workflows: use bash shell explicitly

This forces better error handling as described in [1].

Without this change, bash would *not* run with `-o pipefail`, which
means some errors go unnoticed. By naming `bash` explicitly, `-o
pipefail` is enabled.

1:
https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#defaultsrunshell

.github/workflows/backport.yml

@@ -14,6 +14,10 @@ permissions:
   issues: write
   pull-requests: write
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   backport:
     name: Backport Pull Request

.github/workflows/check-cherry-picks.yml

@@ -17,6 +17,10 @@ concurrency:
 permissions:
   pull-requests: write
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   check:
     name: cherry-pick-check

.github/workflows/check-format.yml

@@ -12,6 +12,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   nixos:
     name: fmt-check

.github/workflows/check-shell.yml

@@ -15,6 +15,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   shell-check:
     strategy:

.github/workflows/codeowners-v2.yml

@@ -35,6 +35,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 env:
   OWNERS_FILE: ci/OWNERS
   # Don't do anything on draft PRs

.github/workflows/edited.yml

@@ -22,6 +22,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   base:
     name: Trigger jobs

.github/workflows/eval-aliases.yml

@@ -12,6 +12,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   eval-aliases:
     name: Eval nixpkgs with aliases enabled

.github/workflows/eval.yml

@@ -22,6 +22,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   prepare:
     name: Prepare

.github/workflows/labels.yml

@@ -17,6 +17,10 @@ permissions:
   issues: write # needed to create *new* labels
   pull-requests: write
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   labels:
     name: label-pr

.github/workflows/lib-tests.yml

@@ -15,6 +15,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   nixpkgs-lib-tests:
     name: nixpkgs-lib-tests

.github/workflows/manual-nixos-v2.yml

@@ -24,6 +24,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   nixos:
     name: nixos-manual-build

.github/workflows/manual-nixpkgs-v2.yml

@@ -16,6 +16,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   nixpkgs:
     name: nixpkgs-manual-build

.github/workflows/nix-parse-v2.yml

@@ -12,6 +12,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   tests:
     name: nix-files-parseable-check

.github/workflows/nixpkgs-vet.yml

@@ -20,6 +20,10 @@ permissions: {}
 # We don't use a concurrency group here, because the action is triggered quite often (due to the PR edit trigger), and contributors would get notified on any canceled run.
 # There is a feature request for suppressing notifications on concurrency-canceled runs: https://github.com/orgs/community/discussions/13015
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   check:
     name: nixpkgs-vet

.github/workflows/no-channel.yml

@@ -8,6 +8,10 @@ on:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   fail:
     if: |

.github/workflows/periodic-merge-24h.yml

@@ -16,6 +16,10 @@ on:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   periodic-merge:
     if: github.repository_owner == 'NixOS'

.github/workflows/periodic-merge-6h.yml

@@ -16,6 +16,10 @@ on:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   periodic-merge:
     if: github.repository_owner == 'NixOS'

.github/workflows/periodic-merge.yml

@@ -12,6 +12,10 @@ on:
         required: true
         type: string
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   merge:
     runs-on: ubuntu-24.04-arm

.github/workflows/reviewers.yml

@@ -22,6 +22,10 @@ concurrency:
 
 permissions: {}
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   request:
     name: Request