Update actions/checkout and actions/upload-artifact to latest versions; upgrade step-security/harden-runner for improved security

Author: texasich

.github/workflows/build.yml

@@ -46,7 +46,7 @@ jobs:
       cancel-in-progress: true
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Install Linux toolchain
         if: runner.os == 'Linux'
@@ -76,7 +76,7 @@ jobs:
         run: cmake --build ${{ github.workspace }}/build --preset ${{ matrix.preset }} --config ${{ matrix.build_type }} -j 4
 
       - name: Archive production artifacts
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
         with:
           name: gemma-${{ matrix.os }}-${{ matrix.preset }}-${{ matrix.build_type }}-${{ matrix.cc || 'default' }}
           path: |
@@ -89,7 +89,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc  # v2.15.1
         with:
           egress-policy: audit  # cannot be block - runner does git checkout