Update actions/github 8.0.1 and tsconf

[dancewithheart]

Update @github/action to 8.0.1 this address [CVE-2026-22036], [CVE-2026-1525], [CVE-2026-1526], [CVE-2026-1527], [CVE-2026-1528], [CVE-2026-2229]

reported by npm audit --omit=dev:

# npm audit report

undici  <=6.23.0
Severity: high
Undici has an unbounded decompression chain in HTTP responses on Node.js Fetch API via Content-Encoding leads to resource exhaustion - https://github.com/advisories/GHSA-g9mf-h72j-4rw9
Undici: Malicious WebSocket 64-bit length overflows parser and crashes the client - https://github.com/advisories/GHSA-f269-vfmq-vjvj
Undici has an HTTP Request/Response Smuggling issue - https://github.com/advisories/GHSA-2mjp-6q6p-2qxm
Undici has Unbounded Memory Consumption in WebSocket permessage-deflate Decompression - https://github.com/advisories/GHSA-vrm6-8vpv-qv8q
Undici has Unhandled Exception in WebSocket Client Due to Invalid server_max_window_bits Validation - https://github.com/advisories/GHSA-v9p9-hfj2-hcw8
Undici has CRLF Injection in undici via `upgrade` option - https://github.com/advisories/GHSA-4992-7rv2-5pvq
fix available via `npm audit fix --force`
Will install @actions/github@9.1.0, which is a breaking change
node_modules/@actions/http-client/node_modules/undici
node_modules/undici
  @actions/github  6.0.1 - 8.0.0
  Depends on vulnerable versions of undici
  node_modules/@actions/github

2 vulnerabilities (1 moderate, 1 high)

and snyk test:

Tested 26 dependencies for known issues, found 6 issues, 15 vulnerable paths.

Issues to fix by upgrading:
  Upgrade @actions/github@7.0.0 to @actions/github@8.0.1 to fix
  ✗ Allocation of Resources Without Limits or Throttling [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-UNDICI-14943963] in undici@5.29.0
    introduced by @actions/github@7.0.0 > undici@5.29.0
  ✗ HTTP Request Smuggling [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-UNDICI-15518061] in undici@5.29.0
    introduced by @actions/github@7.0.0 > undici@5.29.0 and 2 other path(s)
  ✗ CRLF Injection [Medium Severity][https://security.snyk.io/vuln/SNYK-JS-UNDICI-15518072] in undici@5.29.0
    introduced by @actions/github@7.0.0 > undici@5.29.0 and 2 other path(s)
  ✗ Improper Handling of Highly Compressed Data (Data Amplification) [High Severity][https://security.snyk.io/vuln/SNYK-JS-UNDICI-15518068] in undici@5.29.0
    introduced by @actions/github@7.0.0 > undici@5.29.0 and 2 other path(s)
  ✗ Uncaught Exception [High Severity][https://security.snyk.io/vuln/SNYK-JS-UNDICI-15518070] in undici@5.29.0
    introduced by @actions/github@7.0.0 > undici@5.29.0 and 2 other path(s)

Issues with no direct upgrade or patch:
  ✗ Uncaught Exception [High Severity][https://security.snyk.io/vuln/SNYK-JS-UNDICI-15518064] in undici@6.23.0
    introduced by @actions/core@2.0.3 > @actions/http-client@3.0.2 > undici@6.23.0 and 1 other path(s)
  This issue was fixed in versions: 6.24.0, 7.24.0

After this change snyk test and npm audit --omit=dev return no vulns.

TS config modernized to fix errors on GH Actions reported for #317

[tgodzik]

thanks!