chore(deps): update gradle/actions action to v5

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
gradle/actions	action	major	v4.4.4 -> v5.0.0

---

Release Notes

gradle/actions (gradle/actions)

v5.0.0

Compare Source

What's Changed

Breaking Changes

• Upgrade to node 24 by @​amyu in #​721

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency upgrades

• Bump the github-actions group across 1 directory with 2 updates by @​dependabot[bot] in #​748

Full Changelog: gradle/actions@v4...v5.0.0

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Trivy image scan report

ghcr.io/chgl/github-reusable-workflow-with-fixed-image-tags:v1.2.3-beta.123 (debian 13.1)

9 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 6 LOW: 3)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
libssl3t64	CVE-2025-9230	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
libssl3t64	CVE-2025-9231	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
libssl3t64	CVE-2025-9232	LOW	3.5.1-1	3.5.1-1+deb13u1
openssl	CVE-2025-9230	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl	CVE-2025-9231	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl	CVE-2025-9232	LOW	3.5.1-1	3.5.1-1+deb13u1
openssl-provider-legacy	CVE-2025-9230	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl-provider-legacy	CVE-2025-9231	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl-provider-legacy	CVE-2025-9232	LOW	3.5.1-1	3.5.1-1+deb13u1

No Misconfigurations found

Python

No Vulnerabilities found

No Misconfigurations found

[github-actions]

Trivy image scan report

ghcr.io/chgl/github-reusable-workflow-without-test-image:pr-196 (debian 13.1)

9 known vulnerabilities found (LOW: 3 CRITICAL: 0 HIGH: 0 MEDIUM: 6)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
libssl3t64	CVE-2025-9230	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
libssl3t64	CVE-2025-9231	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
libssl3t64	CVE-2025-9232	LOW	3.5.1-1	3.5.1-1+deb13u1
openssl	CVE-2025-9230	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl	CVE-2025-9231	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl	CVE-2025-9232	LOW	3.5.1-1	3.5.1-1+deb13u1
openssl-provider-legacy	CVE-2025-9230	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl-provider-legacy	CVE-2025-9231	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl-provider-legacy	CVE-2025-9232	LOW	3.5.1-1	3.5.1-1+deb13u1

No Misconfigurations found

Python

No Vulnerabilities found

No Misconfigurations found

[github-actions]

Trivy image scan report

ghcr.io/chgl/github-reusable-workflow:pr-196 (debian 13.1)

9 known vulnerabilities found (HIGH: 0 MEDIUM: 6 LOW: 3 CRITICAL: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
libssl3t64	CVE-2025-9230	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
libssl3t64	CVE-2025-9231	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
libssl3t64	CVE-2025-9232	LOW	3.5.1-1	3.5.1-1+deb13u1
openssl	CVE-2025-9230	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl	CVE-2025-9231	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl	CVE-2025-9232	LOW	3.5.1-1	3.5.1-1+deb13u1
openssl-provider-legacy	CVE-2025-9230	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl-provider-legacy	CVE-2025-9231	MEDIUM	3.5.1-1	3.5.1-1+deb13u1
openssl-provider-legacy	CVE-2025-9232	LOW	3.5.1-1	3.5.1-1+deb13u1

No Misconfigurations found

Python

No Vulnerabilities found

No Misconfigurations found

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	4		0	0	0.09s
✅ COPYPASTE	jscpd	yes		no	no	1.14s
✅ DOCKERFILE	hadolint	1		0	0	0.05s
✅ JSON	jsonlint	3		0	0	0.14s
⚠️ JSON	prettier	3		1	0	0.49s
✅ JSON	v8r	3		0	0	3.59s
✅ MARKDOWN	markdownlint	1		0	0	0.5s
✅ MARKDOWN	markdown-table-formatter	1		0	0	0.32s
✅ PYTHON	bandit	1		0	0	1.85s
✅ PYTHON	black	1		0	0	0.87s
✅ PYTHON	flake8	1		0	0	0.8s
✅ PYTHON	isort	1		0	0	0.24s
✅ PYTHON	mypy	1		0	0	3.6s
✅ PYTHON	pylint	1		0	0	3.19s
✅ PYTHON	pyright	1		0	0	1.61s
✅ PYTHON	ruff	1		0	0	0.03s
✅ REPOSITORY	dustilock	yes		no	no	0.02s
✅ REPOSITORY	gitleaks	yes		no	no	0.33s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
✅ REPOSITORY	grype	yes		no	no	30.36s
✅ REPOSITORY	kics	yes		no	no	3.08s
✅ REPOSITORY	secretlint	yes		no	no	1.59s
✅ REPOSITORY	syft	yes		no	no	2.17s
✅ REPOSITORY	trivy	yes		no	no	8.6s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.14s
✅ REPOSITORY	trufflehog	yes		no	no	3.84s
✅ YAML	prettier	6		0	0	0.75s
✅ YAML	v8r	6		0	0	6.13s
✅ YAML	yamllint	6		0	0	0.65s

Detailed Issues

⚠️ JSON / prettier - 1 error

Checking formatting...
[warn] .renovaterc.json
[warn] Code style issues found in the above file. Run Prettier with --write to fix.

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.0.1 --custom-flavor-setup --custom-flavor-linters PYTHON_PYLINT,PYTHON_BLACK,PYTHON_FLAKE8,PYTHON_ISORT,PYTHON_BANDIT,PYTHON_MYPY,PYTHON_PYRIGHT,PYTHON_RUFF,ACTION_ACTIONLINT,COPYPASTE_JSCPD,DOCKERFILE_HADOLINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_DUSTILOCK,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_KICS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

[github-actions]

🎉 This PR is included in version 1.10.64 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀