Consolidate GitHub Actions dependency bumps from PRs #368, #369, #370, #371, #373

[Copilot]

Cherry-picks the dependabot commits from 5 open PRs into a single branch and adds a consolidated changelog entry.

• actions/download-artifact 7 → 8 ({gh-pr}368)
• actions/upload-artifact 6 → 7 ({gh-pr}369)
• sigstore/gh-action-sigstore-python 3.2.0 → 3.3.0 ({gh-pr}370)
• codecov/codecov-action 5 → 6 ({gh-pr}371)
• actions/github-script 8 → 9 ({gh-pr}373)

Changelog updated under Unreleased changes > CI/CD.

---

📚 Documentation preview 📚: https://ridgeplot--378.org.readthedocs.build/en/378/

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (3dbae30) to head (176fc73).

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #378   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           18        18           
  Lines          657       657           
  Branches        85        85           
=========================================
  Hits           657       657           

Flag	Coverage Δ
combined-src	100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

This PR consolidates several Dependabot GitHub Actions version bumps into a single branch and updates the project changelog under “Unreleased changes > CI/CD”.

Changes:

• Bump actions/download-artifact (7 → 8) and actions/upload-artifact (6 → 7) in the release workflow.
• Bump sigstore/gh-action-sigstore-python (3.2.0 → 3.3.0) for release signing.
• Bump codecov/codecov-action (5 → 6) and actions/github-script (8 → 9) in CI-related workflows.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.

File	Description
docs/reference/changelog.md	Adds CI/CD changelog entries for the consolidated dependency bumps.
.github/workflows/release.yml	Updates artifact upload/download actions and Sigstore action versions used during publishing.
.github/workflows/ci.yml	Updates the Codecov upload action to the next major version.
.github/workflows/check-release-notes.yml	Updates actions/github-script to the next major version for comment resolve/unresolve automation.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.