actions/sonarqube-scan-action
2
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2026-05-16 15:45:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

SQSCANGHA-140 Add OpenPGP signature verification for scanner downloads (#235)
Some checks are pending
QA Deprecated C and C++ action / Action outputs (push) Waiting to run
Details
QA Deprecated C and C++ action / Action outputs-1 (push) Waiting to run
Details
QA Deprecated C and C++ action / Action outputs-2 (push) Waiting to run
Details
QA Deprecated C and C++ action / Action outputs-3 (push) Waiting to run
Details
QA Deprecated C and C++ action / Action outputs-4 (push) Waiting to run
Details
QA Deprecated C and C++ action / Action outputs-5 (push) Waiting to run
Details
QA Deprecated C and C++ action / Action outputs-6 (push) Waiting to run
Details
QA Deprecated C and C++ action / Action outputs-7 (push) Waiting to run
Details
QA Deprecated C and C++ action / Action outputs-8 (push) Waiting to run
Details
QA Install Build Wrapper action / Action outputs (push) Waiting to run
Details
QA Install Build Wrapper action / Action outputs-1 (push) Waiting to run
Details
QA Install Build Wrapper action / Action outputs-2 (push) Waiting to run
Details
QA Install Build Wrapper action / Action outputs-3 (push) Waiting to run
Details
QA Install Build Wrapper action / Action outputs-4 (push) Waiting to run
Details
QA Install Build Wrapper action / Action outputs-5 (push) Waiting to run
Details
QA Install Build Wrapper action / Action outputs-6 (push) Waiting to run
Details
QA Install Build Wrapper action / Action outputs-7 (push) Waiting to run
Details
QA Install Build Wrapper action / Action outputs-8 (push) Waiting to run
Details
QA Main action / No inputs (push) Waiting to run
Details
QA Main action / No inputs -1 (push) Waiting to run
Details
QA Main action / 'args' input (push) Waiting to run
Details
QA Main action / 'args' input -1 (push) Waiting to run
Details
QA Main action / 'args' input -2 (push) Waiting to run
Details
QA Main action / 'args' input with other command injection variants does not execute command -2 (push) Waiting to run
Details
QA Main action / 'projectBaseDir' input -2 (push) Waiting to run
Details
QA Main action / 'scannerBinariesUrl' input with invalid URL (push) Waiting to run
Details
QA Main action / 'RUNNER_DEBUG' is used (push) Waiting to run
Details
QA Main action / 'RUNNER_DEBUG' is used -1 (push) Waiting to run
Details
Unit tests / test (push) Waiting to run
Details
QA Main action / 'args' input with command injection will fail (push) Waiting to run
Details
QA Main action / 'args' input with command injection will fail -1 (push) Waiting to run
Details
QA Main action / 'args' input with command injection will fail -2 (push) Waiting to run
Details
QA Main action / 'args' input with command injection will fail -3 (push) Waiting to run
Details
QA Main action / 'args' input with command injection will fail -4 (push) Waiting to run
Details
QA Main action / 'args' input with command injection will fail -5 (push) Waiting to run
Details
QA Main action / 'args' input with backticks injection does not execute command (push) Waiting to run
Details
QA Main action / 'args' input with backticks injection does not execute command -1 (push) Waiting to run
Details
QA Main action / 'args' input with backticks injection does not execute command -2 (push) Waiting to run
Details
QA Main action / 'args' input with dollar command injection does not execute command (push) Waiting to run
Details
QA Main action / 'args' input with dollar command injection does not execute command -1 (push) Waiting to run
Details
QA Main action / 'args' input with dollar command injection does not execute command -2 (push) Waiting to run
Details
QA Main action / 'args' input with other command injection variants does not execute command (push) Waiting to run
Details
QA Main action / 'args' input with other command injection variants does not execute command -1 (push) Waiting to run
Details
QA Main action / 'projectBaseDir' input (push) Waiting to run
Details
QA Main action / 'projectBaseDir' input -1 (push) Waiting to run
Details
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command (push) Waiting to run
Details
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command (push) Waiting to run
Details
QA Main action / Don't fail on Gradle project (push) Waiting to run
Details
QA Main action / 'SONARCLOUD_URL' is used -1 (push) Waiting to run
Details
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore -2 (push) Waiting to run
Details
QA Main action / truststore.p12 is updated when present (push) Waiting to run
Details
QA Main action / 'scannerVersion' input validation (push) Waiting to run
Details
QA Scripts / fetch_latest_version.sh (push) Waiting to run
Details
QA Scripts / create_install_path.sh (push) Waiting to run
Details
QA Main action / 'scannerVersion' input (push) Waiting to run
Details
QA Main action / Don't fail on Kotlin Gradle project (push) Waiting to run
Details
QA Main action / Don't fail on Maven project (push) Waiting to run
Details
QA Main action / runAnalysisTest (push) Waiting to run
Details
QA Main action / 'RUNNER_DEBUG' is used -2 (push) Waiting to run
Details
QA Main action / runAnalysisWithCacheTest (push) Waiting to run
Details
QA Main action / 'SONARCLOUD_URL' is used (push) Waiting to run
Details
QA Main action / 'SONARCLOUD_URL' is used -2 (push) Waiting to run
Details
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx (push) Waiting to run
Details
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore (push) Waiting to run
Details
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore -1 (push) Waiting to run
Details
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT' (push) Waiting to run
Details
QA Scripts / configure_paths.sh (push) Waiting to run
Details
QA Scripts / download.sh (push) Waiting to run
Details

Browse source
This commit is contained in:
Claire Villard 2026-04-28 15:49:48 +02:00 committed by GitHub
parent 30dbe5c9ee
commit 55e44800a8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
17 changed files with 33778 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

31833
dist/exec-zlpfwmpH.js vendored Normal file
View file

File diff suppressed because one or more lines are too long

1
dist/exec-zlpfwmpH.js.map vendored Normal file
View file

File diff suppressed because one or more lines are too long

916
dist/index.js vendored
View file

File diff suppressed because it is too large Load diff

2
dist/index.js.map vendored
View file

File diff suppressed because one or more lines are too long

14
dist/install-build-wrapper.js vendored
View file

@ -1,4 +1,4 @@
import { h as getExecOutput, b as addPath, i as info, j as setOutput, s as setFailed, e as exec, k as startGroup, l as endGroup } from './core-DpWEmnbG.js';
import { f as execExports, h as addPath, a as info, n as setOutput, s as setFailed, o as startGroup, p as endGroup } from './exec-zlpfwmpH.js';
import * as fs from 'fs';
import * as path from 'path';
import 'os';
@ -124,7 +124,7 @@ function getSuffixAndName(runnerOS, runnerArch) {
async function getRealPath(filePath, runnerOS) {
switch (runnerOS) {
case "Windows": {
const windowsResult = await getExecOutput("cygpath", [
const windowsResult = await execExports.getExecOutput("cygpath", [
"--absolute",
"--windows",
filePath,
@ -132,14 +132,14 @@ async function getRealPath(filePath, runnerOS) {
return windowsResult.stdout.trim();
}
case "Linux": {
const linuxResult = await getExecOutput("readlink", [
const linuxResult = await execExports.getExecOutput("readlink", [
"-f",
filePath,
]);
return linuxResult.stdout.trim();
}
case "macOS": {
const macResult = await getExecOutput("greadlink", ["-f", filePath]);
const macResult = await execExports.getExecOutput("greadlink", ["-f", filePath]);
return macResult.stdout.trim();
}
default:
@ -169,7 +169,7 @@ async function getRealPath(filePath, runnerOS) {
async function installMacOSPackages() {
if (process.platform === "darwin") {
info("Installing required packages for macOS");
await exec("brew", ["install", "coreutils"]);
await execExports.exec("brew", ["install", "coreutils"]);
}
}
@ -207,10 +207,10 @@ async function downloadAndInstallBuildWrapper(downloadUrl, runnerEnv) {
fs.mkdirSync(runnerTemp, { recursive: true });
}
await exec("curl", ["-sSLo", tmpZipPath, downloadUrl]);
await execExports.exec("curl", ["-sSLo", tmpZipPath, downloadUrl]);
info("Decompressing");
await exec("unzip", ["-o", "-d", runnerTemp, tmpZipPath]);
await execExports.exec("unzip", ["-o", "-d", runnerTemp, tmpZipPath]);
endGroup();
}

2
dist/install-build-wrapper.js.map vendored
View file

File diff suppressed because one or more lines are too long