cicd/sonarqube-scan-action
1
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2026-05-18 17:30:17 +03:00
Code Issues Packages Projects Releases Wiki Activity
145 Commits 10 Branches 55 Tags
2575ba496607b8a0b048714049aaff64bdf3aa3a
Commit Graph

145 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Julien HENRY 2575ba4966 NO-JIRA Mask proxy URL and deduplicate test helper 
- Register HTTPS_PROXY as a secret via core.setSecret so embedded
  credentials (e.g. http://user:pass@proxy:8080) cannot leak to CI
  logs, and drop the URL from the info message.
- Hoist clearProxyEnv()/proxyVars to the outer describe scope in the
  GPG verification tests (Sonar S4144).

dist/ regenerated; this also drops stale chunk files that were no
longer emitted by the current rollup config.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-18 14:39:23 +02:00
Julien HENRY 305fabb1f1 NO-JIRA Make rollup build reproducible across line endings 
Normalize CRLF to LF in the rollup load hook so Windows checkouts
produce the same dist bundle and source maps as Linux/macOS.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-18 12:52:49 +02:00
Marius Boden 9ddabeeb80 NO-JIRA Add proxy support for GPG keyserver access 2026-05-18 12:27:33 +02:00
Claire Villard c444753899 SQSCANGHA-140 Add the missing requirements in README.md (#243) 2026-05-11 12:13:30 +02:00
Antoine Vinot 59db25f34e SQSCANGHA-145 Set skipSignatureVerification default value to false (#241) v8.0.0 v8.0 v8 2026-04-29 14:23:12 +02:00
Pavel Mikula ca30b65f4e SQSCANGHA-143 SubmitReview: Use Vault token (#238) 2026-04-29 11:16:25 +02:00
Antoine Vinot c7ee0f9df9 SQSCANGHA-140 Set skipSignatureVerification default value to true to avoid breaking change (#240) 
Co-authored-by: Gustavo Cunha <dev@gustavocunha.dev>
v7 v7.2.1 v7.2 		2026-04-29 10:13:05 +02:00
Claire Villard 55e44800a8 SQSCANGHA-140 Add OpenPGP signature verification for scanner downloads (#235) v7.2.0 2026-04-28 15:49:48 +02:00
Antoine Vinot 30dbe5c9ee SQSCANGHA-138 Update dist and add ci test (#233) 
Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
 2026-04-23 14:20:12 +02:00
Claire Villard c8357220fa SQSCANGHA-134 Upgrade the libraries to latest version (#227) 
Co-authored-by: Julien Carsique <julien.carsique@sonarsource.com>
 2026-04-14 15:21:19 +02:00
Claire Villard f00de44f57 SC-45750 Migrate to dateless license headers (#229) 2026-04-10 13:57:27 +02:00
Claire Villard f099b44166 SQSCANGHA-133 Upgrade the Node version used in UTs + contribution guide (#226) 2026-04-03 10:34:00 +02:00
tomverin d899ed2996 BUILD-10861 Dependabot 5-day cooldown + internal excludes (#225) 2026-04-02 15:07:08 +02:00
Claire Villard 299e4b793a SQSCANGHA-132 Upgrade Node to 24 (#224) v7.1.0 v7.1 2026-04-01 11:14:54 +02:00
dependabot[bot] 3988e54db2 SQSCANGHA-131 Bump picomatch from 4.0.3 to 4.0.4 (#223) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-31 08:58:59 +02:00
dependabot[bot] 9598b8a83f SQSCANGHA-130 Bump rollup from 4.50.1 to 4.59.0 (#221) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-06 10:07:15 +01:00
dependabot[bot] dcc5211de5 SQSCANGHA-128 NO-JIRA Bump actions/cache from 4 to 5 (#219) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-16 20:53:44 +01:00
Claire Villard b9f37f9de0 SQSCANGHA-129 Fix the Analysis Processing team name in CODEOWNERS (#220) 
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-11 11:37:16 +01:00
github-actions[bot] a31c9398be SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 (#218) v7.0.0 v7.0 2025-12-09 09:53:51 +01:00
dependabot[bot] 40f5b61913 SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 (#214) 2025-10-15 15:09:18 +02:00
Brandon Davis 9bf7c126a1 SQSCANGHA-122 Include caveats for running SCA (#213) 2025-10-09 06:21:35 -05:00
github-actions[bot] ba6563cca7 Update SonarScanner CLI to 7.3.0.5189 (#212) 2025-10-06 09:29:17 +02:00
dependabot[bot] 5ffbad4454 SQSCANGHA-120 Bump actions/setup-node from 4 to 5 (#211) 2025-09-22 07:47:48 +02:00
Joan Biel fd88b7d7cc SQSCANGHA-119 New Readme structure 
Add quick start section

Increase visibility of special cases and alternatives

Prioritize SQC examples over SQS
v6 v6.0 v6.0.0 		2025-09-18 10:38:53 +02:00
Julien HENRY 27a157d234 SQSCANGHA-118 Update the README to document the breaking change for args parsing 2025-09-18 10:38:53 +02:00
Jeremy Davis e327da8e78 NO-JIRA Add documentation for contribution 2025-09-18 10:38:53 +02:00
Jeremy Davis ff001fd600 SQSCANGHA-107 Migrate install-build-wrapper 2025-09-18 10:38:53 +02:00
Jeremy Davis a88c96d7e4 SQSCANGHA-107 Make room for install-build-wrapper action 2025-09-18 10:38:53 +02:00
Jeremy Davis a64281002c SQSCANGHA-112 SQSCANGHA-113 Fixes from review and keytool refactor 2025-09-18 10:38:53 +02:00
Julien HENRY 60aee7033b NO-JIRA Disable fail fast on matrix jobs 2025-09-18 10:38:53 +02:00
Julien HENRY 502204eab4 NO-JIRA Fix test assertion 2025-09-18 10:38:53 +02:00
Jeremy Davis 0b794a06fa SQSCANGHA-112 Delete legacy shell script 2025-09-18 10:38:53 +02:00
Jeremy Davis ece10df5d7 SQSCANGHA-112 Extract installation step and other fixes 2025-09-18 10:38:53 +02:00
Jeremy Davis ee80e84272 SQSCANGHA-112 Fix redirect test to deal with TLS 2025-09-18 10:38:53 +02:00
Jeremy Davis cbabf0572a SQSCANGHA-113 Delete legacy shell scripts 2025-09-18 10:38:53 +02:00
Jeremy Davis 16df975da5 SQSCANGHA-113 Migrate scanner run step 2025-09-18 10:38:53 +02:00
Jeremy Davis ed9f3aad50 SQSCANGHA-112 Migrate installation step 2025-09-18 10:38:53 +02:00
Jeremy Davis 8f448484d9 SQSCANGHA-115 Delete legacy shell script 2025-09-18 10:38:53 +02:00
Jeremy Davis 6a808e9a20 SQSCANGHA-115 Migrate sanity checks 2025-09-18 10:38:53 +02:00
Jeremy Davis 9db61695c9 SQSCANGHA-117 Set up js build 2025-09-18 10:38:53 +02:00
SonarTech 5837ebfcca BUILD-8875: Migrate to standardized GitHub runner names 
Co-authored-by: Julien HENRY <julien.henry@sonarsource.com>
 2025-09-02 10:10:38 +02:00
Daan Timmer 1a6d90ebcb SQSCANGHA-102 Pin actions/cache to a full-length commit SHA (#199) v5.3.1 2025-08-28 12:18:32 +02:00
Aleksandra Bozhinoska 016cabf33a SQSCANGHA-101 Add more command injection tests 2025-08-28 10:57:10 +02:00
Aleksandra Bozhinoska 5fc8cfce6b SQSCANGHA-101 Fix sha256 check in QA Deprecated C/C++ action 2025-08-28 10:57:10 +02:00
dependabot[bot] 786af10ed4 NO-JIRA Bump actions/checkout from 4 to 5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-19 13:34:18 +02:00
Julien HENRY 01850e2590 SQSCANGHA-94 Fix the scanner-update workflow 2025-07-22 11:46:10 +02:00
github-actions[bot] 8c71dc039c SQSCANGHA-98 Update SonarScanner CLI to 7.2.0.5079 (#196) 
Co-authored-by: SonarTech <sonartech@sonarsource.com>
v5.3.0 		2025-07-22 10:45:53 +02:00
Elian Doran ef211f93a6 SQSCANGHA-97 Use /usr/bin/env for shebang (#193) 2025-06-30 10:17:39 +02:00
Samir M 74f62c995b BUILD-8073 Migrate public repositories workflows to large runners 2025-05-26 14:06:24 +02:00
Aleksandra Bozhinoska c8aa051cc4 SQSCANGHA-83 Avoid unbound variable error on parameter expansion (#192) 2025-05-16 16:57:48 +02:00