Bump the github-actions group across 1 directory with 2 updates (#18439)

Bumps the github-actions group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [anchore/scan-action](https://github.com/anchore/scan-action).


Updates `actions/checkout` from 5 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v5...v6)

Updates `anchore/scan-action` from 7.1.0 to 7.2.0
- [Release notes](https://github.com/anchore/scan-action/releases)
- [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md)
- [Commits](anchore/scan-action@568b89d...3aaf50d)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: anchore/scan-action
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

.github/workflows/bump-java-version.yml

@@ -30,7 +30,7 @@ jobs:
     strategy:
       matrix: ${{ fromJson(needs.filter.outputs.matrix) }}
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           ref: ${{ matrix.branch }}
       - uses: elastic/oblt-actions/updatecli/run@v1

.github/workflows/bump-logstash.yml

@@ -22,7 +22,7 @@ jobs:
       pull-requests: write
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - uses: elastic/oblt-actions/updatecli/run@v1
         with:

.github/workflows/catalog-info.yml

@@ -18,7 +18,7 @@ jobs:
       contents: read
       packages: read
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - uses: elastic/oblt-actions/elastic/validate-catalog@v1
 

.github/workflows/critical_vulnerability_scan.yml

@@ -10,14 +10,14 @@ jobs:
     runs-on: ubuntu-latest
     steps: 
       - name: checkout repo content
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - name: build tar distribution
         run: ./gradlew clean assembleTarDistribution
       - run: mkdir scan
       - run: tar -zxf ../build/logstash-*.tar.gz
         working-directory: ./scan
       - name: scan image
-        uses: anchore/scan-action@568b89d27fc18c60e56937bff480c91c772cd993 # v7.1.0
+        uses: anchore/scan-action@3aaf50d765cfcceafa51d322ccb790e40f6cd8c5 # v7.2.0
         with:
           path: "./scan"
           fail-build: true

.github/workflows/gen_release_notes.yml

@@ -22,7 +22,7 @@ jobs:
   main:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
       with:
         fetch-depth: 0
     - name: Set up Ruby

.github/workflows/lint_docs.yml

@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Set up Node.js
         uses: actions/setup-node@v6

.github/workflows/update-compose.yml

@@ -17,7 +17,7 @@ jobs:
       pull-requests: write
       packages: read
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
         with:

.github/workflows/version_bumps.yml

@@ -41,7 +41,7 @@ jobs:
         if: ${{ steps.checkUserMember.outputs.isTeamMember == 'false' }}
         run: exit 1
       - name: checkout repo content
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           fetch-depth: 0
           ref: ${{ env.INPUTS_BRANCH }}