chore(deps): bump actions/setup-node from 6.3.0 to 6.4.0

[dependabot]

Bumps actions/setup-node from 6.3.0 to 6.4.0.

Release notes

Sourced from actions/setup-node's releases.

v6.4.0

What's Changed

Dependency updates:

• Upgrade @​actions dependencies by @​Copilot in actions/setup-node#1525
• Update Node.js versions in versions.yml and bump package to v6.4.0 by @​priya-kinthali in actions/setup-node#1533

New Contributors

• @​Copilot made their first contribution in actions/setup-node#1525

Full Changelog: actions/setup-node@v6...v6.4.0

Commits

• 48b55a0 Update Node.js versions in versions.yml and bump package to v6.4.0 (#1533)
• ab72c7e Upgrade @​actions dependencies (#1525)
• See full diff in compare view

Summary

This PR upgrades the actions/setup-node GitHub Action from v6.3.0 to v6.4.0 in CI/CD workflows. The update includes upstream dependency upgrades within the action and Node.js version catalog updates.

Impact

No user-visible changes. This is a CI/CD infrastructure update only. The change updates the pinned commit hash of the actions/setup-node action in two workflow files (.github/workflows/ci.yml and .github/workflows/security.yml) without altering any build logic, test configurations, or application code.

The upgrade includes internal dependency updates within the action that may provide security patches and bug fixes for the CI environment, but does not affect the built application or end-user functionality.

[Lucenx9]

@coderabbitai review

@codex review

[coderabbitai]

@Lucenx9 I'll kick off a review of this PR right away!

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro Plus

Run ID: 52e4f6a0-191e-4f0b-aca2-3a79c438fa4a

📥 Commits

Reviewing files that changed from the base of the PR and between 7510d34 and f142612.

📒 Files selected for processing (2)

• .github/workflows/ci.yml
• .github/workflows/security.yml

✅ Files skipped from review due to trivial changes (2)

• .github/workflows/security.yml
• .github/workflows/ci.yml

---

📝 Walkthrough

Walkthrough

Two GitHub Actions workflows were updated to pin newer revisions of the actions/setup-node action. The CI workflow and security workflow each received updated action commit SHAs while maintaining existing Node.js versions and caching configurations.

Changes

Actions Pinning Updates

Layer / File(s)	Summary
Node.js Setup Action Pinning .github/workflows/ci.yml, .github/workflows/security.yml	CI and security workflows pinned to newer revisions of actions/setup-node.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Suggested labels

ci

Poem

🐰 Hop and skip, the actions stay,
Pinned revisions—fresh today!
Node.js runs, the workflows gleam,
Security flows in a trusted stream. ✨

🚥 Pre-merge checks | ✅ 6

✅ Passed checks (6 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely describes the main change: bumping the actions/setup-node dependency version, includes the affected area (deps/chore), and follows conventional commit format.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Privacy Boundary	✅ Passed	Only GitHub Actions workflow files modified. No runtime code changes to src/, src-tauri/, or dependencies. Privacy boundary check not applicable to CI configuration.
Terminal Command Safety	✅ Passed	PR only updates GitHub Actions workflow pinned versions (actions/setup-node). No changes to PTY, socket API, worktree, shell, packaging scripts, or command execution code. Check is not applicable.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/github_actions/actions/setup-node-6.4.0

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Already looking forward to the next diff.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".