From 70aa168ab3edd590597eb9e1b1648030cbb9648e Mon Sep 17 00:00:00 2001
From: Gustavo Cunha <dev@gustavocunha.dev>
Date: Tue, 28 Apr 2026 21:27:12 +0200
Subject: [PATCH] SQSCANGHA-140 Set skipSignatureVerification default value to
 true to avoid breaking change

Address https://github.com/SonarSource/sonarqube-scan-action/pull/235#issuecomment-4336781662
---
 action.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/action.yml b/action.yml
index f636ea2..0693239 100644
--- a/action.yml
+++ b/action.yml
@@ -25,9 +25,9 @@ inputs:
     required: false
     default: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli
   skipSignatureVerification:
-    description: Skip GPG signature verification (not recommended for security)
+    description: Skip GPG signature verification (defaults to true temporarily while dirmngr dependency is resolved; set to false to enable verification)
     required: false
-    default: "false"
+    default: "true"
 runs:
   using: node24
   main: dist/index.js