DataDog
diff --git a/‎.github/workflows/add-milestone-to-pull-requests.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/add-milestone-to-pull-requests.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/add-release-to-cloudfoundry.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/add-release-to-cloudfoundry.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/analyze-changes.yaml‎
Lines changed: 5 additions & 5 deletions b/‎.github/workflows/analyze-changes.yaml‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎.github/workflows/check-pull-request-labels.yaml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/check-pull-request-labels.yaml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.github/workflows/check-pull-requests.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/check-pull-requests.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/comment-on-submodule-update.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/comment-on-submodule-update.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/create-release-branch.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/create-release-branch.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/draft-release-notes-on-tag.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/draft-release-notes-on-tag.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/enforce-datadog-merge-queue.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/enforce-datadog-merge-queue.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/enforce-groovy-migration.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/enforce-groovy-migration.yaml‎
Lines changed: 1 addition & 1 deletion
@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Add milestone to merged pull requests
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # 8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # 9.0.0
         with:
           retries: 3
           retry-exempt-status-codes: 400,401
 
@@ -57,7 +57,7 @@ jobs:
           git commit -m "chore: Add version ${{ steps.get-release-version.outputs.VERSION }} to Cloud Foundry"
           echo "commit=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
       - name: Push changes
-        uses: DataDog/commit-headless@05d7b7ee023e2c7d01c47832d420c2503cd416f3 # action/v2.0.3
+        uses: DataDog/commit-headless@ad3668640012ec69186398f43d61923f6878bbbe # action/v3.2.0
         if: ${{ steps.create-commit.outputs.commit != '' }}
         with:
           branch: cloudfoundry
 
@@ -20,7 +20,7 @@ jobs:
         with:
           submodules: 'recursive'
       - name: Cache Gradle dependencies
-        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
         with:
           path: |
             ~/.gradle/caches
@@ -30,7 +30,7 @@ jobs:
             ${{ runner.os }}-gradle-
         
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
         with:
           languages: 'java'
           build-mode: 'manual'
@@ -43,7 +43,7 @@ jobs:
           ./gradlew clean :dd-java-agent:shadowJar --build-cache --parallel --stacktrace --no-daemon --max-workers=4
 
       - name: Perform CodeQL Analysis and upload results to GitHub Security tab
-        uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
 
   trivy:
     name: Analyze changes with Trivy
@@ -60,7 +60,7 @@ jobs:
           submodules: 'recursive'
 
       - name: Cache Gradle dependencies
-        uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
+        uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
         with:
           path: |
             ~/.gradle/caches
@@ -102,7 +102,7 @@ jobs:
           TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+        uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
         if: always()
         with:
           sarif_file: 'trivy-results.sarif'
 
@@ -17,7 +17,7 @@ jobs:
     steps:
       - name: Flag AI-generated pull requests
         id: flag_ai_generated
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # 8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # 9.0.0
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
@@ -120,7 +120,7 @@ jobs:
             core.setOutput('labels_stale', String(labelsStale))
 
       - name: Check pull request labels
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # 8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # 9.0.0
         env:
           LABELS_STALE: ${{ steps.flag_ai_generated.outputs.labels_stale }}
         with:
 
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check pull requests
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # 8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # 9.0.0
         with:
           github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
 
@@ -17,7 +17,7 @@ jobs:
 
     steps:
       - name: Post comment on submodule update
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # 8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # 9.0.0
         with:
           github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
 
@@ -123,7 +123,7 @@ jobs:
           echo "commit=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
       
       - name: Push changes
-        uses: DataDog/commit-headless@05d7b7ee023e2c7d01c47832d420c2503cd416f3 # action/v2.0.3
+        uses: DataDog/commit-headless@ad3668640012ec69186398f43d61923f6878bbbe # action/v3.2.0
         with:
           token: "${{ steps.octo-sts.outputs.token }}"
           branch: "${{ steps.define-pin-branch.outputs.branch }}"
 
@@ -13,7 +13,7 @@ jobs:
     steps:
       - name: Get milestone title
         id: milestoneTitle
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # 8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # 9.0.0
         with:
           result-encoding: string
           script: |
 
@@ -28,7 +28,7 @@ jobs:
           policy: self.enforce-datadog-merge-queue.comment-pr
       - name: Post /merge comment
         if: github.event.action == 'enqueued'
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # 8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # 9.0.0
         with:
           github-token: ${{ steps.octo-sts.outputs.token }}
           script: |
 
@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check for Groovy regressions
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # 8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # 9.0.0
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |