actions/sonarqube-scan-action
2
0
Fork 0
mirror of https://github.com/SonarSource/sonarqube-scan-action.git synced 2026-05-14 06:35:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

SQSCANGHA-134 Upgrade the libraries to latest version (#227)
Some checks failed
QA Install Build Wrapper action / Action outputs-3 (push) Has been cancelled
Details
QA Main action / 'args' input -1 (push) Has been cancelled
Details
QA Main action / 'projectBaseDir' input (push) Has been cancelled
Details
QA Main action / 'RUNNER_DEBUG' is used -1 (push) Has been cancelled
Details
QA Main action / 'RUNNER_DEBUG' is used -2 (push) Has been cancelled
Details
QA Install Build Wrapper action / Action outputs-5 (push) Has been cancelled
Details
QA Main action / Don't fail on Gradle project (push) Has been cancelled
Details
QA Install Build Wrapper action / Action outputs-7 (push) Has been cancelled
Details
QA Main action / 'args' input with command injection will fail -3 (push) Has been cancelled
Details
QA Main action / 'args' input with command injection will fail -4 (push) Has been cancelled
Details
QA Install Build Wrapper action / Action outputs-8 (push) Has been cancelled
Details
QA Main action / No inputs (push) Has been cancelled
Details
QA Main action / No inputs -1 (push) Has been cancelled
Details
QA Main action / 'args' input (push) Has been cancelled
Details
QA Main action / 'args' input -2 (push) Has been cancelled
Details
QA Main action / 'args' input with command injection will fail (push) Has been cancelled
Details
QA Main action / 'args' input with command injection will fail -1 (push) Has been cancelled
Details
QA Main action / 'args' input with other command injection variants does not execute command (push) Has been cancelled
Details
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command (push) Has been cancelled
Details
QA Main action / runAnalysisWithCacheTest (push) Has been cancelled
Details
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx (push) Has been cancelled
Details
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore (push) Has been cancelled
Details
QA Main action / 'args' input with command injection will fail -2 (push) Has been cancelled
Details
QA Main action / 'args' input with backticks injection does not execute command (push) Has been cancelled
Details
QA Main action / 'projectBaseDir' input -1 (push) Has been cancelled
Details
QA Main action / 'scannerBinariesUrl' input with invalid URL (push) Has been cancelled
Details
QA Main action / 'args' input with command injection will fail -5 (push) Has been cancelled
Details
QA Main action / 'args' input with backticks injection does not execute command -1 (push) Has been cancelled
Details
QA Main action / 'args' input with backticks injection does not execute command -2 (push) Has been cancelled
Details
QA Main action / 'args' input with dollar command injection does not execute command (push) Has been cancelled
Details
QA Main action / 'projectBaseDir' input -2 (push) Has been cancelled
Details
QA Main action / 'args' input with dollar command injection does not execute command -1 (push) Has been cancelled
Details
QA Main action / 'args' input with other command injection variants does not execute command -1 (push) Has been cancelled
Details
QA Main action / 'args' input with dollar command injection does not execute command -2 (push) Has been cancelled
Details
QA Main action / 'args' input with other command injection variants does not execute command -2 (push) Has been cancelled
Details
QA Main action / 'scannerVersion' input (push) Has been cancelled
Details
QA Main action / Don't fail on Kotlin Gradle project (push) Has been cancelled
Details
QA Main action / Don't fail on Maven project (push) Has been cancelled
Details
QA Main action / runAnalysisTest (push) Has been cancelled
Details
QA Main action / 'RUNNER_DEBUG' is used (push) Has been cancelled
Details
QA Main action / 'SONARCLOUD_URL' is used (push) Has been cancelled
Details
QA Main action / 'SONARCLOUD_URL' is used -1 (push) Has been cancelled
Details
QA Main action / 'SONARCLOUD_URL' is used -2 (push) Has been cancelled
Details
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT' (push) Has been cancelled
Details
QA Main action / truststore.p12 is updated when present (push) Has been cancelled
Details
QA Scripts / download.sh (push) Has been cancelled
Details
QA Scripts / create_install_path.sh (push) Has been cancelled
Details
QA Scripts / configure_paths.sh (push) Has been cancelled
Details
Unit tests / test (push) Has been cancelled
Details
QA Scripts / fetch_latest_version.sh (push) Has been cancelled
Details
QA Install Build Wrapper action / Action outputs (push) Has been cancelled
Details
QA Install Build Wrapper action / Action outputs-2 (push) Has been cancelled
Details
QA Deprecated C and C++ action / Action outputs (push) Has been cancelled
Details
QA Deprecated C and C++ action / Action outputs-3 (push) Has been cancelled
Details
QA Deprecated C and C++ action / Action outputs-1 (push) Has been cancelled
Details
QA Deprecated C and C++ action / Action outputs-5 (push) Has been cancelled
Details
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore -2 (push) Has been cancelled
Details
QA Main action / 'scannerVersion' input validation (push) Has been cancelled
Details
QA Deprecated C and C++ action / Action outputs-2 (push) Has been cancelled
Details
QA Deprecated C and C++ action / Action outputs-8 (push) Has been cancelled
Details
QA Deprecated C and C++ action / Action outputs-4 (push) Has been cancelled
Details
QA Deprecated C and C++ action / Action outputs-6 (push) Has been cancelled
Details
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command (push) Has been cancelled
Details
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore -1 (push) Has been cancelled
Details
QA Deprecated C and C++ action / Action outputs-7 (push) Has been cancelled
Details
QA Install Build Wrapper action / Action outputs-1 (push) Has been cancelled
Details
QA Install Build Wrapper action / Action outputs-4 (push) Has been cancelled
Details
QA Install Build Wrapper action / Action outputs-6 (push) Has been cancelled
Details

Browse source 
Co-authored-by: Julien Carsique <julien.carsique@sonarsource.com>
This commit is contained in:
Claire Villard 2026-04-14 15:21:19 +02:00 committed by GitHub
parent f00de44f57
commit c8357220fa
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
17 changed files with 34084 additions and 2834 deletions
Download patch file Download diff file Expand all files Collapse all files

2
.github/workflows/qa-deprecated-c-cpp.yml vendored
View file

@ -34,7 +34,7 @@ jobs:
exit 1
fi
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis

2
.github/workflows/qa-install-build-wrapper.yml vendored
View file

@ -34,7 +34,7 @@ jobs:
exit 1
fi
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis

48
.github/workflows/qa-main.yml vendored
View file

@ -17,7 +17,7 @@ jobs:
os: [github-ubuntu-latest-s, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action without args
@ -37,7 +37,7 @@ jobs:
os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with args
@ -66,7 +66,7 @@ jobs:
]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with args
@ -93,7 +93,7 @@ jobs:
os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with args
@ -121,7 +121,7 @@ jobs:
os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with args
@ -148,7 +148,7 @@ jobs:
os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with args
@ -178,7 +178,7 @@ jobs:
os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- run: mkdir -p ./baseDir
@ -198,7 +198,7 @@ jobs:
'scannerVersion' input
runs-on: github-ubuntu-latest-s # assumes default RUNNER_ARCH for linux is X64
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with scannerVersion
@ -222,7 +222,7 @@ jobs:
'scannerBinariesUrl' input with invalid URL
runs-on: github-ubuntu-latest-s # assumes default RUNNER_ARCH for linux is X64
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with scannerBinariesUrl
@ -250,7 +250,7 @@ jobs:
'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with scannerBinariesUrl
@ -271,7 +271,7 @@ jobs:
'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Remove wget
@ -300,7 +300,7 @@ jobs:
Don't fail on Gradle project
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action on Gradle project
@ -321,7 +321,7 @@ jobs:
Don't fail on Kotlin Gradle project
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action on Kotlin Gradle project
@ -342,7 +342,7 @@ jobs:
Don't fail on Maven project
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action on Maven project
@ -375,7 +375,7 @@ jobs:
--health-timeout 5s
--health-retries 10
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action on sample project
@ -398,7 +398,7 @@ jobs:
os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with debug mode
@ -429,11 +429,11 @@ jobs:
--health-timeout 5s
--health-retries 10
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: SonarQube Cache
uses: actions/cache@v5
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
with:
path: ${{ github.workspace }}/.sonar/cache
key: ${{ runner.os }}-${{ runner.arch }}-sonar
@ -458,7 +458,7 @@ jobs:
os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with SONARCLOUD_URL
@ -477,7 +477,7 @@ jobs:
curl performs redirect when scannerBinariesUrl returns 3xx
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Remove wget
@ -521,7 +521,7 @@ jobs:
os: [github-ubuntu-latest-s, github-windows-latest-s, macos-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with SSL certificate
@ -572,7 +572,7 @@ jobs:
Analysis takes into account 'SONAR_ROOT_CERT'
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Generate server certificate
@ -680,7 +680,7 @@ jobs:
truststore.p12 is updated when present
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Create SONAR_SSL_FOLDER with a file in it (not-truststore.p12)
@ -809,7 +809,7 @@ jobs:
'scannerVersion' input validation
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run action with invalid scannerVersion

8
.github/workflows/qa-scripts.yml vendored
View file

@ -12,7 +12,7 @@ jobs:
name: create_install_path.sh
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
@ -123,7 +123,7 @@ jobs:
SONAR_SCANNER_URL_MACOSX_AARCH64: 'https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-vX.Y.Z.MMMM-macosx-aarch64.zip'
SONAR_SCANNER_SHA_MACOSX_AARCH64: 'DOWNLOAD-SHA-MACOSX-AARCH64'
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
@ -252,7 +252,7 @@ jobs:
name: download.sh
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
@ -321,7 +321,7 @@ jobs:
name: fetch_latest_version.sh
runs-on: github-ubuntu-latest-s
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Test script

12
.github/workflows/unit-tests.yml vendored
View file

@ -7,17 +7,23 @@ on:
jobs:
test:
runs-on: ubuntu-latest
runs-on: github-ubuntu-latest-s
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Setup Node.js
uses: actions/setup-node@v6
uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f #v6.3.0
with:
node-version: "24"
cache: "npm"
- name: Configure NPM with Repox
uses: SonarSource/ci-github-actions/config-npm@v1
- name: Install dependencies
run: npm ci

2
.github/workflows/update-tags.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Parse semver
uses: madhead/semver-utils@36d1e0ed361bd7b4b77665de8093092eaeabe6ba # v4.3.0

4
.github/workflows/version_update.yml vendored
View file

@ -13,7 +13,7 @@ jobs:
new-version: ${{ steps.latest-version.outputs.sonar-scanner-version }}
steps:
- run: sudo apt install -y jq
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: master
fetch-depth: 0
@ -49,7 +49,7 @@ jobs:
pull-requests: write
if: needs.check-version.outputs.should_update == 'true'
steps:
- uses: actions/checkout@v5
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: master
persist-credentials: true