Use pin hash and latest versions

[hsbt]

Fixed #347

[Copilot]

Pull request overview

This PR updates GitHub Actions to their latest versions and converts all action references to use pinned commit hashes for improved security. It addresses Dependabot PR #347 which proposed bumping actions/checkout from v6.0.1 to v6.0.2, and also updates other actions including actions/setup-node, actions/upload-artifact, and actions/download-artifact.

Changes:

• Updated actions/checkout from v6.0.1 to v6.0.2 with pinned commit hash across all workflows
• Updated actions/setup-node from v6.0.0 to v6.2.0 with pinned commit hash
• Converted actions/upload-artifact and actions/download-artifact from tag references to pinned commit hashes (v6.0.0 and v7.0.0 respectively)

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
.github/workflows/zizmor.yml	Updated actions/checkout to v6.0.2 with pinned hash
.github/workflows/test.yml	Updated actions/checkout to v6.0.2 with pinned hash across 3 usage locations
.github/workflows/compile-dependabot-updates.yml	Updated actions/checkout to v6.0.2, actions/setup-node to v6.2.0, and converted artifact actions to pinned hashes
.github/workflows/codeql-analysis.yml	Updated actions/checkout to v6.0.2 with pinned hash
.github/workflows/check-dist.yml	Updated actions/checkout to v6.0.2 and actions/setup-node to v6.2.0 with pinned hashes

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.