From 3f057dc54a59793abfec70eb7ff751f3666d63c8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 11 Aug 2025 20:40:57 +0000
Subject: [PATCH] deps: bump the production-dependencies group with 2 updates

Bumps the production-dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [actions/download-artifact](https://github.com/actions/download-artifact).


Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

Updates `actions/download-artifact` from 4 to 5
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: actions/download-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci.yml             | 10 +++++-----
 .github/workflows/hotspots.yml       |  4 ++--
 .github/workflows/publish.yml        |  8 ++++----
 .github/workflows/update-release.yml |  2 +-
 4 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 77145daf..70e69ad6 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -15,7 +15,7 @@ jobs:
         language: [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       # Conditionally run actions based on files modified by PR, feature branch or pushed commits
       - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36
@@ -128,7 +128,7 @@ jobs:
             core.setFailed('Test run job failed')
 
       - name: Collect test results
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
 
       - name: Validate test results
         run: |
@@ -157,7 +157,7 @@ jobs:
         language: [ 'csharp', 'java' ]
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           submodules: true
 
@@ -190,7 +190,7 @@ jobs:
         language: [ 'csharp', 'java' ]
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           submodules: true
 
@@ -218,7 +218,7 @@ jobs:
     needs: compile-and-test
     
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36
         id: changes
diff --git a/.github/workflows/hotspots.yml b/.github/workflows/hotspots.yml
index e53dd532..7fec52fc 100644
--- a/.github/workflows/hotspots.yml
+++ b/.github/workflows/hotspots.yml
@@ -15,7 +15,7 @@ jobs:
       packages: write
     steps:
       - name: Checkout github/codeql
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           path: codeql
           repository: github/codeql
@@ -23,7 +23,7 @@ jobs:
           fetch-depth: 0
 
       - name: Checkout github/codeql-community-packs
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           path: codeql-community-packs
           repository: githubsecuritylab/codeql-community-packs
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index bdc0889e..6642153e 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -20,7 +20,7 @@ jobs:
         language: ["cpp", "csharp", "go", "java", "javascript", "python", "ruby"] 
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Check codeql-LANG-queries (src) pack
         id: check_version
@@ -63,7 +63,7 @@ jobs:
         language: ["cpp", "csharp", "go", "java", "javascript", "python", "ruby"] 
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Check codeql-LANG-libs (lib) pack
         id: check_version
@@ -106,7 +106,7 @@ jobs:
         language: ["csharp", "java"]
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Check codeql-LANG-extensions (ext) pack
         id: check_version
@@ -149,7 +149,7 @@ jobs:
         language: ["csharp", "java"]
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - name: Check codeql-LANG-library-sources (ext-library-sources) pack
         id: check_version
diff --git a/.github/workflows/update-release.yml b/.github/workflows/update-release.yml
index 6276af4a..85e7139b 100644
--- a/.github/workflows/update-release.yml
+++ b/.github/workflows/update-release.yml
@@ -19,7 +19,7 @@ jobs:
 
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Get Token
         id: get_workflow_token