ci(workflows): update GitHub Actions to latest versions

- Bump golangci-lint from v2.9 to v2.11
- Bump aquasecurity/trivy-action from 0.34.1 to 0.35.0
- Bump docker/login-action from v3 to v4

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: appleboy

.github/workflows/docker.yml

@@ -33,7 +33,7 @@ jobs:
         uses: docker/setup-buildx-action@v3
 
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
@@ -68,7 +68,7 @@ jobs:
             VERSION=${{ steps.docker-meta.outputs.version }}
 
       - name: Run Trivy vulnerability scanner on Docker image
-        uses: aquasecurity/trivy-action@0.34.1
+        uses: aquasecurity/trivy-action@0.35.0
         with:
           image-ref: ${{ env.REPO }}:scan
           ignore-unfixed: true

.github/workflows/security.yml

@@ -23,7 +23,7 @@ jobs:
         uses: actions/checkout@v6
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0.34.1
+        uses: aquasecurity/trivy-action@0.35.0
         with:
           scan-type: "fs"
           scan-ref: "."
@@ -39,7 +39,7 @@ jobs:
           sarif_file: "trivy-results.sarif"
 
       - name: Run Trivy vulnerability scanner (table output)
-        uses: aquasecurity/trivy-action@0.34.1
+        uses: aquasecurity/trivy-action@0.35.0
         if: always()
         with:
           scan-type: "fs"

.github/workflows/testing.yml

@@ -39,7 +39,7 @@ jobs:
       - name: Setup golangci-lint
         uses: golangci/golangci-lint-action@v9
         with:
-          version: v2.9
+          version: v2.11
           args: --verbose
 
   test: