mirror of
https://github.com/SonarSource/sonarqube-scan-action.git
synced 2026-05-20 09:05:53 +00:00
SQSCANGHA-140 Add OpenPGP signature verification for scanner downloads (#235)
Some checks are pending
QA Deprecated C and C++ action / Action outputs (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-1 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-2 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-3 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-4 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-5 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-6 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-7 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-8 (push) Waiting to run
QA Install Build Wrapper action / Action outputs (push) Waiting to run
QA Install Build Wrapper action / Action outputs-1 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-2 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-3 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-4 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-5 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-6 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-7 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-8 (push) Waiting to run
QA Main action / No inputs
(push) Waiting to run
QA Main action / No inputs
-1 (push) Waiting to run
QA Main action / 'args' input
(push) Waiting to run
QA Main action / 'args' input
-1 (push) Waiting to run
QA Main action / 'args' input
-2 (push) Waiting to run
QA Main action / 'args' input with other command injection variants does not execute command
-2 (push) Waiting to run
QA Main action / 'projectBaseDir' input
-2 (push) Waiting to run
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
(push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
-1 (push) Waiting to run
Unit tests / test (push) Waiting to run
QA Main action / 'args' input with command injection will fail
(push) Waiting to run
QA Main action / 'args' input with command injection will fail
-1 (push) Waiting to run
QA Main action / 'args' input with command injection will fail
-2 (push) Waiting to run
QA Main action / 'args' input with command injection will fail
-3 (push) Waiting to run
QA Main action / 'args' input with command injection will fail
-4 (push) Waiting to run
QA Main action / 'args' input with command injection will fail
-5 (push) Waiting to run
QA Main action / 'args' input with backticks injection does not execute command
(push) Waiting to run
QA Main action / 'args' input with backticks injection does not execute command
-1 (push) Waiting to run
QA Main action / 'args' input with backticks injection does not execute command
-2 (push) Waiting to run
QA Main action / 'args' input with dollar command injection does not execute command
(push) Waiting to run
QA Main action / 'args' input with dollar command injection does not execute command
-1 (push) Waiting to run
QA Main action / 'args' input with dollar command injection does not execute command
-2 (push) Waiting to run
QA Main action / 'args' input with other command injection variants does not execute command
(push) Waiting to run
QA Main action / 'args' input with other command injection variants does not execute command
-1 (push) Waiting to run
QA Main action / 'projectBaseDir' input
(push) Waiting to run
QA Main action / 'projectBaseDir' input
-1 (push) Waiting to run
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Waiting to run
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Waiting to run
QA Main action / Don't fail on Gradle project
(push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
-1 (push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-2 (push) Waiting to run
QA Main action / truststore.p12 is updated when present
(push) Waiting to run
QA Main action / 'scannerVersion' input validation
(push) Waiting to run
QA Scripts / fetch_latest_version.sh (push) Waiting to run
QA Scripts / create_install_path.sh (push) Waiting to run
QA Main action / 'scannerVersion' input
(push) Waiting to run
QA Main action / Don't fail on Kotlin Gradle project
(push) Waiting to run
QA Main action / Don't fail on Maven project
(push) Waiting to run
QA Main action / runAnalysisTest (push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
-2 (push) Waiting to run
QA Main action / runAnalysisWithCacheTest (push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
(push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
-2 (push) Waiting to run
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-1 (push) Waiting to run
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT'
(push) Waiting to run
QA Scripts / configure_paths.sh (push) Waiting to run
QA Scripts / download.sh (push) Waiting to run
Some checks are pending
QA Deprecated C and C++ action / Action outputs (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-1 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-2 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-3 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-4 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-5 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-6 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-7 (push) Waiting to run
QA Deprecated C and C++ action / Action outputs-8 (push) Waiting to run
QA Install Build Wrapper action / Action outputs (push) Waiting to run
QA Install Build Wrapper action / Action outputs-1 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-2 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-3 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-4 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-5 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-6 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-7 (push) Waiting to run
QA Install Build Wrapper action / Action outputs-8 (push) Waiting to run
QA Main action / No inputs
(push) Waiting to run
QA Main action / No inputs
-1 (push) Waiting to run
QA Main action / 'args' input
(push) Waiting to run
QA Main action / 'args' input
-1 (push) Waiting to run
QA Main action / 'args' input
-2 (push) Waiting to run
QA Main action / 'args' input with other command injection variants does not execute command
-2 (push) Waiting to run
QA Main action / 'projectBaseDir' input
-2 (push) Waiting to run
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
(push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
-1 (push) Waiting to run
Unit tests / test (push) Waiting to run
QA Main action / 'args' input with command injection will fail
(push) Waiting to run
QA Main action / 'args' input with command injection will fail
-1 (push) Waiting to run
QA Main action / 'args' input with command injection will fail
-2 (push) Waiting to run
QA Main action / 'args' input with command injection will fail
-3 (push) Waiting to run
QA Main action / 'args' input with command injection will fail
-4 (push) Waiting to run
QA Main action / 'args' input with command injection will fail
-5 (push) Waiting to run
QA Main action / 'args' input with backticks injection does not execute command
(push) Waiting to run
QA Main action / 'args' input with backticks injection does not execute command
-1 (push) Waiting to run
QA Main action / 'args' input with backticks injection does not execute command
-2 (push) Waiting to run
QA Main action / 'args' input with dollar command injection does not execute command
(push) Waiting to run
QA Main action / 'args' input with dollar command injection does not execute command
-1 (push) Waiting to run
QA Main action / 'args' input with dollar command injection does not execute command
-2 (push) Waiting to run
QA Main action / 'args' input with other command injection variants does not execute command
(push) Waiting to run
QA Main action / 'args' input with other command injection variants does not execute command
-1 (push) Waiting to run
QA Main action / 'projectBaseDir' input
(push) Waiting to run
QA Main action / 'projectBaseDir' input
-1 (push) Waiting to run
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Waiting to run
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Waiting to run
QA Main action / Don't fail on Gradle project
(push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
-1 (push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-2 (push) Waiting to run
QA Main action / truststore.p12 is updated when present
(push) Waiting to run
QA Main action / 'scannerVersion' input validation
(push) Waiting to run
QA Scripts / fetch_latest_version.sh (push) Waiting to run
QA Scripts / create_install_path.sh (push) Waiting to run
QA Main action / 'scannerVersion' input
(push) Waiting to run
QA Main action / Don't fail on Kotlin Gradle project
(push) Waiting to run
QA Main action / Don't fail on Maven project
(push) Waiting to run
QA Main action / runAnalysisTest (push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
-2 (push) Waiting to run
QA Main action / runAnalysisWithCacheTest (push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
(push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
-2 (push) Waiting to run
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-1 (push) Waiting to run
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT'
(push) Waiting to run
QA Scripts / configure_paths.sh (push) Waiting to run
QA Scripts / download.sh (push) Waiting to run
This commit is contained in:
Claire Villard
GitHub
parent
30dbe5c9ee
commit
55e44800a8
17 changed files with 33778 additions and 41 deletions
22
.sonarcloud.properties
Normal file
22
.sonarcloud.properties
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
# Path to sources
|
||||
sonar.sources=src
|
||||
sonar.exclusions=src/**/__tests__/*
|
||||
# sonar.inclusions=
|
||||
|
||||
# Path to tests
|
||||
sonar.tests=test,src
|
||||
# sonar.test.exclusions=
|
||||
sonar.test.inclusions=src/**/__tests__/*
|
||||
|
||||
# Source encoding
|
||||
# sonar.sourceEncoding=
|
||||
|
||||
# Exclusions for copy-paste detection
|
||||
# sonar.cpd.exclusions=
|
||||
|
||||
# Python version (for python projects only)
|
||||
# sonar.python.version=
|
||||
|
||||
# C++ standard version (for C++ projects only)
|
||||
# If not specified, it defaults to the latest supported standard
|
||||
# sonar.cfamily.reportingCppStandardOverride=c++98|c++11|c++14|c++17|c++20
|
||||
Loading…
Add table
Add a link
Reference in a new issue