chore(deps): pin jupyterlab/maintainer-tools action to affc83b

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
jupyterlab/maintainer-tools	action	pinDigest	-> affc83b

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

Summary by CodeRabbit

• Chores
  • Updated continuous integration configuration to pin a setup step to a specific revision, improving build reproducibility and reliability.
  • Enhances security by avoiding floating tags in CI actions.
  • No changes to product features or user experience.

[coderabbitai]

📝 Walkthrough

Walkthrough

The CI workflow (.github/workflows/ci.yaml) changes the Base Setup action reference from the semantic tag v1 to the exact commit SHA affc83be6020d529b9368cd4d63e467877606600. No other workflow steps, jobs, or logic were modified.

Sequence Diagram(s)

sequenceDiagram
    participant Runner as GitHub Actions Runner
    participant Repo as Repository workflow
    participant ActionRepo as jupyterlab/maintainer-tools action

    Note over Repo,ActionRepo #D3E4CD: Before
    Runner->>ActionRepo: uses: jupyterlab/maintainer-tools/.github/actions/base-setup@v1
    ActionRepo-->>Runner: resolve tag -> fetch action content
    Note over Repo,ActionRepo: Tag-based resolution (floating)
    
    Note over Repo,ActionRepo #F3E2E2: After
    Runner->>ActionRepo: uses: jupyterlab/maintainer-tools/.github/actions/base-setup@affc83be6...
    ActionRepo-->>Runner: fetch specific commit
    Note over Repo,ActionRepo: Commit-pinned resolution (immutable)

Loading

Possibly related PRs

• chore(deps): pin dependencies #20: Pins the same base-setup action from @v1 to the identical commit SHA.
• chore(deps): update qltysh/qlty-action digest to a192421 deepnote#31: Updates a CI workflow action reference from a tag to a fixed commit for an install step (similar pattern).
• deepnote/deepnote-toolkit#224: Adds/configures Renovate rules to pin and manage GitHub Action references (related tooling for pinning actions).

Suggested reviewers

• Artmann
• saltenasl
• jamesbhobbs

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title clearly and concisely describes the main change by indicating the chore of pinning the jupyterlab/maintainer-tools GitHub Action to a specific commit, directly matching the update in the CI workflow.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 74c10cf and b936c80.

📒 Files selected for processing (1)

• .github/workflows/ci.yaml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: build
• GitHub Check: check_release

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 18.50%. Comparing base (8353fc8) to head (b936c80).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #29   +/-   ##
=======================================
  Coverage   18.50%   18.50%           
=======================================
  Files          13       13           
  Lines         200      200           
  Branches       27       27           
=======================================
  Hits           37       37           
  Misses        163      163           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.