diff --git a/.github/workflows/verify-build.yml b/.github/workflows/verify-build.yml
index 3f1ab8c..2e80284 100644
--- a/.github/workflows/verify-build.yml
+++ b/.github/workflows/verify-build.yml
@@ -1,7 +1,16 @@
-name: Node.js CI
+# This file is managed in https://github.com/happyprime/projects
+name: Verify build (Node 16)
 
 on: [ pull_request ]
 
+# The GITHUB_TOKEN used by Dependabot has read-only permissions
+# by default, so we provide write permissions to this workflow
+# so that comments can be left on the pull request.
+# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#changing-github_token-permissions
+permissions:
+  contents: read
+  pull-requests: write
+
 jobs:
   build:
     name: Check built files
@@ -10,37 +19,49 @@ jobs:
 
     steps:
     - name: Checkout project
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
       with:
         fetch-depth: 2
-    - name: Setup Node.js LTS
-      uses: actions/setup-node@v2
+
+    - name: Setup Node
+      uses: actions/setup-node@v4
       with:
-        node-version: 'lts/*'
-    - name: Install latest NPM
-      run: npm install -g npm
-    - name: Install project dependencies
-      run: npm ci
-    - name: Run build process(es)
-      run: |
-        npm run build
-    - name: Check Git status
+        node-version: 16
+        cache: 'npm'
+
+    - name: Verify Node dependency cache
+      uses: actions/cache@v3
+      with:
+        path: ./node_modules
+        key: node-dependencies-${{ hashFiles('package-lock.json') }}
+        restore-keys: node-dependencies-
+
+    - name: Install Node dependencies
+      run: npm install
+
+    - name: Build
+      run: npm run build
+
+    - name: Capture Git status
       id: git
       shell: bash
       run: |
-        RESULT=$(git status)
-        RESULT="${RESULT//'%'/'%25'}"
-        RESULT="${RESULT//$'\n'/'%0A'}"
-        RESULT="${RESULT//$'\r'/'%0D'}"
-        echo "::set-output name=changes::$RESULT"
-        echo "::set-output name=nodeVersion::$(node --version)"
-        echo "::set-output name=npmVersion::$(npm --version)"
-        if [[ $RESULT == *"Changes not staged"* || $RESULT == *"Untracked files"* ]]; then
+        echo 'changes<<EOF' >> $GITHUB_OUTPUT
+        echo "$(git status --porcelain --untracked-files=all)" >> $GITHUB_OUTPUT
+        echo 'EOF' >> $GITHUB_OUTPUT
+        echo "nodeVersion=$(node --version)" >> $GITHUB_OUTPUT
+        echo "npmVersion=$(npm --version)" >> $GITHUB_OUTPUT
+
+    - name: Fail if changes detected
+      shell: bash
+      run: |
+        if [[ -n "${{ steps.git.outputs.changes }}" ]]; then
           exit 1
         fi
+
     - name: Comment on pull request
       if: failure()
-      uses: actions/github-script@v4
+      uses: actions/github-script@v7
       with:
         script: |
           const output = `Changed files were detected after build. Please run project build workflows and check \`git status\` for any missed changes.
@@ -54,7 +75,7 @@ jobs:
           * NPM ${{ steps.git.outputs.npmVersion }}
           `;
 
-          github.issues.createComment({
+          github.rest.issues.createComment({
             ...context.repo,
             issue_number: context.payload.pull_request.number,
             body: output