From a7c2c8567fc2b0596d37944e73bc8d1beb483afa Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 29 Sep 2025 18:09:06 +0000
Subject: [PATCH] chore: bump the workflow-actions group with 4 updates

Bumps the workflow-actions group with 4 updates: [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions), [actions/checkout](https://github.com/actions/checkout), [actions/setup-java](https://github.com/actions/setup-java) and [gradle/actions](https://github.com/gradle/actions).


Updates `zgosalvez/github-actions-ensure-sha-pinned-actions` from 3.0.25 to 4.0.0
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases)
- [Commits](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/compare/fc87bb5b5a97953d987372e74478de634726b3e5...9e9574ef04ea69da568d6249bd69539ccc704e74)

Updates `actions/checkout` from 4.2.2 to 5.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8)

Updates `actions/setup-java` from 4.7.1 to 5.0.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/c5195efecf7bdfc987ee8bae7a71cb8b11521c00...dded0888837ed1f317902acf8a20df0ad188d165)

Updates `gradle/actions` from 4.4.0 to 4.4.4
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](https://github.com/gradle/actions/compare/8379f6a1328ee0e06e2bb424dadb7b159856a326...748248ddd2a24f49513d8f472f81c3a07d4d50e1)

---
updated-dependencies:
- dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: workflow-actions
- dependency-name: actions/checkout
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: workflow-actions
- dependency-name: actions/setup-java
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: workflow-actions
- dependency-name: gradle/actions
  dependency-version: 4.4.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: workflow-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/build.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index ac5ae79d9..fa4d5f0d5 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -24,15 +24,15 @@ jobs:
     - uses: 'hmarr/debug-action@cd1afbd7852b7ad7b1b7a9a1b03efebd3b0a1820' # v3.0.0
 
     # https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions
-    - uses: 'zgosalvez/github-actions-ensure-sha-pinned-actions@fc87bb5b5a97953d987372e74478de634726b3e5' # v3.0.25
+    - uses: 'zgosalvez/github-actions-ensure-sha-pinned-actions@9e9574ef04ea69da568d6249bd69539ccc704e74' # v4.0.0
 
     # https://github.com/actions/checkout
     - name: 'checkout'
-      uses: 'actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683' # v4.2.2
+      uses: 'actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8' # v5.0.0
 
     # https://github.com/actions/setup-java
     - name: 'Set up JDK'
-      uses: 'actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00' # v4.7.1
+      uses: 'actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165' # v5.0.0
       with:
         java-version: '17'
         distribution: 'temurin'
@@ -40,11 +40,11 @@ jobs:
 
       # https://github.com/gradle/actions/tree/main/setup-gradle
     - name: 'Set up Gradle'
-      uses: 'gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326' # v4.2.2
+      uses: 'gradle/actions/setup-gradle@748248ddd2a24f49513d8f472f81c3a07d4d50e1' # v4.2.2
 
       # https://github.com/gradle/actions/tree/main/dependency-submission
     - name: "Generate and submit dependency graph"
-      uses: "gradle/actions/dependency-submission@8379f6a1328ee0e06e2bb424dadb7b159856a326" # v4.2.2
+      uses: "gradle/actions/dependency-submission@748248ddd2a24f49513d8f472f81c3a07d4d50e1" # v4.2.2
       with:
         cache-cleanup: "never"
         dependency-graph-report-dir: "${{ github.workspace }}/build/dependency-graph-reports"