chore(deps): update actions to v7 [skip pre-commit.ci] (major)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
actions/upload-artifact	action	major	v6 → v7
docker/build-push-action	action	major	v6 → v7

---

Release Notes

actions/upload-artifact (actions/upload-artifact)

v7

Compare Source

docker/build-push-action (docker/build-push-action)

v7

Compare Source

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

[yamllint] _{reported by reviewdog 🐶}
[warning] line too long (252 > 185 characters) (line-length)

tux/.github/workflows/docs.yml

Line 236 in e49bce3

npx wrangler@4 versions deploy "${{ steps.preview_upload.outputs.version_id }}" -y --config wrangler.toml --env preview --message="Preview: tux@${{ github.sha }} on ${{ github.ref_name }} by ${{ github.actor }} (run ${{ github.run_number }})"

[github-actions]

[yamllint] _{reported by reviewdog 🐶}
[warning] line too long (348 > 185 characters) (line-length)

tux/.github/workflows/docs.yml

Line 287 in e49bce3

| Preview | ${{ steps.prepare_url.outputs.is_url == 'true' && format('[{0}]({0})', steps.prepare_url.outputs.preview_url) || steps.prepare_url.outputs.preview_url }} | ${{ steps.preview_upload.outputs.version_id || '-' }} | Preview: tux@${{ github.sha }} on ${{ github.ref_name }} by ${{ github.actor }} (run ${{ github.run_number }}) |

[github-actions]

📚 Documentation Preview

Type	URL	Version	Message
Production	https://tux.atl.dev	-	-
Preview	https://cc21e810-tux-docs.allthingslinux.workers.dev	cc21e810-8fa2-411a-8dc1-54320708f086	Preview: tux@9c66438c321ca915d02139b333a605a9623ddec1 on 1212/merge by renovate[bot] (run 465)

[cubic-dev-ai]

No issues found across 4 files

Confidence score: 5/5

• Automated review surfaced no issues in the provided summaries.
• No files require special attention.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA e49bce3.

Ensure that dependencies are being submitted on PR branches. Re-running this action after a short time may resolve the issue. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
actions/actions/upload-artifact	bbbca2ddaa5d8feaa63e36b76fdaad77386f024f	🟢 6.2	Details Check Score Reason Maintained 🟢 10 28 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST 🟢 10 SAST tool is run on all commits

Scanned Files

• .github/workflows/security.yml