Currently, there are a few areas where workflows can be optimized to reduce CI times, maintenance, and security in the runners. Also, consider adding tools like @dependabot that can keep the dependency up-to-date unless some dependency requires it, for example: chalk since it's pure ESM now and the plugin CLI is CJS.

Tasks

• Optimize workflows for lower CI times and reduce files for maintenance(i.e. lint workflows can remain in one file).
• Remove dependency from third-party workflows for tasks that can be handled natively.
• Update permissions in the workflows to read-only and manually provide any other permission at the job level.
• Update wp-env based PHPUnit setup with MySQL + SVN which is easy to set up for any version and has very less or no compatibility maintenance.
• Add @dependabot config to update composer, npm, and github-actions at least once a month.
• Add CodeQL for JS code analysis for any security vulnerabilities.