build(deps): bump actions/setup-java from 3 to 5

[dependabot]

Bumps actions/setup-java from 3 to 5.

Release notes

Sourced from actions/setup-java's releases.

v5.0.0

What's Changed

Breaking Changes

• Upgrade to node 24 by @​salmanmkc in actions/setup-java#888

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency Upgrades

• Upgrade Publish Immutable Action by @​HarithaVattikuti in actions/setup-java#798
• Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @​dependabot[bot] in actions/setup-java#730
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in actions/setup-java#833
• Upgrade form-data to bring in fix for critical vulnerability by @​gowridurgad in actions/setup-java#887
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-java#896

Bug Fixes

• Prevent default installation of JetBrains pre-releases by @​priyagupta108 in actions/setup-java#859
• Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failures by @​gowridurgad in actions/setup-java#848

New Contributors

• @​gowridurgad made their first contribution in actions/setup-java#848
• @​salmanmkc made their first contribution in actions/setup-java#888

Full Changelog: actions/setup-java@v4...v5.0.0

v4.7.1

What's Changed

Documentation changes

• Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Align with GFTC License Terms by @​aparnajyothi-y in actions/setup-java#704
• Remove duplicated GraalVM section in documentation by @​Marcono1234 in actions/setup-java#716

Dependency updates:

• Upgrade @​action/cache from 4.0.0 to 4.0.2 by @​aparnajyothi-y in actions/setup-java#766
• Upgrade @​actions/glob from 0.4.0 to 0.5.0 by @​dependabot in actions/setup-java#744
• Upgrade ts-jest from 29.1.2 to 29.2.5 by @​dependabot in actions/setup-java#743
• Upgrade @​action/cache to 4.0.3 by @​aparnajyothi-y in actions/setup-java#773

Full Changelog: actions/setup-java@v4...v4.7.1

v4.7.0

What's Changed

• Configure Dependabot settings by @​HarithaVattikuti in actions/setup-java#722
• README Update: Added a permissions section by @​benwells in actions/setup-java#723
• Upgrade cache from version 3.2.4 to 4.0.0 by @​aparnajyothi-y in actions/setup-java#724
• Upgrade @actions/http-client from 2.2.1 to 2.2.3 by @​dependabot in actions/setup-java#728
• Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in actions/setup-java#727
• Upgrade @types/jest from 29.5.12 to 29.5.14 by @​dependabot in actions/setup-java#729

... (truncated)

Commits

• dded088 Bump actions/checkout from 4 to 5 (#896)
• 0913e9a Upgrade to node 24 (#888)
• e9343db Bumps form-data (#887)
• ae2b61d Bump undici from 5.28.5 to 5.29.0 (#833)
• c190c18 Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (#730)
• 67aec00 Fix: prevent default installation of JetBrains pre-releases (#859)
• ebb356c Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failu...
• f4f1212 Update publish-immutable-actions.yml (#798)
• c5195ef actions/cache upgrade to 4.0.3 (#773)
• dd38875 Bump ts-jest from 29.1.2 to 29.2.5 (#743)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Summary by cubic

Upgrade actions/setup-java from v3 to v5 in our Gradle and SonarCloud workflows to get the latest fixes and security updates. The action now uses Node 24.

• Dependencies

  • .github/workflows/gradle.yml: actions/setup-java v5
  • .github/workflows/sonarcloud.yml: actions/setup-java v5

• Migration

  • Requires GitHub Actions runner v2.327.1+ (Node 24). Update self-hosted runners before merging.

[kusari-inspector]

Kusari Analysis Results

Analysis for commit: 1bc4b52, performed at: 2025-08-21T11:36:18Z

• @kusari-inspector rerun - Trigger a re-analysis of this PR

• @kusari-inspector feedback [your message] - Send feedback to our AI and team

---

Recommendation

✅ PROCEED with this Pull Request

Summary

✅ No Flagged Issues Detected

All values appear to be within acceptable risk parameters.

No pinned version dependency changes, code issues or exposed secrets detected!

Found this helpful? Give it a 👍 or 👎 reaction!