build(deps): bump the actions group across 1 directory with 3 updates

Bumps the actions group with 3 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [stefanprodan/timoni](https://github.com/stefanprodan/timoni) and [actions/setup-go](https://github.com/actions/setup-go).


Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

Updates `stefanprodan/timoni` from 0.25.1 to 0.25.2
- [Release notes](https://github.com/stefanprodan/timoni/releases)
- [Changelog](https://github.com/stefanprodan/timoni/blob/main/.goreleaser.yml)
- [Commits](https://github.com/stefanprodan/timoni/compare/v0.25.1...v0.25.2)

Updates `actions/setup-go` from 5 to 6
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: stefanprodan/timoni
  dependency-version: 0.25.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: actions/setup-go
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/cve-scan.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Vulnerability scan
         id: govulncheck
         uses: golang/govulncheck-action@v1

.github/workflows/e2e.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Setup Kubernetes
         uses: helm/kind-action@v1.12.0
         with:
@@ -48,7 +48,7 @@ jobs:
       PODINFO_VERSION: "0.0.0-devel"
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Setup Timoni
         uses: stefanprodan/timoni/actions/setup@main
       - name: Setup Kubernetes

.github/workflows/release.yml

@@ -16,10 +16,10 @@ jobs:
       id-token: write # needed for keyless signing
       packages: write # needed for ghcr access
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: sigstore/cosign-installer@v3
       - uses: fluxcd/flux2/action@v2.6.4
-      - uses: stefanprodan/timoni/actions/setup@v0.25.1
+      - uses: stefanprodan/timoni/actions/setup@v0.25.2
       - name: Setup Notation CLI
         uses: notaryproject/notation-action/setup@v1
         with:
@@ -33,7 +33,7 @@ jobs:
         env:
           NOTATION_KEY: ${{ secrets.NOTATION_SIGNING_KEY }}
       - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v6
         with:
           go-version: 1.24.x
       - name: Setup Helm

.github/workflows/test.yml

@@ -18,9 +18,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v6
         with:
           go-version: 1.24.x
           cache-dependency-path: |
@@ -39,7 +39,7 @@ jobs:
       - name: Setup CUE
         uses: cue-lang/setup-cue@v1.0.1
       - name: Setup Timoni
-        uses: stefanprodan/timoni/actions/setup@v0.25.1
+        uses: stefanprodan/timoni/actions/setup@v0.25.2
       - name: Run unit tests
         run: make test
       - name: Validate Helm chart