fix: resolve 20 npm vulnerabilities by upgrading @actions/core and @actions/github

- @actions/core: 1.2.6 -> 1.11.1 (fixes GHSA-7r3h-m5j6-3q42 delimiter injection)
- @actions/github: 4.0.0 -> 8.0.1 (CJS, fixes octokit ReDoS chain)
- undici override ^6.26.0 (fixes GHSA-g9mf-h72j-4rw9 and 4 related CVEs)
- transitive: cross-spawn, semver, minimatch, flatted, lodash, node-fetch, ajv, brace-expansion, js-yaml, word-wrap, fast-xml-parser all updated

Signed-off-by: yuriyryabikov <22548029+kurok@users.noreply.github.com>

Author: kurok