chore(deps): Bump the actions group with 2 updates

[dependabot]

Bumps the actions group with 2 updates: googleapis/release-please-action and actions/attest-build-provenance.

Updates googleapis/release-please-action from 8b8fd2cc23b2e18957157a9d923d75aa0c6f6ad5 to 5c625bfb5d1ff62eadeeb3772007f7f66fdcf071

Changelog

Sourced from googleapis/release-please-action's changelog.

Changelog

5.0.0 (2026-04-22)

⚠ BREAKING CHANGES

• upgrade to node24 (#1188)

Features

• upgrade to node24 (#1188) (46dfc01)

Bug Fixes

• bump release-please from 17.3.0 to 17.6.0 (#1199) (f533c26)

4.4.1 (2026-02-20)

Bug Fixes

• bump release-please from 17.1.3 to 17.3.0 (#1183) (ef9c274)

4.4.0 (2025-10-09)

Features

• add ability to select versioning-strategy and release-as (#1121) (ee0f5ba)

Bug Fixes

• changelog-host parameter ignored when using manifest configuration (#1151) (535c413)
• bump mocha from 11.7.1 to 11.7.2 in the npm_and_yarn group across 1 directory (#1149) (3612a99)
• bump release-please from 17.1.2 to 17.1.3 (#1158) (66fbfe9)

4.3.0 (2025-08-20)

Features

• deps: update release-please to 17.1.2 (f07192c)

4.2.0 (2025-03-07)

Features

... (truncated)

Commits

• See full diff in compare view

Updates actions/attest-build-provenance from 96b4a1ef7235a096b17240c259729fdd70c83d45 to e8998f949152b193b063cb0ec769d69d929409be

Changelog

Sourced from actions/attest-build-provenance's changelog.

Release Instructions

Follow the steps below to tag a new release for the actions/attest-build-provenance action.

1. Create a new release for the top-level action using a tag of the form vX.X.X following SemVer conventions:

   gh release create vX.X.X

2. Move (or create) the major version tag to point to the same commit tagged above:

   git tag -fa vX -m "vX"
   git push origin vX --force

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions