Bump the gha-version group across 1 directory with 5 updates

Bumps the gha-version group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `6.0.3` | `7.0.0` |
| [bridgecrewio/checkov-action](https://github.com/bridgecrewio/checkov-action) | `12.3104.0` | `12.3107.0` |
| [aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login) | `2.1.5` | `2.1.6` |
| [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) | `8.1.0` | `8.2.0` |
| [govuk-one-login/devplatform-upload-action](https://github.com/govuk-one-login/devplatform-upload-action) | `3.14.0` | `4.1.0` |



Updates `actions/checkout` from 6.0.3 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@df4cb1c...9c091bb)

Updates `bridgecrewio/checkov-action` from 12.3104.0 to 12.3107.0
- [Release notes](https://github.com/bridgecrewio/checkov-action/releases)
- [Commits](bridgecrewio/checkov-action@6772af1...fa9edf8)

Updates `aws-actions/amazon-ecr-login` from 2.1.5 to 2.1.6
- [Release notes](https://github.com/aws-actions/amazon-ecr-login/releases)
- [Changelog](https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md)
- [Commits](aws-actions/amazon-ecr-login@fa648b4...d539f09)

Updates `sonarsource/sonarqube-scan-action` from 8.1.0 to 8.2.0
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](SonarSource/sonarqube-scan-action@7006c44...7138816)

Updates `govuk-one-login/devplatform-upload-action` from 3.14.0 to 4.1.0
- [Release notes](https://github.com/govuk-one-login/devplatform-upload-action/releases)
- [Commits](govuk-one-login/devplatform-upload-action@v3.14.0...v4.1.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-version
- dependency-name: bridgecrewio/checkov-action
  dependency-version: 12.3107.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-version
- dependency-name: aws-actions/amazon-ecr-login
  dependency-version: 2.1.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gha-version
- dependency-name: sonarsource/sonarqube-scan-action
  dependency-version: 8.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-version
- dependency-name: govuk-one-login/devplatform-upload-action
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-version
...

Signed-off-by: dependabot[bot] <support@github.com>

Author: dependabot[bot]

.github/workflows/job_ci-checks.yml

@@ -44,7 +44,7 @@ jobs:
         working-directory: ${{ inputs.WORKING_DIRECTORY }}
     steps:
       - name: Check out repository code
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
         with:
           submodules: true
 
@@ -119,7 +119,7 @@ jobs:
 
       - name: Run Checkov
         if: inputs.RUN_CHECKOV == 'true'
-        uses: bridgecrewio/checkov-action@6772af193d58e46738c9401a4ca9c1f39de0fec8 # v12
+        uses: bridgecrewio/checkov-action@fa9edf8f0a491c59a924ea6accd5bdcf07752cff # v12
         with:
           directory: ${{ inputs.WORKING_DIRECTORY }}
           skip_path: ${{ inputs.WORKING_DIRECTORY }}/infra

.github/workflows/job_push-docker-image.yml

@@ -40,7 +40,7 @@ jobs:
         working-directory: ${{ inputs.WORKING_DIRECTORY }}
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 #v6.0.3
+        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 #v7.0.0
         with:
           submodules: true
           fetch-depth: 0
@@ -65,7 +65,7 @@ jobs:
           role-to-assume: ${{ secrets.GH_ACTIONS_ROLE_ARN }}
 
       - name: Login to AWS ECR
-        uses: aws-actions/amazon-ecr-login@fa648b43de3d4d023bcb3f89ed6940096949c419 #v2.1.5
+        uses: aws-actions/amazon-ecr-login@d539f0932e70871a027e9d5a9d8fc38589180a64 #v2.1.6
 
       - name: Build Image
         env:

.github/workflows/job_test-suite.yml

@@ -52,7 +52,7 @@ jobs:
       CONTINUE_ON_ERROR: ${{ inputs.SONARQUBE_CONTINUE_ON_ERROR }}
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
+        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
         with:
           fetch-depth: 0
           submodules: true
@@ -83,7 +83,7 @@ jobs:
 
       - name: Run SonarQube Scan
         if: inputs.RUN_SONARQUBE == 'true'
-        uses: sonarsource/sonarqube-scan-action@7006c4492b2e0ee0f816d36501671557c97f5995 #v8.1.0
+        uses: sonarsource/sonarqube-scan-action@713881670b6b3676cda39549040e2d88c70d582e #v8.2.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

.github/workflows/job_upload-sam-artifact.yml

@@ -46,7 +46,7 @@ jobs:
       SAM_CLI_TELEMETRY: 0
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 #v6.0.3
+        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 #v7.0.0
         with:
           submodules: true
           fetch-depth: 0
@@ -89,7 +89,7 @@ jobs:
         run: sam build --cached --template ${{ inputs.TEMPLATE_NAME }}
 
       - name: Upload SAM Artifact into the Artifact Bucket
-        uses: govuk-one-login/devplatform-upload-action@v3.14.0
+        uses: govuk-one-login/devplatform-upload-action@v4.1.0
         with:
           artifact-bucket-name: ${{ secrets.ARTIFACT_BUCKET }}
           signing-profile-name: ${{ secrets.SIGNING_PROFILE_NAME }}