cicd/sonarqube-scan-action
1
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2026-05-30 06:30:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
148 Commits 7 Branches 57 Tags
f55d92a8a15a7ed06117f5b8ecc96866b58253af
Commit Graph

148 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Julien HENRY f55d92a8a1 SQSCANGHA-149 Add scannerBinariesAuthHeader input for authenticated binary downloads 
Organisations using private Artifactory mirrors require authentication to
download the SonarScanner CLI. This adds an optional scannerBinariesAuthHeader
input whose value is forwarded as the Authorization HTTP header to both the
binary and GPG signature downloads via tc.downloadTool's built-in auth
parameter. No new dependencies are introduced.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-29 16:40:55 +02:00
SonarTech 7006c4492b Update SonarScanner CLI to 8.1.0.6389 v8.1.0 v8.1 v8 2026-05-19 09:24:23 +02:00
dependabot[bot] edd319f284 NO-JIRA Bump actions/setup-node from 6.3.0 to 6.4.0 (#234) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-19 09:23:47 +02:00
dependabot[bot] e050aa9e69 NO-JIRA Bump actions/cache from 5.0.4 to 5.0.5 (#231) 
Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-19 09:23:25 +02:00
dependabot[bot] 6cd3d8f2ae NO-JIRA Bump madhead/semver-utils from 4.3.0 to 5.0.0 
Bumps [madhead/semver-utils](https://github.com/madhead/semver-utils) from 4.3.0 to 5.0.0.
- [Release notes](https://github.com/madhead/semver-utils/releases)
- [Commits](https://github.com/madhead/semver-utils/compare/36d1e0ed361bd7b4b77665de8093092eaeabe6ba...4cf918affe9106ea59f86c6250e5ec4570ac4389)

---
updated-dependencies:
- dependency-name: madhead/semver-utils
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-05-19 09:20:24 +02:00
Julien HENRY 56568530ed SQSCANGHA-146 Add proxy support for GPG keyserver access (#244) 
Co-authored-by: Marius Boden <marius.boden@xebia.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-19 09:11:36 +02:00
Claire Villard c444753899 SQSCANGHA-140 Add the missing requirements in README.md (#243) 2026-05-11 12:13:30 +02:00
Antoine Vinot 59db25f34e SQSCANGHA-145 Set skipSignatureVerification default value to false (#241) v8.0.0 v8.0 2026-04-29 14:23:12 +02:00
Pavel Mikula ca30b65f4e SQSCANGHA-143 SubmitReview: Use Vault token (#238) 2026-04-29 11:16:25 +02:00
Antoine Vinot c7ee0f9df9 SQSCANGHA-140 Set skipSignatureVerification default value to true to avoid breaking change (#240) 
Co-authored-by: Gustavo Cunha <dev@gustavocunha.dev>
v7 v7.2.1 v7.2 		2026-04-29 10:13:05 +02:00
Claire Villard 55e44800a8 SQSCANGHA-140 Add OpenPGP signature verification for scanner downloads (#235) v7.2.0 2026-04-28 15:49:48 +02:00
Antoine Vinot 30dbe5c9ee SQSCANGHA-138 Update dist and add ci test (#233) 
Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
 2026-04-23 14:20:12 +02:00
Claire Villard c8357220fa SQSCANGHA-134 Upgrade the libraries to latest version (#227) 
Co-authored-by: Julien Carsique <julien.carsique@sonarsource.com>
 2026-04-14 15:21:19 +02:00
Claire Villard f00de44f57 SC-45750 Migrate to dateless license headers (#229) 2026-04-10 13:57:27 +02:00
Claire Villard f099b44166 SQSCANGHA-133 Upgrade the Node version used in UTs + contribution guide (#226) 2026-04-03 10:34:00 +02:00
tomverin d899ed2996 BUILD-10861 Dependabot 5-day cooldown + internal excludes (#225) 2026-04-02 15:07:08 +02:00
Claire Villard 299e4b793a SQSCANGHA-132 Upgrade Node to 24 (#224) v7.1.0 v7.1 2026-04-01 11:14:54 +02:00
dependabot[bot] 3988e54db2 SQSCANGHA-131 Bump picomatch from 4.0.3 to 4.0.4 (#223) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-31 08:58:59 +02:00
dependabot[bot] 9598b8a83f SQSCANGHA-130 Bump rollup from 4.50.1 to 4.59.0 (#221) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-06 10:07:15 +01:00
dependabot[bot] dcc5211de5 SQSCANGHA-128 NO-JIRA Bump actions/cache from 4 to 5 (#219) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-16 20:53:44 +01:00
Claire Villard b9f37f9de0 SQSCANGHA-129 Fix the Analysis Processing team name in CODEOWNERS (#220) 
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-02-11 11:37:16 +01:00
github-actions[bot] a31c9398be SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 (#218) v7.0.0 v7.0 2025-12-09 09:53:51 +01:00
dependabot[bot] 40f5b61913 SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 (#214) 2025-10-15 15:09:18 +02:00
Brandon Davis 9bf7c126a1 SQSCANGHA-122 Include caveats for running SCA (#213) 2025-10-09 06:21:35 -05:00
github-actions[bot] ba6563cca7 Update SonarScanner CLI to 7.3.0.5189 (#212) 2025-10-06 09:29:17 +02:00
dependabot[bot] 5ffbad4454 SQSCANGHA-120 Bump actions/setup-node from 4 to 5 (#211) 2025-09-22 07:47:48 +02:00
Joan Biel fd88b7d7cc SQSCANGHA-119 New Readme structure 
Add quick start section

Increase visibility of special cases and alternatives

Prioritize SQC examples over SQS
v6 v6.0 v6.0.0 		2025-09-18 10:38:53 +02:00
Julien HENRY 27a157d234 SQSCANGHA-118 Update the README to document the breaking change for args parsing 2025-09-18 10:38:53 +02:00
Jeremy Davis e327da8e78 NO-JIRA Add documentation for contribution 2025-09-18 10:38:53 +02:00
Jeremy Davis ff001fd600 SQSCANGHA-107 Migrate install-build-wrapper 2025-09-18 10:38:53 +02:00
Jeremy Davis a88c96d7e4 SQSCANGHA-107 Make room for install-build-wrapper action 2025-09-18 10:38:53 +02:00
Jeremy Davis a64281002c SQSCANGHA-112 SQSCANGHA-113 Fixes from review and keytool refactor 2025-09-18 10:38:53 +02:00
Julien HENRY 60aee7033b NO-JIRA Disable fail fast on matrix jobs 2025-09-18 10:38:53 +02:00
Julien HENRY 502204eab4 NO-JIRA Fix test assertion 2025-09-18 10:38:53 +02:00
Jeremy Davis 0b794a06fa SQSCANGHA-112 Delete legacy shell script 2025-09-18 10:38:53 +02:00
Jeremy Davis ece10df5d7 SQSCANGHA-112 Extract installation step and other fixes 2025-09-18 10:38:53 +02:00
Jeremy Davis ee80e84272 SQSCANGHA-112 Fix redirect test to deal with TLS 2025-09-18 10:38:53 +02:00
Jeremy Davis cbabf0572a SQSCANGHA-113 Delete legacy shell scripts 2025-09-18 10:38:53 +02:00
Jeremy Davis 16df975da5 SQSCANGHA-113 Migrate scanner run step 2025-09-18 10:38:53 +02:00
Jeremy Davis ed9f3aad50 SQSCANGHA-112 Migrate installation step 2025-09-18 10:38:53 +02:00
Jeremy Davis 8f448484d9 SQSCANGHA-115 Delete legacy shell script 2025-09-18 10:38:53 +02:00
Jeremy Davis 6a808e9a20 SQSCANGHA-115 Migrate sanity checks 2025-09-18 10:38:53 +02:00
Jeremy Davis 9db61695c9 SQSCANGHA-117 Set up js build 2025-09-18 10:38:53 +02:00
SonarTech 5837ebfcca BUILD-8875: Migrate to standardized GitHub runner names 
Co-authored-by: Julien HENRY <julien.henry@sonarsource.com>
 2025-09-02 10:10:38 +02:00
Daan Timmer 1a6d90ebcb SQSCANGHA-102 Pin actions/cache to a full-length commit SHA (#199) v5.3.1 2025-08-28 12:18:32 +02:00
Aleksandra Bozhinoska 016cabf33a SQSCANGHA-101 Add more command injection tests 2025-08-28 10:57:10 +02:00
Aleksandra Bozhinoska 5fc8cfce6b SQSCANGHA-101 Fix sha256 check in QA Deprecated C/C++ action 2025-08-28 10:57:10 +02:00
dependabot[bot] 786af10ed4 NO-JIRA Bump actions/checkout from 4 to 5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-19 13:34:18 +02:00
Julien HENRY 01850e2590 SQSCANGHA-94 Fix the scanner-update workflow 2025-07-22 11:46:10 +02:00
github-actions[bot] 8c71dc039c SQSCANGHA-98 Update SonarScanner CLI to 7.2.0.5079 (#196) 
Co-authored-by: SonarTech <sonartech@sonarsource.com>
v5.3.0 		2025-07-22 10:45:53 +02:00