chore: bump github actions

[adrianchiris]

bump actions/checkout to v4
bump actions/setup-go to v5

Summary by CodeRabbit

• Chores
  • Updated CI workflow to use newer GitHub Actions for code checkout and Go setup on Linux and macOS runners.
  • Go version remains 1.23; no changes to build logic or application behavior.
  • Anticipated benefits include improved reliability, security updates, and potentially faster build/setup times.

[coderabbitai]

Walkthrough

Updated GitHub Actions workflow versions in .github/workflows/main.yml: actions/checkout moved from v2 to v4 and actions/setup-go from v2 to v5 in both ubuntu-latest and macos-latest jobs. The go-version remains 1.23. No other workflow logic changes.

Changes

Cohort / File(s)	Summary
CI workflow version bumps \.github/workflows/main.yml	Upgrade actions: actions/checkout@v2 → @v4, actions/setup-go@v2 → @v5 in ubuntu and macOS jobs; keep go-version: 1.23; no other edits.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~7 minutes

Poem

I thump the ground—update time anew,
Hops between v2s and shiny v4s in view.
Go stays steady, 1.23 true,
Pipelines purr with cleaner brew.
Ears up high, CI skies blue—
Merge me quick; I’ve chores to do! 🐇🚀

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[adrianchiris]

this one is the same as #1033 but does it in a single commit as required for PRs in this repo.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

.github/workflows/main.yml (2)

14-14: Checkout v4 bump: consider pinning to commit SHA and (optionally) full history

• Security: pin actions to an exact commit SHA instead of a moving tag.
• If any step needs tags or full history (e.g., git describe, release tooling), set fetch-depth: 0.

-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v4 # consider pinning to the v4 commit SHA
+      with:
+        # set to 0 only if you need tags/full history
+        fetch-depth: 0

Apply similarly to the macOS job.

Also applies to: 33-33

---

17-19: Enable module caching and optional go.mod version sourcing

CI is already using Go v1.23, which matches the project’s go.mod. To speed up module downloads and lock the Go version to your go.mod, consider this update:

     - name: Set up Go
       uses: actions/setup-go@v5 # consider pinning to the v5 commit SHA
       with:
         go-version: 1.23
+        cache: true
+        cache-dependency-path: |
+          **/go.sum
+        # Optional: uncomment to source the version from go.mod
+        # go-version-file: go.mod

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 481da0d and 6580075.

📒 Files selected for processing (1)

• .github/workflows/main.yml (2 hunks)