From 37b47711958dc2ce4df3ebe7a59a2c9b6d9a0de9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 26 Nov 2025 10:09:34 +0000
Subject: [PATCH] Bump the github group across 1 directory with 6 updates

Bumps the github group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.12.0` | `2.13.2` |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |
| [actions/setup-java](https://github.com/actions/setup-java) | `4` | `5` |
| [gradle/actions](https://github.com/gradle/actions) | `4.4.0` | `5.0.0` |
| [octo-sts/action](https://github.com/octo-sts/action) | `1.0.0` | `1.0.3` |
| [actions/setup-node](https://github.com/actions/setup-node) | `4` | `6` |



Updates `step-security/harden-runner` from 2.12.0 to 2.13.2
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...95d9a5deda9de15063e7595e9719c11c38c90ae2)

Updates `actions/checkout` from 4 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

Updates `actions/setup-java` from 4 to 5
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v4...v5)

Updates `gradle/actions` from 4.4.0 to 5.0.0
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](https://github.com/gradle/actions/compare/8379f6a1328ee0e06e2bb424dadb7b159856a326...4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2)

Updates `octo-sts/action` from 1.0.0 to 1.0.3
- [Release notes](https://github.com/octo-sts/action/releases)
- [Commits](https://github.com/octo-sts/action/compare/v1.0.0...v1.0.3)

Updates `actions/setup-node` from 4 to 6
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v4...v6)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.13.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github
- dependency-name: actions/setup-java
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github
- dependency-name: gradle/actions
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github
- dependency-name: octo-sts/action
  dependency-version: 1.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github
- dependency-name: actions/setup-node
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/automerge.yaml              | 2 +-
 .github/workflows/build-gradle-ghtoken.yaml   | 6 +++---
 .github/workflows/build-gradle-pattoken.yaml  | 6 +++---
 .github/workflows/build-npm-octoststoken.yaml | 6 +++---
 .github/workflows/sts-reusable.yaml           | 8 ++++----
 5 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/automerge.yaml b/.github/workflows/automerge.yaml
index f36fa3e..12a8c2b 100644
--- a/.github/workflows/automerge.yaml
+++ b/.github/workflows/automerge.yaml
@@ -10,7 +10,7 @@ jobs:
       contents: read
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
       - uses: actions/create-github-app-token@v2
diff --git a/.github/workflows/build-gradle-ghtoken.yaml b/.github/workflows/build-gradle-ghtoken.yaml
index b8e804e..c4ca8db 100644
--- a/.github/workflows/build-gradle-ghtoken.yaml
+++ b/.github/workflows/build-gradle-ghtoken.yaml
@@ -9,13 +9,13 @@ jobs:
       contents: read
       packages: read
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/checkout@v6
+      - uses: actions/setup-java@v5
         with:
           java-version: '21'
           distribution: 'temurin'
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
+        uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
       - name: Generate sbom
         run: ./gradlew cyclonedxBom
         env:
diff --git a/.github/workflows/build-gradle-pattoken.yaml b/.github/workflows/build-gradle-pattoken.yaml
index 5e04ae7..acd8f4f 100644
--- a/.github/workflows/build-gradle-pattoken.yaml
+++ b/.github/workflows/build-gradle-pattoken.yaml
@@ -9,13 +9,13 @@ jobs:
       contents: read
       packages: read
     steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/checkout@v6
+      - uses: actions/setup-java@v5
         with:
           java-version: '21'
           distribution: 'temurin'
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
+        uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
       - name: Generate sbom
         run: ./gradlew cyclonedxBom
         env:
diff --git a/.github/workflows/build-npm-octoststoken.yaml b/.github/workflows/build-npm-octoststoken.yaml
index c28f55d..c115f7c 100644
--- a/.github/workflows/build-npm-octoststoken.yaml
+++ b/.github/workflows/build-npm-octoststoken.yaml
@@ -10,13 +10,13 @@ jobs:
     permissions:
       id-token: write
     steps:
-      - uses: actions/checkout@v4
-      - uses: octo-sts/action@v1.0.0
+      - uses: actions/checkout@v6
+      - uses: octo-sts/action@v1.0.3
         id: octo-sts
         with:
           scope: ${{ github.repository_owner }}
           identity: readertoken
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@v6
         with:
           node-version: 20
           registry-url: "https://npm.pkg.github.com"
diff --git a/.github/workflows/sts-reusable.yaml b/.github/workflows/sts-reusable.yaml
index 44c2cc8..a3de7cd 100644
--- a/.github/workflows/sts-reusable.yaml
+++ b/.github/workflows/sts-reusable.yaml
@@ -10,7 +10,7 @@ jobs:
       contents: read
       id-token: write # for octo-sts
     steps:
-      - uses: octo-sts/action@6177b4481c00308b3839969c3eca88c96a91775f
+      - uses: octo-sts/action@d6c70ad3b9ac85df6da6b9749014d7283987cfec
         id: octo-sts
         with:
           scope: navikt/appsec-internal-test
@@ -23,13 +23,13 @@ jobs:
 #          -H "Accept: application/vnd.github+json" \
 #          -H "X-GitHub-Api-Version: 2022-11-28" \
 #          "/orgs/navikt/packages?package_type=maven"
-      - uses: actions/checkout@v4
-      - uses: actions/setup-java@v4
+      - uses: actions/checkout@v6
+      - uses: actions/setup-java@v5
         with:
           java-version: '21'
           distribution: 'temurin'
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0
+        uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
       - name: Generate sbom
         run: ./gradlew cyclonedxBom
         env: