From 47420ed881e5b668780097ba1a5024609c11c3cf Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 4 Sep 2025 05:50:18 +0000
Subject: [PATCH] ci(deps): bump the github-action-dependencies group across 1
 directory with 4 updates

Bumps the github-action-dependencies group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/setup-java](https://github.com/actions/setup-java), [hadolint/hadolint-action](https://github.com/hadolint/hadolint-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

Updates `actions/setup-java` from 4 to 5
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v4...v5)

Updates `hadolint/hadolint-action` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/hadolint/hadolint-action/releases)
- [Changelog](https://github.com/hadolint/hadolint-action/blob/master/.releaserc)
- [Commits](https://github.com/hadolint/hadolint-action/compare/v3.1.0...v3.2.0)

Updates `aquasecurity/trivy-action` from 0.29.0 to 0.33.1
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.29.0...0.33.1)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-action-dependencies
- dependency-name: actions/setup-java
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-action-dependencies
- dependency-name: hadolint/hadolint-action
  dependency-version: 3.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-action-dependencies
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.33.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/pipeline.yml | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
index 503a749..e7761ae 100644
--- a/.github/workflows/pipeline.yml
+++ b/.github/workflows/pipeline.yml
@@ -15,7 +15,7 @@ jobs:
   conventional-commit-check:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
       - name: Conventional commit check
@@ -24,8 +24,8 @@ jobs:
     runs-on: ubuntu-latest
     needs: conventional-commit-check
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/checkout@v5
+      - uses: actions/setup-java@v5
         with:
           distribution: adopt
           java-version: 21
@@ -43,8 +43,8 @@ jobs:
     runs-on: ubuntu-latest
     needs: build
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/checkout@v5
+      - uses: actions/setup-java@v5
         with:
           distribution: adopt
           java-version: 21
@@ -64,8 +64,8 @@ jobs:
     runs-on: ubuntu-latest
     needs: build
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/checkout@v5
+      - uses: actions/setup-java@v5
         with:
           distribution: adopt
           java-version: 21
@@ -83,8 +83,8 @@ jobs:
     runs-on: ubuntu-latest
     needs: build
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/checkout@v5
+      - uses: actions/setup-java@v5
         with:
           distribution: adopt
           java-version: 21
@@ -106,14 +106,14 @@ jobs:
     runs-on: ubuntu-latest
     needs: build
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: snyk/actions/maven-3-jdk-21@master
         name: Run Snyk scan for dependency and license
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with:
           args: --severity-threshold=high
-      - uses: actions/setup-java@v4
+      - uses: actions/setup-java@v5
         with:
           distribution: adopt
           java-version: 21
@@ -127,13 +127,13 @@ jobs:
     runs-on: ubuntu-latest
     needs: build
     steps:
-      - uses: actions/checkout@v4
-      - uses: hadolint/hadolint-action@v3.1.0
+      - uses: actions/checkout@v5
+      - uses: hadolint/hadolint-action@v3.2.0
         with:
           dockerfile: Dockerfile
           failure-threshold: error
       - name: Run Trivy vulnerability for IAC
-        uses: aquasecurity/trivy-action@0.29.0
+        uses: aquasecurity/trivy-action@0.33.1
         with:
           scan-type: config
           scan-ref: './'
@@ -171,7 +171,7 @@ jobs:
     outputs:
       is-dryrun-version-bumped: ${{ steps.bump-version.outputs.is-dryrun-version-bumped }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
       - name: fetch-tags
@@ -234,7 +234,7 @@ jobs:
     environment:
       name: approve-release # Manual Approval to decide if we are ready to push tags and release
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
           fetch-tags: true