chore(deps): bump actions/upload-pages-artifact from 3 to 4

[dependabot]

Bumps actions/upload-pages-artifact from 3 to 4.

Release notes

Sourced from actions/upload-pages-artifact's releases.

v4.0.0

What's Changed

• Potentially breaking change: hidden files (specifically dotfiles) will not be included in the artifact by @​tsusdere in actions/upload-pages-artifact#102 If you need to include dotfiles in your artifact: instead of using this action, create your own artifact according to these requirements https://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation
• Pin actions/upload-artifact to SHA by @​heavymachinery in actions/upload-pages-artifact#127

Full Changelog: actions/upload-pages-artifact@v3.0.1...v4.0.0

v3.0.1

Changelog

• Group tar's output to prevent it from messing up action logs @​SilverRainZ (#94)
• Update README.md @​uiolee (#88)
• Bump the non-breaking-changes group with 1 update @​dependabot (#92)
• Update Dependabot config to group non-breaking changes @​JamesMGreene (#91)
• Bump actions/checkout from 3 to 4 @​dependabot (#76)

See details of all code changes since previous release.

Commits

• 7b1f4a7 Merge pull request #127 from heavymachinery/pin-sha
• 4cc19c7 Pin actions/upload-artifact to SHA
• 2d163be Merge pull request #107 from KittyChiu/main
• c704843 fix: linted README
• 9605915 Merge pull request #106 from KittyChiu/kittychiu/update-readme-1
• e59cdfe Update README.md
• a2d6704 doc: updated usage section in readme
• 984864e Merge pull request #105 from actions/Jcambass-patch-1
• 45dc788 Add workflow file for publishing releases to immutable action package
• efaad07 Merge pull request #102 from actions/hidden-files
• Additional commits viewable in compare view

[changeset-bot]

⚠️ No Changeset found

Latest commit: a67939b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[pkg-pr-new]

Open in StackBlitz

@modelcontextprotocol/client

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/client@1793

@modelcontextprotocol/server

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/server@1793

@modelcontextprotocol/express

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/express@1793

@modelcontextprotocol/hono

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/hono@1793

@modelcontextprotocol/node

npm i https://pkg.pr.new/modelcontextprotocol/typescript-sdk/@modelcontextprotocol/node@1793

commit: a67939b

[claude]

LGTM, straightforward Dependabot version bump of a GitHub Actions dependency in the docs deployment workflow.

Extended reasoning...

Overview

This PR is an automated Dependabot bump of actions/upload-pages-artifact from v3 to v4 in .github/workflows/deploy-docs.yml. The change is a single-line version tag update — no source code, logic, or configuration beyond the action version is modified.

Security risks

None. This updates a first-party GitHub Action (actions/upload-pages-artifact) maintained by GitHub. The v4 release notes indicate the main change is excluding dotfiles from artifacts, which is unlikely to affect the docs deployment (generated HTML docs in tmp/docs-combined).

Level of scrutiny

Minimal scrutiny warranted. This is a CI-only change to a docs deployment workflow with no impact on application code, build artifacts, or package releases. The changeset bot correctly notes no version bump is needed.

Other factors

No outstanding reviewer comments. No prior reviews from me. No bugs found. The PR follows the same pattern as other recent Dependabot PRs in this repository. The workflow already uses other actions at their major version tags (e.g., actions/checkout@v6, actions/deploy-pages@v4), so this is consistent.

[claude]

LGTM, straightforward Dependabot version bump for a GitHub Actions dependency.

Extended reasoning...

Overview

This PR is an automated Dependabot bump of actions/upload-pages-artifact from v3 to v4 in .github/workflows/deploy-docs.yml. It is a single-line change affecting only the version tag of a GitHub-provided action used in the docs deployment workflow.

Security risks

None. This bumps a first-party GitHub Actions action (actions/upload-pages-artifact) to the next major version. No source code, authentication logic, or permissions are modified. The workflow permissions remain unchanged (contents: read, pages: write, id-token: write).

Level of scrutiny

Minimal scrutiny needed. This is a mechanical CI dependency bump from Dependabot touching one line in a non-production workflow file. The v4 release notes indicate the only breaking change is that hidden files (dotfiles) are excluded from the artifact, which is irrelevant for generated documentation output.

Other factors

No bugs were found. No outstanding reviewer comments. No prior reviews from me. The change follows the existing pattern in this repo of using version tags for first-party GitHub actions. The workflow file is consistent and well-structured.