Bump the actions group with 3 updates (#1056)

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

.github/workflows/codeql-actions.yml

@@ -29,22 +29,22 @@ jobs:
       packages: read
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
       with:
         fetch-depth: 0
         ref: ${{ inputs.ref }}
         persist-credentials: false
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3
+      uses: github/codeql-action/init@df559355d593797519d70b90fc8edd5db049e7a2 # v3
       with:
         languages: actions
         build-mode: none
         # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
         queries: security-extended
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3
+      uses: github/codeql-action/analyze@df559355d593797519d70b90fc8edd5db049e7a2 # v3
       with:
         category: "/language:actions"

.github/workflows/codeql-python.yml

@@ -31,7 +31,7 @@ jobs:
       packages: read
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
       with:
         fetch-depth: 0
         ref: ${{ inputs.ref }}
@@ -42,7 +42,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3
+      uses: github/codeql-action/init@df559355d593797519d70b90fc8edd5db049e7a2 # v3
       with:
         languages: python
         build-mode: none
@@ -61,6 +61,6 @@ jobs:
         pip install dist/*.whl
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3
+      uses: github/codeql-action/analyze@df559355d593797519d70b90fc8edd5db049e7a2 # v3
       with:
         category: "/language:python"

.github/workflows/dist-python.yml

@@ -39,7 +39,7 @@ jobs:
 
     steps:  
       - name: Checkout libmongocrypt
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
           ref: ${{ inputs.ref }}

.github/workflows/test-python.yml

@@ -23,7 +23,7 @@ jobs:
     if: github.repository_owner == 'mongodb'
     runs-on: ubuntu-latest
     steps:
-     - uses: actions/checkout@v4
+     - uses: actions/checkout@v5
        with:
         persist-credentials: false
      - uses: actions/setup-python@v5
@@ -46,7 +46,7 @@ jobs:
         python-version: ["3.9", "3.13", "3.14"]
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
           persist-credentials: false

.github/workflows/zizmor.yml

@@ -14,8 +14,8 @@ jobs:
       security-events: write
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           persist-credentials: false
       - name: Run zizmor
-        uses: zizmorcore/zizmor-action@383d31df2eb66a2f42db98c9654bdc73231f3e3a
+        uses: zizmorcore/zizmor-action@7f2abfff7488a44086dba64ed2f5a9b431508079