chore(deps): Bump the development-dependencies group with 4 updates

Bumps the development-dependencies group with 4 updates: [github/codeql-action](https://github.com/github/codeql-action), [codecov/codecov-action](https://github.com/codecov/codecov-action), [actions/create-github-app-token](https://github.com/actions/create-github-app-token) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `github/codeql-action` from 4.31.6 to 4.31.7
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@fe4161a...cf1bb45)

Updates `codecov/codecov-action` from 5.5.1 to 5.5.2
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@5a10915...671740a)

Updates `actions/create-github-app-token` from 2.2.0 to 2.2.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](actions/create-github-app-token@7e473ef...29824e6)

Updates `peter-evans/create-pull-request` from 7.0.9 to 8.0.0
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@84ae59a...98357b1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.31.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: codecov/codecov-action
  dependency-version: 5.5.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: actions/create-github-app-token
  dependency-version: 2.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: peter-evans/create-pull-request
  dependency-version: 8.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

Author: dependabot[bot]

.github/workflows/codeql.yml

@@ -26,9 +26,9 @@ jobs:
     -
       # Initializes the CodeQL tools for scanning.
       name: Initialize CodeQL
-      uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
+      uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
       with:
         languages: ${{ matrix.language }}
     -
       name: Analyze ${{ matrix.language }}
-      uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
+      uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7

.github/workflows/collect-coverage.yml

@@ -30,7 +30,7 @@ jobs:
           path: coverage/
       -
         name: Upload coverage to codecov
-        uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
+        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
         with:
           name: Aggregated coverage
           # All *.coverage.*.out files uploaded should be detected by the codecov action.

.github/workflows/collect-reports.yml

@@ -48,7 +48,7 @@ jobs:
       -
         name: Upload test results to Codecov
         # This allows for using the test results UI on codecov
-        uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
+        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v5.5.2
         with:
           files: '**/junit_report.xml'
           report_type: 'test_results'

.github/workflows/contributors.yml

@@ -33,7 +33,7 @@ jobs:
         mv contributors.md CONTRIBUTORS.md
     -
       name: Switch to go-openapi bot user
-      uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
+      uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
       id: app-token
       with:
         app-id: ${{ secrets.CI_BOT_APP_ID }}
@@ -51,7 +51,7 @@ jobs:
     -
       name: Create a PR
       id: create-pull-request
-      uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7.0.9
+      uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0
       with:
         commit-message: "doc: updated contributors file"
         branch: doc/contributors-bot

.github/workflows/scanner.yml

@@ -49,7 +49,7 @@ jobs:
           exit-code: 0
       -
         name: Upload trivy findings to code scanning dashboard
-        uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
+        uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           category: trivy
           sarif_file: trivy-code-report.sarif
@@ -69,7 +69,7 @@ jobs:
           output-file: govulnscan-report.sarif
       -
         name: Upload govulnscan findings to code scanning dashboard
-        uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
+        uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
         with:
           category: govulnscan
           sarif_file: govulnscan-report.sarif