Bump the github-actions group across 1 directory with 2 updates

[dependabot]

Bumps the github-actions group with 2 updates in the / directory: actions/setup-python and SonarSource/sonarcloud-github-c-cpp.

Updates actions/setup-python from 5.2.0 to 5.4.0

Release notes

Sourced from actions/setup-python's releases.

v5.4.0

What's Changed

Enhancements:

• Update cache error message by @​aparnajyothi-y in actions/setup-python#968
• Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 by @​priya-kinthali in actions/setup-python#985
• Configure Dependabot settings by @​HarithaVattikuti in actions/setup-python#1008

Documentation changes:

• Readme update - recommended permissions by @​benwells in actions/setup-python#1009
• Improve Advanced Usage examples by @​lrq3000 in actions/setup-python#645

Dependency updates:

• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in actions/setup-python#1012
• Upgrade urllib3 from 1.25.9 to 1.26.19 in /tests/data by @​dependabot in actions/setup-python#895
• Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in actions/setup-python#1014
• Upgrade @actions/http-client from 2.2.1 to 2.2.3 by @​dependabot in actions/setup-python#1020
• Upgrade requests from 2.24.0 to 2.32.2 in /tests/data by @​dependabot in actions/setup-python#1019
• Upgrade @actions/cache to ^4.0.0 by @​priyagupta108 in actions/setup-python#1007

New Contributors

• @​benwells made their first contribution in actions/setup-python#1009
• @​HarithaVattikuti made their first contribution in actions/setup-python#1008
• @​lrq3000 made their first contribution in actions/setup-python#645

Full Changelog: actions/setup-python@v5...v5.4.0

v5.3.0

What's Changed

• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/setup-python#941
• Upgrade IA publish by @​Jcambass in actions/setup-python#943

Bug Fixes:

• Normalise Line Endings to Ensure Cross-Platform Consistency by @​priya-kinthali in actions/setup-python#938
• Revise isGhes logic by @​jww3 in actions/setup-python#963
• Bump pillow from 7.2 to 10.2.0 by @​aparnajyothi-y in actions/setup-python#956

Enhancements:

• Enhance workflows and documentation updates by @​priya-kinthali in actions/setup-python#965
• Bump default versions to latest by @​jeffwidman in actions/setup-python#905

New Contributors

• @​Jcambass made their first contribution in actions/setup-python#941
• @​jww3 made their first contribution in actions/setup-python#963

Full Changelog: actions/setup-python@v5...v5.3.0

Commits

• 4237552 Improve Advanced Usage examples (#645)
• 709bfa5 Bump requests from 2.24.0 to 2.32.2 in /tests/data (#1019)
• ceb20b2 Bump @​actions/http-client from 2.2.1 to 2.2.3 (#1020)
• 0dc2d2c Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#1014)
• feb9c6e Bump urllib3 from 1.25.9 to 1.26.19 in /tests/data (#895)
• d0b4fc4 Bump undici from 5.28.4 to 5.28.5 (#1012)
• e3dfaac Configure Dependabot settings (#1008)
• b8cf3eb Use the new cache service: upgrade @actions/cache to ^4.0.0 (#1007)
• 1928ae6 Update README.md (#1009)
• 3fddbee Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 (#985)
• Additional commits viewable in compare view

Updates SonarSource/sonarcloud-github-c-cpp from 3.1.0 to 3.2.0

Release notes

Sourced from SonarSource/sonarcloud-github-c-cpp's releases.

v3.2.0

[!WARNING] This new version of the GitHub action for C, C++, and Objective-C with SonarQube Cloud (sonarcloud-github-c-cpp) is going to be the last one specifically designed for these languages.

This action is deprecated and will be removed in a future release.

Please use the sonarqube-scan-action and its install-build-wrapper sub-action instead.

More specifically, if the action is used to install both the SonarScanner CLI and the Build Wrapper:

• replace sonarcloud-github-c-cpp with the latest version of SonarSource/sonarqube-scan-action/install-build-wrapper
• if the step calling the action is named Install sonar-scanner and build-wrapper, or something similar, rename it to Install Build Wrapper
• replace the step calling sonar-scanner with a step using SonarSource/sonarqube-scan-action
• the arguments passed to sonar-scanner should be passed to the action via the args input parameter

If the action is used to install the SonarScanner CLI, and the Build Wrapper is not required:

• remove the sonarcloud-github-c-cpp step altogether
• replace the step calling sonar-scanner with a step using SonarSource/sonarqube-scan-action
• the arguments passed to sonar-scanner should be passed to the action via the args input parameter

Check the C++ section in the README of the sonarqube-scan-action for complete examples.

What's Changed

• SCCPPGHA-9 Upgrade all recommended GitHub Action versions by @​7PH in SonarSource/sonarcloud-github-c-cpp#61
• SCCPPGHA-13 Add Jira integration by @​pavel-mikula-sonarsource in SonarSource/sonarcloud-github-c-cpp#62
• SCCPPGHA-10 Rebrand and forward to the C and C++ action for SQS by @​antonioaversa in SonarSource/sonarcloud-github-c-cpp#64
• SCCPPGHA-16 Deprecate in favor of sonarqube-scan-action by @​antonioaversa in SonarSource/sonarcloud-github-c-cpp#66
• SCCPPGHA-21 Change title back to SonarCloud Scan for C and C++ by @​antonioaversa in SonarSource/sonarcloud-github-c-cpp#65

New Contributors

• @​7PH made their first contribution in SonarSource/sonarcloud-github-c-cpp#61
• @​pavel-mikula-sonarsource made their first contribution in SonarSource/sonarcloud-github-c-cpp#62
• @​antonioaversa made their first contribution in SonarSource/sonarcloud-github-c-cpp#64

Full Changelog: SonarSource/sonarcloud-github-c-cpp@v3.1.0...v3.2.0

Commits

• 44cc4d3 SCCPPGHA-21 Change title back to SonarCloud Scan for C and C++ (#65)
• 211a45f SCCPPGHA-16 Deprecate in favor of sonarqube-scan-action (#66)
• 166e6d6 SCCPPGHA-10 Rebrand and forward to the C and C++ action for SQS (#64)
• 0aed737 Add Jira integration
• 754f54f SCCPPGHA-9 Upgrade all recommended GitHub Action versions (#61)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud