chore(ci): bump GitHub Actions to latest majors

[oliverlaz]

💡 Overview

Bumps all GitHub Actions used across CI workflows to their latest major versions, and replaces the unmaintained PR-title linter (aslafy-z/conventional-pr-title-action) with the more widely used amannn/action-semantic-pull-request.

📝 Implementation notes

Action	Before	After
actions/checkout	v4	v6
actions/setup-node	v4	v6
actions/cache	v4 (one v3 in rn-bootstrap)	v5
actions/upload-artifact	v4	v7
actions/download-artifact	v4	v8
actions/setup-java	v4	v5
PR-title linter	aslafy-z/conventional-pr-title-action@v3	amannn/action-semantic-pull-request@v6
ruby/setup-ruby	v1	unchanged (v1 is the floating major track)

All major bumps require Actions Runner ≥ 2.327.1, which GitHub-hosted ubuntu-latest / macos-15 already satisfy.

Behavior notes worth flagging:

• download-artifact@v8: hash mismatches now error by default (previously a warning). This is good security hygiene; if a legit mismatch ever shows up, we can opt out per-step via digest-mismatch: warn.
• setup-node@v6: auto-caching is now scoped to npm only. We use explicit cache: 'yarn' everywhere, so this is a no-op.
• upload-artifact@v7 + download-artifact@v8 share the same artifact backend and are designed to be paired; existing upload→download flows in react-native-workflow.yml are unchanged.
• amannn/action-semantic-pull-request@v6 validates Conventional Commit-style PR titles by default, matching our existing convention.

🎫 Ticket: n/a (CI hygiene)

[changeset-bot]

⚠️ No Changeset found

Latest commit: 845643b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Warning

Rate limit exceeded

@oliverlaz has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 35 minutes and 30 seconds before requesting another review.

To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 76e50618-1337-4345-ae46-eac54c8d44bf

📥 Commits

Reviewing files that changed from the base of the PR and between bf837b1 and 845643b.

📒 Files selected for processing (7)

• .github/actions/rn-bootstrap/action.yml
• .github/workflows/deploy-react-sample-apps.yml
• .github/workflows/egress-composite-e2e.yml
• .github/workflows/pr-check.yml
• .github/workflows/react-native-workflow.yml
• .github/workflows/test.yml
• .github/workflows/version-and-release.yml

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/bump-github-actions

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 0/1 reviews remaining, refill in 35 minutes and 30 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}