build(deps): bump the devops group across 1 directory with 9 updates

Bumps the devops group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4.6.0` | `5.3.1` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `45.0.3` | `45.0.6` |
| [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) | `2.7.5` | `2.7.7` |
| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.48.0` | `1.64.1` |
| [baptiste0928/cargo-install](https://github.com/baptiste0928/cargo-install) | `3.1.1` | `3.3.0` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `5.5.1` | `5.6.1` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.7.1` | `3.8.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `6.9.0` | `6.13.0` |
| [docker/scout-action](https://github.com/docker/scout-action) | `1.15.0` | `1.16.1` |



Updates `codecov/codecov-action` from 4.6.0 to 5.3.1
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v4.6.0...v5.3.1)

Updates `tj-actions/changed-files` from 45.0.3 to 45.0.6
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](tj-actions/changed-files@v45.0.3...v45.0.6)

Updates `Swatinem/rust-cache` from 2.7.5 to 2.7.7
- [Release notes](https://github.com/swatinem/rust-cache/releases)
- [Changelog](https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md)
- [Commits](Swatinem/rust-cache@v2.7.5...v2.7.7)

Updates `reviewdog/action-actionlint` from 1.48.0 to 1.64.1
- [Release notes](https://github.com/reviewdog/action-actionlint/releases)
- [Commits](reviewdog/action-actionlint@v1.48.0...v1.64.1)

Updates `baptiste0928/cargo-install` from 3.1.1 to 3.3.0
- [Release notes](https://github.com/baptiste0928/cargo-install/releases)
- [Changelog](https://github.com/baptiste0928/cargo-install/blob/main/CHANGELOG.md)
- [Commits](baptiste0928/cargo-install@v3.1.1...v3.3.0)

Updates `docker/metadata-action` from 5.5.1 to 5.6.1
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](docker/metadata-action@v5.5.1...v5.6.1)

Updates `docker/setup-buildx-action` from 3.7.1 to 3.8.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@v3.7.1...v3.8.0)

Updates `docker/build-push-action` from 6.9.0 to 6.13.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v6.9.0...v6.13.0)

Updates `docker/scout-action` from 1.15.0 to 1.16.1
- [Release notes](https://github.com/docker/scout-action/releases)
- [Commits](docker/scout-action@v1.15.0...v1.16.1)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: devops
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: devops
- dependency-name: Swatinem/rust-cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: devops
- dependency-name: reviewdog/action-actionlint
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: devops
- dependency-name: baptiste0928/cargo-install
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: devops
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: devops
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: devops
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: devops
- dependency-name: docker/scout-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: devops
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/ci-coverage.yml

@@ -103,4 +103,4 @@ jobs:
         run: cargo llvm-cov --lcov --no-run --output-path lcov.info
 
       - name: Upload coverage report to Codecov
-        uses: codecov/codecov-action@v4.6.0
+        uses: codecov/codecov-action@v5.3.1

.github/workflows/ci-lint.yml

@@ -44,7 +44,7 @@ jobs:
 
       - name: Rust files
         id: changed-files-rust
-        uses: tj-actions/changed-files@v45.0.3
+        uses: tj-actions/changed-files@v45.0.6
         with:
           files: |
             **/*.rs
@@ -56,7 +56,7 @@ jobs:
 
       - name: Workflow files
         id: changed-files-workflows
-        uses: tj-actions/changed-files@v45.0.3
+        uses: tj-actions/changed-files@v45.0.6
         with:
           files: |
             .github/workflows/*.yml
@@ -93,7 +93,7 @@ jobs:
         run: |
           curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain=stable --profile=default
 
-      - uses: Swatinem/rust-cache@v2.7.5
+      - uses: Swatinem/rust-cache@v2.7.7
         with:
           shared-key: "clippy-cargo-lock"
 
@@ -138,7 +138,7 @@ jobs:
 
       # We don't cache `fmt` outputs because the job is quick,
       # and we want to use the limited GitHub actions cache space for slower jobs.
-      #- uses: Swatinem/rust-cache@v2.7.5
+      #- uses: Swatinem/rust-cache@v2.7.7
 
       - run: |
           cargo fmt --all -- --check
@@ -151,7 +151,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4.2.2
       - name: actionlint
-        uses: reviewdog/action-actionlint@v1.48.0
+        uses: reviewdog/action-actionlint@v1.64.1
         with:
           level: warning
           fail_on_error: false

.github/workflows/ci-unit-tests-os.yml

@@ -115,7 +115,7 @@ jobs:
           curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain=${{ matrix.rust }} --profile=minimal
 
 
-      - uses: Swatinem/rust-cache@v2.7.5
+      - uses: Swatinem/rust-cache@v2.7.7
         # TODO: change Rust cache target directory on Windows,
         #       or remove this workaround once the build is more efficient (#3005).
         #with:
@@ -224,7 +224,7 @@ jobs:
         run: |
           curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain=stable --profile=minimal
 
-      - uses: Swatinem/rust-cache@v2.7.5
+      - uses: Swatinem/rust-cache@v2.7.7
         with:
           shared-key: "clippy-cargo-lock"
 
@@ -283,7 +283,7 @@ jobs:
           curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain=stable --profile=minimal
 
       - name: Install cargo-machete
-        uses: baptiste0928/cargo-install@v3.1.1
+        uses: baptiste0928/cargo-install@v3.3.0
         with:
           crate: cargo-machete
 

.github/workflows/docs-deploy-firebase.yml

@@ -155,7 +155,7 @@ jobs:
         run: |
           curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain=beta --profile=default
 
-      - uses: Swatinem/rust-cache@v2.7.5
+      - uses: Swatinem/rust-cache@v2.7.7
 
       - name: Build internal docs
         run: |

.github/workflows/release-crates-io.yml

@@ -85,7 +85,7 @@ jobs:
           curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain=stable --profile=minimal
 
       - name: Install cargo-release
-        uses: baptiste0928/cargo-install@v3.1.1
+        uses: baptiste0928/cargo-install@v3.3.0
         with:
           crate: cargo-release
 

.github/workflows/sub-build-docker-image.yml

@@ -93,7 +93,7 @@ jobs:
       # Automatic tag management and OCI Image Format Specification for labels
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@v5.5.1
+        uses: docker/metadata-action@v5.6.1
         with:
           # list of Docker images to use as base name for tags
           # We only publish images to DockerHub if a release is not a pre-release
@@ -152,7 +152,7 @@ jobs:
       # Setup Docker Buildx to use Docker Build Cloud
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@v3.7.1
+        uses: docker/setup-buildx-action@v3.8.0
         with:
           version: "lab:latest"
           driver: cloud
@@ -161,7 +161,7 @@ jobs:
       # Build and push image to Google Artifact Registry, and possibly DockerHub
       - name: Build & push
         id: docker_build
-        uses: docker/build-push-action@v6.9.0
+        uses: docker/build-push-action@v6.13.0
         with:
           target: ${{ inputs.dockerfile_target }}
           context: .
@@ -193,7 +193,7 @@ jobs:
         # - `dev` for a pull request event
       - name: Docker Scout
         id: docker-scout
-        uses: docker/scout-action@v1.15.0
+        uses: docker/scout-action@v1.16.1
         # We only run Docker Scout on the `runtime` target, as the other targets are not meant to be released
         # and are commonly used for testing, and thus are ephemeral.
         # TODO: Remove the `contains` check once we have a better way to determine if just new vulnerabilities are present.