Update workflows and configs for dependency and action versions

[coliff]

Pinned GitHub Actions to specific commit SHAs in build, deploy, CodeQL, and super-linter workflows for improved security and reproducibility. Updated Bootstrap version reference in Copilot instructions to v5.3.8. Added 'withastro' to cspell dictionary and referenced content.d.ts in Astro types. Removed unused linter validation in super-linter workflow.

[gemini-code-assist]

Summary of Changes

Hello @coliff, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on essential maintenance and configuration updates to improve the project's security, consistency, and development environment. It ensures that automated workflows use stable and secure versions of GitHub Actions, keeps development guidelines current with the latest library versions, and refines project-specific configurations for better tooling integration.

Highlights

• GitHub Actions Security: Pinned GitHub Actions to specific commit SHAs across build, deploy, CodeQL, and super-linter workflows to enhance security and ensure reproducibility.
• Bootstrap Version Update: Updated the Bootstrap version reference in the Copilot instructions from v5.3.7 to v5.3.8.
• Spell Checker Configuration: Added 'withastro' to the cspell dictionary to prevent false positives for Astro-related terms.
• Astro Type Definitions: Included a reference to content.d.ts within the main Astro types definition file.
• Linter Workflow Optimization: Removed unused linter validation from the super-linter workflow, streamlining the process.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces several good maintenance updates. Pinning GitHub Actions to specific commit SHAs is an excellent security practice that improves the reproducibility of your workflows. The updates to the Bootstrap version in the Copilot instructions, the cspell dictionary, and the Astro type definitions are all correct and keep the project configuration up-to-date. I have one minor suggestion to add a newline at the end of a file for consistency, but otherwise, the changes look good.