chore(deps): pin dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/checkout	action	pinDigest	→ 34e1148
actions/setup-node	action	pinDigest	→ 49933ea
gabe565/changelog-generator	action	pinDigest	→ 733bb2c
nowactions/update-majorver	action	pinDigest	→ f2014bb
softprops/action-gh-release	action	pinDigest	→ 153bb8e
stefanzweifel/git-auto-commit-action	action	pinDigest	→ 778341a

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[sentry]

Bug: The workflow references a non-existent step pr to set the BASE_REF variable. This results in an empty string, causing the subsequent git rev-list command to fail.
_{Severity: HIGH}

Suggested Fix

The environment variable BASE_REF is being set from a non-existent step output. To fix this, replace ${{ steps.pr.outputs.base_ref }} with the correct GitHub Actions context variable to obtain the base branch name. For workflows triggered by pull requests, github.base_ref is typically used. Ensure the variable provides a valid branch name to the git rev-list command.

Prompt for AI Agent

Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: .github/workflows/build.yaml#L43

Potential issue: The `build.yaml` workflow sets the `BASE_REF` environment variable
using the output of a step with `id: pr`. However, no such step exists in the workflow.
As a result, `BASE_REF` is assigned an empty string. This empty value is then used in
the "Check if commit exists" step within a `git rev-list` command, forming an invalid
git range `origin/..HEAD`. Because the script is configured with `set -eu`, this invalid
command will cause the step to fail, halting the workflow. This failure will occur on
every run triggered by pushes to `renovate/**` or `dependabot/**` branches, breaking the
CI process for automated dependency updates.

_{Did we get this right? 👍 / 👎 to inform future reviews.}