actions/sonarqube-scan-action
3
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2026-04-26 14:58:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

BUILD-10861: Dependabot cooldown (5 days) and internal excludes

Browse source 
- Version updates: minimum package age via cooldown (default-days: 5).
- Security updates are not affected by cooldown (GitHub behavior).
- exclude: org.sonarsource*, com.sonarsource*, npm @sonarsource/*, actions SonarSource/* as applicable.
- Aligns supply-chain policy with BUILD-10860 (Renovate) intent.
This commit is contained in:
Thomas Vérin 2026-04-02 14:14:19 +02:00
parent 299e4b793a
commit 7a1a48cce8
No known key found for this signature in database
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
.github/dependabot.yml vendored
View file

@ -12,5 +12,9 @@ updates:
interval: "daily" interval: "daily"
timezone: "CET" timezone: "CET"
open-pull-requests-limit: 100 open-pull-requests-limit: 100
cooldown:
default-days: 5
exclude:
- "SonarSource/*"
commit-message: commit-message:
prefix: "NO-JIRA " prefix: "NO-JIRA "