[lts-2025]: Bump the gha group across 1 directory with 3 updates

[dependabot]

Bumps the gha group with 3 updates in the / directory: nuxeo/gh-build-tools, Alfresco/alfresco-build-tools and SonarSource/sonarqube-scan-action.

Updates nuxeo/gh-build-tools from 0.10.4 to 0.10.5

Release notes

Sourced from nuxeo/gh-build-tools's releases.

v0.10.5

What's Changed

• Dependabot PRs test workflow run only when approved by @​pmacius in nuxeo/gh-build-tools#39
• Bump gitpython from 3.1.47 to 3.1.50 in /.github/actions/check-blocker-jira-issues by @​dependabot[bot] in nuxeo/gh-build-tools#41

Full Changelog: nuxeo/gh-build-tools@v0.10.4...v0.10.5

Commits

• 85a6dbe Bump gitpython from 3.1.47 to 3.1.50 in /.github/actions/check-blocker-jira-i...
• 6b32abc Dependabot PRs test workflow run only when approved (#39)
• See full diff in compare view

Updates Alfresco/alfresco-build-tools from 17.6.2 to 18.5.0

Release notes

Sourced from Alfresco/alfresco-build-tools's releases.

v18.5.0

What's Changed

• build(deps): bump flux to v2.8.8 by @​github-actions[bot] in Alfresco/alfresco-build-tools#1413
• build(deps): bump kcadm to 26.6.2 by @​github-actions[bot] in Alfresco/alfresco-build-tools#1412
• feat(deps): bump the github-actions group across 2 directories with 3 updates by @​dependabot[bot] in Alfresco/alfresco-build-tools#1411

Full Changelog: Alfresco/alfresco-build-tools@v18.4.0...v18.5.0

v18.4.0

What's Changed

• AAE-45986 Use return_run_details API, upgrade to node24 and esbuild by @​mauriziovitale in Alfresco/alfresco-build-tools#1410

Full Changelog: Alfresco/alfresco-build-tools@v18.3.0...v18.4.0

v18.3.0

What's Changed

• AAE-45986 Disambiguate concurrent dispatches using run-name suffix match by @​mauriziovitale in Alfresco/alfresco-build-tools#1409

Full Changelog: Alfresco/alfresco-build-tools@v18.2.0...v18.3.0

v18.2.0

What's Changed

• feat: pipenv action supports custom categories and optional dev flag by @​gionn in Alfresco/alfresco-build-tools#1408

Full Changelog: Alfresco/alfresco-build-tools@v18.1.0...v18.2.0

v18.1.0

What's Changed

• ci: enforce maximum nesting depth for internal action references by @​gionn in Alfresco/alfresco-build-tools#1401
• fix: ignore Alfresco/alfresco-build-tools in dependabot by @​gionn in Alfresco/alfresco-build-tools#1403
• build(deps): bump flux to v2.8.7 by @​github-actions[bot] in Alfresco/alfresco-build-tools#1406
• build(deps): bump updatecli to v0.117.0 by @​github-actions[bot] in Alfresco/alfresco-build-tools#1405
• AAE-45986 Disambiguate concurrent dispatches by matching inputs by @​mauriziovitale in Alfresco/alfresco-build-tools#1407

Full Changelog: Alfresco/alfresco-build-tools@v18.0.1...v18.1.0

v18.0.1

What's Changed

• fix: release script fails to replace internal action SHA refs by @​gionn in Alfresco/alfresco-build-tools#1400

Full Changelog: Alfresco/alfresco-build-tools@v18.0.0...v18.0.1

v18.0.0

What's Changed

... (truncated)

Commits

• 684d64a Release v18.5.0
• f6ad52e Release candidate v18.5.0
• 48c9991 feat(deps): bump the github-actions group across 2 directories with 3 updates...
• f148af4 build(deps): bump kcadm to 26.6.2 (#1412)
• 3ca3990 build(deps): bump flux to v2.8.8 (#1413)
• ed7779a Release v18.4.0
• 39d442d Release candidate v18.4.0
• a666370 AAE-45986 Use return_run_details API, upgrade to node24 and esbuild (#1410)
• 1b252f8 Release v18.3.0
• 1a5d970 Release candidate v18.3.0
• Additional commits viewable in compare view

Updates SonarSource/sonarqube-scan-action from 8.0.0 to 8.1.0

Release notes

Sourced from SonarSource/sonarqube-scan-action's releases.

v8.1.0

What's Changed

• SQSCANGHA-146 Add proxy support for GPG keyserver access by @​henryju in SonarSource/sonarqube-scan-action#244
• SQSCANGHA-148 Update SonarScanner CLI to 8.1.0.6389 by @​github-actions[bot] in SonarSource/sonarqube-scan-action#232

Full Changelog: SonarSource/sonarqube-scan-action@v8...v8.1.0

Commits

• 7006c44 Update SonarScanner CLI to 8.1.0.6389
• edd319f NO-JIRA Bump actions/setup-node from 6.3.0 to 6.4.0 (#234)
• e050aa9 NO-JIRA Bump actions/cache from 5.0.4 to 5.0.5 (#231)
• 6cd3d8f NO-JIRA Bump madhead/semver-utils from 4.3.0 to 5.0.0
• 5656853 SQSCANGHA-146 Add proxy support for GPG keyserver access (#244)
• c444753 SQSCANGHA-140 Add the missing requirements in README.md (#243)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions