Bump SonarSource/gh-action_release from 3 to 5

[dependabot]

Bumps SonarSource/gh-action_release from 3 to 5.

Release notes

Sourced from SonarSource/gh-action_release's releases.

5.0.0

This release is a breaking major release. Before upgrading, the repository needs to be onboarded to the new Secret Management solution.

With this release, we provide a simplified usage in addition, that handles the authorization and options to enable publishing to https://binaries.sonarsource.com/ and syncing to https://repo1.maven.org/maven2/org/sonarsource/.

---
name: sonar-release
# This workflow is triggered when publishing a new github release
# yamllint disable-line rule:truthy
on:
  release:
    types:
      - published
jobs:
release:
permissions:
id-token: write
contents: write
uses: SonarSource/gh-action_release/.github/workflows/main.yaml@v5
with:
publishToBinaries: true  # disabled by default
mavenCentralSync: true   # disabled by default

Related tickets

• BUILD-1675
• BUILD-1707
• BUILD-1699
• BUILD-1732
• BUILD-1945
• BUILD-1782
• BUILD-1948

Full Changelog: SonarSource/gh-action_release@4.2.6...5.0.0

4.2.6

BUILD-1598 remove revoked encryption key check

4.2.5

What's Changed

• BUILD-1547 Update dependencies in SonarSource/gh-action_release#48

Full Changelog: SonarSource/gh-action_release@4.2.4...4.2.5

4.2.4

What's Changed

• fix(BUILD-1474): SL Eclipse unzip to S3 SonarSource/gh-action_release#47

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)