Include credentials in update check fetch request

This allows the update check endpoint to authenticate the request
using session cookies, enabling protected update check endpoints.

(cherry picked from commit d3173fe)

Author: tvdeyen

app/javascript/alchemy_admin/components/update_check.js

@@ -6,7 +6,7 @@ class UpdateCheck extends HTMLElement {
     spinner.spin(this)
 
     try {
-      const response = await fetch(this.url)
+      const response = await fetch(this.url, { credentials: "include" })
       const responseJSON = await response.json()
 
       if (response.ok) {

spec/javascript/alchemy_admin/components/update_check.spec.js

@@ -27,6 +27,20 @@ describe("alchemy-update-check", () => {
     vi.clearAllMocks()
   })
 
+  it("fetches with credentials included", async () => {
+    global.fetch.mockResolvedValueOnce({
+      ok: true,
+      json: () => Promise.resolve({ status: "true" })
+    })
+
+    component = renderComponent("alchemy-update-check", html)
+    await new Promise(process.nextTick)
+
+    expect(global.fetch).toHaveBeenCalledWith("/update_check", {
+      credentials: "include"
+    })
+  })
+
   it("shows update available when response is 'true'", async () => {
     global.fetch.mockResolvedValueOnce({
       ok: true,