.github/workflows: Migrate workflows to Blacksmith runners

[blacksmith-sh]

This PR has been automatically generated by a team member in your GitHub organization using Blacksmith's Migration Wizard. This PR changes the following:

1. Your selected workflows will now run on Blacksmith's 2x faster hardware (e.g., runs-on: blacksmith-4vcpu-ubuntu-2204). Learn more about the different instances available to choose from.
2. Your jobs running on Blacksmith will now have all official GitHub and popular third-party cache actions automatically interact with our 4x faster, colocated cache. Learn more about Blacksmith's actions cache.
3. Your GitHub Actions will now actually be observable. Learn more about Blacksmith's logging and other observability features.
4. Your Docker builds will now automatically share their Docker layer cache, resulting in up to 40x faster builds. Learn more about Blacksmith's Docker layer caching.

---

^{Need help on this PR? Tag @codesmith with what you need. Autofix is enabled.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​privy-io/​react-auth@​3.21.0
	@​types/​node@​20.19.41 ⏵ 22.19.17	+1		+1
	@​tanstack/​react-query@​5.100.10 ⏵ 5.97.0
	@​privy-io/​wagmi@​3.0.0
	@​heroicons/​react@​2.2.0
	@​tailwindcss/​postcss@​4.2.2

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm @typescript-eslint/eslint-plugin is 90.0% likely obfuscated Confidence: 0.90 Location: Package overview From: with-privy/pnpm-lock.yaml → npm/@typescript-eslint/eslint-plugin@8.58.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@typescript-eslint/eslint-plugin@8.58.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report