Skip to content

build(deps): Bump the gh-actions group with 2 updates#132

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/github_actions/gh-actions-18b98a76b5
Jul 17, 2026
Merged

build(deps): Bump the gh-actions group with 2 updates#132
github-actions[bot] merged 1 commit into
mainfrom
dependabot/github_actions/gh-actions-18b98a76b5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 17, 2026

Copy link
Copy Markdown
Contributor

Bumps the gh-actions group with 2 updates: actions/setup-java and sonarsource/sonarqube-scan-action.

Updates actions/setup-java from 5.5.0 to 5.6.0

Release notes

Sourced from actions/setup-java's releases.

v5.6.0

What's Changed

Full Changelog: actions/setup-java@v5...v5.6.0

Commits
  • 03ad4de Backport #1097/#1098: cache Maven and Gradle wrapper distributions separately...
  • d229d2e Backport #1111: Preserve Maven toolchains across repeated setup-java runs (#1...
  • bbf0f69 dist: Cover Tencent Kona JDK 25 (#1110)
  • 513edc4 feat: expose cache-primary-key output (#597) [v5 backport] (#1089)
  • 62df799 Add Maven compiler problem matcher for javac diagnostics (#1087)
  • 176156a chore: bump version to 5.6.0 for v5 release line
  • bf7b8de build: rebuild dist for backported changes (#1079, #1083, #1084)
  • 0173e6d Infer distribution from asdf .tool-versions vendor prefix (#1084)
  • f45cd82 Rename jdkFile input to jdk-file with deprecated alias (#1083)
  • e2863ad Map Zulu x86 architecture to i686 for Azul Metadata API (#1079)
  • Additional commits viewable in compare view

Updates sonarsource/sonarqube-scan-action from 8.2.0 to 8.2.1

Release notes

Sourced from sonarsource/sonarqube-scan-action's releases.

v8.2.1

What's Changed

Bug fix

  • SQSCANGHA-156 GPG signature verification fails when temporary directory path is too long

Full Changelog: SonarSource/sonarqube-scan-action@v8.2.0...v8.2.1

Commits
  • 2291811 SQSCANGHA-156 GPG signature verification fails when temporary directory path ...
  • 7cdc154 SQSCANGHA-153 NO-JIRA Bump actions/checkout from 6.0.2 to 7.0.0 (#255)
  • 45f2736 SQSCANGHA-151 Change Code Owners (#254)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gh-actions group with 2 updates: [actions/setup-java](https://github.com/actions/setup-java) and [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action).


Updates `actions/setup-java` from 5.5.0 to 5.6.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@0f481fc...03ad4de)

Updates `sonarsource/sonarqube-scan-action` from 8.2.0 to 8.2.1
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](SonarSource/sonarqube-scan-action@7138816...2291811)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions
- dependency-name: sonarsource/sonarqube-scan-action
  dependency-version: 8.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 17, 2026
@github-actions
github-actions Bot enabled auto-merge (squash) July 17, 2026 14:27
@github-actions
github-actions Bot merged commit 470e311 into main Jul 17, 2026
7 checks passed
@dependabot
dependabot Bot deleted the dependabot/github_actions/gh-actions-18b98a76b5 branch July 17, 2026 14:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants