update workflows

[JarbasAl]

use our own workflows, build tests are failing

[NeonDaniel]

Failures are related to pip_audit. These failures may be explicitly ignored in the automation params

pip | 23.0.1 | PYSEC-2023-228 | 23.3 | When installing a package from a Mercurial VCS URL  (ie "pip install  hg+...") with pip prior to v23.3, the specified Mercurial revision could  be used to inject arbitrary configuration options to the "hg clone"  call (ie "--config"). Controlling the Mercurial configuration can modify  how and which repository is installed. This vulnerability does not  affect users who aren't installing from Mercurial. 
requests | 2.29.0 | GHSA-9wx4-h78v-vm56 | 2.32.0 | When making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same origin will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool.  ### Remediation Any of these options can be used to remediate the current issue, we highly recommend upgrading as the preferred mitigation.  * Upgrade to `requests>=2.32.0`. * For `requests<2.32.0`, avoid setting `verify=False` for the first request to a host while using a Requests Session. * For `requests<2.32.0`, call `close()` on `Session` objects to clear existing connections if `verify=False` is used.  ### Related Links * https://github.com/psf/requests/pull/6655

[mikejgray]

I closed the failures with #127