Dependabot (repo and reusable workflows): Bump the gh-actions group across 1 directory with 7 updates

.github/workflows/dependabot-tracking.yml

@@ -22,4 +22,4 @@ jobs:
 
       # marocchino/sticky-pull-request-comment v2.9.4
       # SHA: 773744901bac0e8cbb5a0dc842800d45e9b2b405
-      - uses: marocchino/sticky-pull-request-comment@v2.9.4
+      - uses: marocchino/sticky-pull-request-comment@v3.0.4

.github/workflows/reusable-workflow-sast.yml

@@ -122,7 +122,7 @@ jobs:
     if: ${{ (github.actor != 'dependabot[bot]') && (inputs.force_semgrep == true || needs.test-visibility.outputs.visibility == 'private') }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       # Run the "semgrep scan" command on the command line of the docker image.
       - run: semgrep scan --config auto --sarif --sarif-output=semgrep.sarif --force-color
@@ -133,7 +133,7 @@ jobs:
         run: |
           echo report_name=${{ github.run_id }}_${{ github.run_number }}_semgrep >> "$GITHUB_OUTPUT"
 
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v7
         with:  
             name: ${{ steps.name-sarifs.outputs.report_name }}
             path: ${{ github.workspace }}/semgrep.sarif
@@ -161,12 +161,12 @@ jobs:
     steps:
 
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           persist-credentials: false
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           queries: ${{ inputs.queries }}
           config-file: ${{ inputs.config_file }}
@@ -175,15 +175,15 @@ jobs:
         if: ${{ inputs.config_file != '' }}
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           queries: ${{ inputs.queries }}
           languages: ${{ inputs.language }}
           debug: ${{ inputs.debug }}
         if: ${{ inputs.config_file == '' }}
 
       - name: Setup dotnet ${{ inputs.dotnet_version }}
-        uses: actions/setup-dotnet@v4
+        uses: actions/setup-dotnet@v5
         with:
           dotnet-version: ${{ inputs.dotnet_version }}
           source-url: ${{ inputs.nuget-source-url }}
@@ -208,7 +208,7 @@ jobs:
         if: ${{ inputs.language == 'csharp' && inputs.dotnet_build_params != '' }}
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
         with:
           ref: ${{ inputs.ref }}
           sha: ${{ inputs.sha }}
@@ -231,7 +231,7 @@ jobs:
     if: ${{ needs.test-visibility.outputs.visibility == 'public' }}
     steps:
 
-      - uses: actions/create-github-app-token@v2
+      - uses: actions/create-github-app-token@v3
         if: ${{ env.CODEQL_AUTHENTICATION_PRIVATE_KEY }}
         id: app-token
         with:
@@ -242,7 +242,7 @@ jobs:
 
       - name: Advance Security Compliance Action
         if: ${{ env.CODEQL_AUTHENTICATION_PRIVATE_KEY }}
-        uses: advanced-security/policy-as-code@v2.10.1
+        uses: advanced-security/policy-as-code@v2.11.1
         with:
           # Set the severity levels which to set the threshold. All previous 
           # severities are included so selecting 'error' also selects 'critical' and 

.github/workflows/test-setup-environment-variables.yml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
 
       - name: Setup Environment Variables
         uses: ./set-up-environment