build(deps): Bump the actions group across 1 directory with 3 updates

[dependabot]

Bumps the actions group with 3 updates in the / directory: actions/setup-java, gradle/actions/setup-gradle and ruby/setup-ruby.

Updates actions/setup-java from 5.2.0 to 5.3.0

Release notes

Sourced from actions/setup-java's releases.

v5.3.0

What's Changed

• chore: update Java version to 25 in setup examples by @​alaahong in actions/setup-java#969
• Bump minimatch from 3.1.2 to 3.1.5 by @​dependabot[bot] in actions/setup-java#984
• Refactor error handling and improve test logging for installers by @​chiranjib-swain in actions/setup-java#989
• chore: upgrade dependencies (@​actions/core, cache, glob, http-client, tool-cache, xmlbuilder2) by @​Copilot in actions/setup-java#999
• Add Oracle JDK 17 licensing limitation note by @​mahabaleshwars in actions/setup-java#1001
• Update readme for ubuntu sudo java_home behavior by @​mahabaleshwars in actions/setup-java#1013
• temurin: add support for Alpine Linux by @​gdams in actions/setup-java#674
• fix: resolve npm audit vulnerabilities in fast-xml-builder and fast-xml-parser by @​gdams in actions/setup-java#1015
• Bump @​typescript-eslint/eslint-plugin from 8.35.1 to 8.48.0 by @​dependabot[bot] in actions/setup-java#952
• Bump eslint-config-prettier from 8.10.0 to 10.1.8 by @​dependabot[bot] in actions/setup-java#881
• Bump picomatch, @​types/jest, jest, jest-circus and ts-jest by @​dependabot[bot] in actions/setup-java#1016
• Bump @​types/node from 24.1.0 to 25.9.3 by @​dependabot[bot] in actions/setup-java#950
• Implement pagination with link headers for Adoptium based apis by @​johnoliver in actions/setup-java#1014
• Make the Adoptopenjdk package type look at the Temurin repo first for latest assets by @​johnoliver in actions/setup-java#522
• Bump @​vercel/ncc from 0.38.1 to 0.44.0 by @​dependabot[bot] in actions/setup-java#1018

New Contributors

• @​alaahong made their first contribution in actions/setup-java#969
• @​Copilot made their first contribution in actions/setup-java#999
• @​johnoliver made their first contribution in actions/setup-java#1014

Full Changelog: actions/setup-java@v5...v5.3.0

Commits

• ad2b381 Bump @​vercel/ncc from 0.38.1 to 0.44.0 (#1018)
• b24df5b Make the Adoptopenjdk package type look at the Temurin repo first for latest ...
• 43120bc Implement pagination with link headers for Adoptium based apis (#1014)
• ad9d6a6 Bump @​types/node from 24.1.0 to 25.9.3 (#950)
• 039af37 Bump picomatch, @​types/jest, jest, jest-circus and ts-jest (#1016)
• 1756ab6 Bump eslint-config-prettier from 8.10.0 to 10.1.8 (#881)
• 662bb59 Bump @​typescript-eslint/eslint-plugin from 8.35.1 to 8.46.2 (#952)
• 1071fc1 fix: resolve npm audit vulnerabilities in fast-xml-builder and fast-xml-parse...
• 576b821 Merge pull request #674 from gdams/alpine
• 307d3a2 update readme for ubuntu sudo java_home behavior (#1013)
• Additional commits viewable in compare view

Updates gradle/actions/setup-gradle from 6.1.0 to 6.2.0

Release notes

Sourced from gradle/actions/setup-gradle's releases.

v6.2.0

Highlights

This release brings significant behaviour improvements to Enhanced caching, improvements to the generated Job Summary, and a number of correctness and security fixes.

1. Improved cache-cleanup mechanism. Cleanup of stale files from the Gradle User Home is now faster, and no longer depends on Gradle or a JVM. It works by inspecting the local file state directly, removing the Gradle invocation from the post-build step.
2. More granular, more stable caching. The local build cache is stored as a separate cache entry, so it can be restored and invalidated independently of the main Gradle User Home entry. Transient Gradle housekeeping files are excluded from the cache, reducing its size and improving stability.
3. Hide obsolete Job summaries in PR commments: When a new Job summary comment is added to a PR, previous outdated Job summaries are now hidden.
4. Improved caching report in the job summary. The cache report now uses a single, consistent layout across all cache states and providers. Provider information is integrated directly into the report, and per-entry details are available in an expandable section. (#985)
5. Correctness and security fixes. A unique cache key is now used per run attempt, so re-runs no longer collide; the job summary shows the cache key string rather than an internal id; and bundled dependencies have been updated, including a ReDoS fix and a fast-xml CVE fix.

What's Changed

• Remove unnecessary dependency overrides by @​bigdaz in gradle/actions#981
• Scope CI-integ-test concurrency groups per-branch by @​bigdaz in gradle/actions#983
• Improve typings by @​Vampire in gradle/actions#938
• Hide obsolete Job summaries by @​SimonMarquis in gradle/actions#902
• CI: add requireable aggregate/no-op checks for branch protection by @​bigdaz in gradle/actions#984
• Redesign the caching Job Summary by @​bigdaz in gradle/actions#985

New Contributors

• @​Vampire made their first contribution in gradle/actions#938

Full Changelog: gradle/actions@v6.1.1...v6.2.0

v6.1.1

This release updates various dependency versions, resolving several reported security vulnerabilities. No functional changes are included

What's Changed

• Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /sources/test/init-scripts by @​bot-githubaction in gradle/actions#961
• Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/gradle-plugin by @​bot-githubaction in gradle/actions#962
• Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/groovy-dsl by @​bot-githubaction in gradle/actions#963
• Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/java-toolchain by @​bot-githubaction in gradle/actions#964
• Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/kotlin-dsl by @​bot-githubaction in gradle/actions#965
• Update known wrapper checksums by @​github-actions[bot] in gradle/actions#937
• Bump the github-actions group across 2 directories with 8 updates by @​dependabot[bot] in gradle/actions#976
• Bump the npm-dependencies group across 1 directory with 14 updates by @​dependabot[bot] in gradle/actions#970
• Bump references to Develocity Gradle plugin from 4.4.0 to 4.4.2 by @​bot-githubaction in gradle/actions#973
• Bump the npm-dependencies group in /sources with 5 updates by @​dependabot[bot] in gradle/actions#977
• Update @​actions/cache and @​actions/artifact, stop ignoring them in Dependabot by @​bigdaz in gradle/actions#978
• Resolve npm security vulnerabilities via dependency overrides by @​bigdaz in gradle/actions#980

Full Changelog: gradle/actions@v6.1.0...v6.1.1

Commits

• 3f131e8 [bot] Update dist directory
• 97715a2 Redesign the caching Job Summary (#985)
• 8b6cdb5 CI: add requireable aggregate/no-op checks for branch protection (#984)
• 5852e0e [bot] Update dist directory
• 318eed7 Hide obsolete Job summaries (#902)
• a740661 Improve typings (#938)
• 7ae0d02 Update gradle-actions-caching library to v0.6.0 (#982)
• e473973 Scope CI-integ-test concurrency groups per-branch
• 35a4a3f Queue up integ-test runs
• b6eebf3 [bot] Update dist directory
• Additional commits viewable in compare view

Updates ruby/setup-ruby from 1.312.0 to 1.313.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.313.0

What's Changed

• Add jruby-10.0.6.0 by @​ruby-builder-bot in ruby/setup-ruby#921

Full Changelog: ruby/setup-ruby@v1.312.0...v1.313.0

Commits

• 89f9052 Add jruby-10.0.6.0
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions