target node24 and allow the freethreaded version of Python to be chosen

[strobecat]

This PR updates @actions dependencies, targets node24 in case node 20 is being deprecated, thus fixing the node deprecation warning.
Also adds freethreaded option.

[dylonsivamcgi]

hi - is there any plan for this to be released?

[sigma67]

seems a tag is available now: https://github.com/pdm-project/setup-pdm/tree/v4.5

[frostming]

seems a tag is available now: https://github.com/pdm-project/setup-pdm/tree/v4.5

The version is revoked per requested by the PR author.

[sigma67]

But the tag is still available or what do you mean by revoked?

It did just get pushed by dependabot, that's how I ended up here

sigma67/ytmusicapi#917

[frostming]

But the tag is still available or what do you mean by revoked?

it was unpublished from the marketplace but yeah i didn't remove the tag so it got picked by dependabot.

Actually, I didn't find any problems, but @strobecat is worried about the risk of a supply chain attack because it was urged by a brand new GitHub account.

[sigma67]

Yes it's good to be wary right now.

Would need to double check the compiled js files here in dist

https://github.com/pdm-project/setup-pdm/pull/75/changes

[frostming]

i rebuilt source and can verify the compiled files are good. what he suspected is the updates of pnpm lock