BUILD-10765 Important: Update SonarSource/gh-action_release to 6.5.0

[mikolaj-matuszny-ext-sonarsource]

Important: Update SonarSource/gh-action_release to c52861bb0e5dd564187f3fd74e048f20aef0f761 (6.5.0) for compliance with allowed versions.

See: https://discuss.sonarsource.com/t/action-required-update-your-github-actions-cache-release-and-releasability-before-10-04/23899/5

[hashicorp-vault-sonar-prod]

BUILD-10765

[sonar-review-alpha]

Summary

Single-line update to .github/workflows/release.yml that upgrades the SonarSource/gh-action_release action from 6.4.0 to 6.5.0 (commit hash change). This is a compliance update per the SonarSource guidance requiring projects to use only approved versions of this action.

What reviewers should know

What to review:

• Verify the commit hash c52861bb0e5dd564187f3fd74e048f20aef0f761 corresponds to the published 6.5.0 release of SonarSource/gh-action_release
• Check if 6.5.0 introduces any breaking changes or new requirements (especially around the id-token and contents permissions already specified)
• Confirm this is the specific version mandated by the SonarSource compliance requirement mentioned in the author's description

Non-obvious notes:

• This is a required compliance update, not an optional feature upgrade
• The change only affects release workflows, not CI/build pipelines
• The permissions block is unchanged, which is good — verify that 6.5.0 doesn't require additional permissions

---

• Generate Walkthrough
• Generate Diagram

🗣️ Give feedback

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues
0 New dependency risks

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sonar-review-alpha]

LGTM! ✅

Clean, minimal compliance update — safe to merge.

🗣️ Give feedback