded by !.github/** and included by none
• .github/workflows/calc-deps-with-container.yml is excluded by !.github/** and included by none
• .github/workflows/calc-deps-without-container.yml is excluded by !.github/** and included by none
• .github/workflows/check-conan-updates.yml is excluded by !.github/** and included by none
• .github/workflows/cosmetic-changes.yml is excluded by !.github/** and included by none
• .github/workflows/coverage.yml is excluded by !.github/** and included by none
• .github/workflows/main.yml is excluded by !.github/** and included by none
• ci_utils/.github/workflows/build-deps-with-container.yml is excluded by none and included by none
• ci_utils/.github/workflows/build-deps-without-container.yml is excluded by none and included by none
• ci_utils/.github/workflows/build-with-container.yml is excluded by none and included by none
• ci_utils/.github/workflows/build-without-container.yml is excluded by none and included by none
• ci_utils/.github/workflows/calc-deps-with-container.yml is excluded by none and included by none
• ci_utils/.github/workflows/calc-deps-without-container.yml is excluded by none and included by none

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 7db0ba3d-63f4-4fc7-90e7-23e05d9717b4

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch ci/bump-actions-v7

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}