Bump actions/setup-java from 5 to 5.2.0

[dependabot]

Bumps actions/setup-java from 5 to 5.2.0.

Release notes

Sourced from actions/setup-java's releases.

v5.2.0

What's Changed

Enhancement

• Retry on HTTP 522 Connection timed out by @​findepi in actions/setup-java#964

Documentation Changes

• Update gradle caching by @​priya-kinthali in actions/setup-java#972
• Update checkout to v6 by @​mahabaleshwars in actions/setup-java#973

Dependency Updates

• Upgrade @​actions/cache to v5 by @​salmanmkc in actions/setup-java#968
• Upgrade actions/checkout from 5 to 6 by @​dependabot in actions/setup-java#961

New Contributors

• @​findepi made their first contribution in actions/setup-java#964

Full Changelog: actions/setup-java@v5...v5.2.0

v5.1.0

What's Changed

New Features

• Add support for .sdkmanrc file in java-version-file parameter by @​guicamest in actions/setup-java#736
• Add support for Microsoft OpenJDK 25 builds by @​the-mod in actions/setup-java#927

Bug Fixes & Improvements

• Update Regex to Support All ASDF Versions for the supported distributions in tool-versions File by @​aparnajyothi-y in actions/setup-java#767
• Enhance error logging for network failures to include endpoint/IP details, add retry mechanism and update workflows to use macos-15-intel by @​priya-kinthali in actions/setup-java#946
• Update SapMachine URLs by @​RealCLanger in actions/setup-java#955
• Add GitHub Token Support for GraalVM and Refactor Code by @​mahabaleshwars in actions/setup-java#849

Documentation changes

• Update documentation to use checkout and Java v5 by @​lmvysakh in actions/setup-java#903
• Clarify JAVA_HOME and PATH setup in README by @​chiranjib-swain in actions/setup-java#841

Dependency updates

• Upgrade prettier from 2.8.8 to 3.6.2 and document breaking changes in v5 by @​dependabot in actions/setup-java#873
• Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @​dependabot in actions/setup-java#912

New Contributors

• @​lmvysakh made their first contribution in actions/setup-java#903
• @​chiranjib-swain made their first contribution in actions/setup-java#841
• @​the-mod made their first contribution in actions/setup-java#927
• @​priya-kinthali made their first contribution in actions/setup-java#946
• @​guicamest made their first contribution in actions/setup-java#736

Full Changelog: actions/setup-java@v5...v5.1.0

Commits

• dded088 Bump actions/checkout from 4 to 5 (#896)
• 0913e9a Upgrade to node 24 (#888)
• e9343db Bumps form-data (#887)
• ae2b61d Bump undici from 5.28.5 to 5.29.0 (#833)
• c190c18 Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (#730)
• 67aec00 Fix: prevent default installation of JetBrains pre-releases (#859)
• ebb356c Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failu...
• f4f1212 Update publish-immutable-actions.yml (#798)
• c5195ef actions/cache upgrade to 4.0.3 (#773)
• dd38875 Bump ts-jest from 29.1.2 to 29.2.5 (#743)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🤖 Claude Code Review

PR Code Review

Summary: This PR bumps actions/setup-java from @v5 to @v5.2.0 across three GitHub Actions workflow files.

---

Code Quality

• ✅ Style guide: No application code changed; workflow files follow existing conventions.
• ✅ No commented-out code: None present.
• ✅ Meaningful variable names: N/A.
• ✅ DRY principle: The same version bump is applied consistently across all three platform workflows (darwin, linux, windows).
• ✅ Defects/bugs: No logic errors. Pinning to a specific minor version (v5.2.0) rather than a floating major tag (v5) is a security best practice — it prevents unexpected behavior from silent upstream updates.
• ✅ CLAUDE.md: No concerns; this change is purely CI infrastructure.

Testing

• ✅ Unit/integration tests: Not applicable for a CI action version bump.
• ✅ Test coverage: N/A.

Documentation

• ✅ README: No update needed.
• ✅ API docs: N/A.
• ✅ Inline comments: N/A.
• ✅ CHANGELOG.md: Not included, but this is a dependency bump — acceptable to omit if the project doesn't track CI tooling in the changelog.
• ✅ Markdown formatting: Workflow YAML files are not Markdown; no issues.

Security

• ✅ No hardcoded credentials: None.
• ✅ Input validation: N/A.
• ✅ Error handling: N/A.
• ✅ No sensitive data in logs: N/A.
• ✅ No license files (.lic): None present.

---

Verdict: Approved. Clean, low-risk dependency bump that improves version pinning hygiene. No issues found.

Automated code review analyzing defects and coding standards

[github-actions]

Super-linter summary

Language	Validation result
CHECKOV	Pass ✅
GITHUB_ACTIONS	Pass ✅
GITHUB_ACTIONS_ZIZMOR	Pass ✅
GITLEAKS	Pass ✅
GIT_MERGE_CONFLICT_MARKERS	Pass ✅
JSCPD	Pass ✅
PRE_COMMIT	Pass ✅
SPELL_CODESPELL	Pass ✅
TRIVY	Pass ✅
YAML	Pass ✅
YAML_PRETTIER	Pass ✅

All files and directories linted successfully

For more information, see the GitHub Actions workflow run

Powered by Super-linter