sonarqube-agent[bot]
87c1a1a72c
fix: Commit 2 - Fully fix javascript:S7781
...
Commit 2 of SonarQube suggestions
Fully fixed issues:
- [javascript:S7781] AZ3P6TM6KPJHm3wzH1DD: Prefer `String#replaceAll()` over `String#replace()`.
Generated by SonarQube Agent
2026-04-27 17:13:08 +00:00
sonarqube-agent[bot]
3624b79d9a
fix: Commit 1 - Fully fix javascript:S7780
...
Commit 1 of SonarQube suggestions
Fully fixed issues:
- [javascript:S7780] AZ3P6TLCKPJHm3wzH1C-: `String.raw` should be used to avoid escaping `\`.
- [javascript:S7780] AZ3P6TLCKPJHm3wzH1C_: `String.raw` should be used to avoid escaping `\`.
- [javascript:S7780] AZ3P6TLCKPJHm3wzH1DA: `String.raw` should be used to avoid escaping `\`.
Generated by SonarQube Agent
2026-04-27 17:13:05 +00:00
Claire Villard
daf2073c97
SQSCANGHA-140 Fix code smells
...
Apply linter fixes to address code smells:
- Use replaceAll() instead of replace() with regex for string replacement
- Update dist files with linter changes
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-27 19:10:48 +02:00
Claire Villard
7a11667fa2
SQSCANGHA-140 Fix GPG path handling for Windows
...
Fix GPG signature verification on Windows by converting Windows-style
paths to Unix-style paths that GPG expects. GPG on Windows (from Git
for Windows) is a Unix tool that requires Unix-style paths.
Issue: GPG was receiving Windows paths like C:\a\_temp\gpg-home and
attempting to use them, resulting in malformed paths like
/c/a/sonarqube-scan-action/C:\a\_temp\gpg-home and errors:
- "keyblock resource: No such file or directory"
- "can't connect to the dirmngr: No such file or directory"
- "keyserver receive failed: No dirmngr"
Solution:
- Add convertToUnixPath() function to convert Windows paths to Unix-style
(e.g., C:\a\_temp\gpg -> /c/a/_temp/gpg)
- Apply conversion in tryImportKey() and runGpgVerify() before calling GPG
- No-op on non-Windows platforms
- Add comprehensive tests for path conversion
This ensures GPG signature verification works on all platforms (Linux,
macOS, and Windows).
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-27 19:06:35 +02:00
Claire Villard
79d962c4f8
SQSCANGHA-140 Add fallback keyserver for GPG signature verification
...
Add hkps://keys.openpgp.org as fallback keyserver to improve reliability
when the primary keyserver (keyserver.ubuntu.com) is unavailable due to
outages, network issues, or rate limiting.
Changes:
- Extract key import logic into tryImportKey() helper function
- Implement automatic fallback in importSonarSourceKey()
- Add comprehensive error messages showing both keyserver failures
- Add integration tests verifying fallback mechanism
- Update JSDoc to document fallback behavior
- Rebuild distribution
The implementation maintains backward compatibility with no changes to
function signatures or default behavior. Primary keyserver is always
attempted first.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-27 18:39:12 +02:00
Claire Villard
e8b2382915
SQSCANGHA-140 Implement OpenPGP signature verification for scanner downloads
...
Add GPG signature verification to ensure downloaded Sonar Scanner CLI binaries
are authentic and haven't been tampered with. This implements supply chain
security by verifying signatures against SonarSource's public key.
Changes:
- Add gpg-verification.js module with signature verification logic
- Download and verify .asc signature files alongside scanner ZIPs
- Import SonarSource public key from keyserver.ubuntu.com
- Add skipSignatureVerification input parameter (default: false)
- Add @actions/exec dependency for cross-platform GPG execution
- Add comprehensive unit tests for verification functions
- Update dist with bundled changes
Verification is enabled by default and uses an isolated temporary GPG home
directory to avoid polluting user's keyring. All temporary files are cleaned
up properly, even on errors.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-27 17:54:16 +02:00
Antoine Vinot
30dbe5c9ee
SQSCANGHA-138 Update dist and add ci test ( #233 )
...
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-1 (push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
(push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
-1 (push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
-2 (push) Has been cancelled
QA Main action / 'projectBaseDir' input
(push) Has been cancelled
QA Main action / 'projectBaseDir' input
-1 (push) Has been cancelled
QA Main action / 'projectBaseDir' input
-2 (push) Has been cancelled
QA Main action / Don't fail on Maven project
(push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-2 (push) Has been cancelled
QA Main action / 'scannerVersion' input
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / Don't fail on Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Kotlin Gradle project
(push) Has been cancelled
QA Main action / runAnalysisTest (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
(push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-1 (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-2 (push) Has been cancelled
QA Main action / runAnalysisWithCacheTest (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-1 (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
(push) Has been cancelled
QA Main action / 'scannerVersion' input validation
(push) Has been cancelled
QA Scripts / create_install_path.sh (push) Has been cancelled
QA Scripts / configure_paths.sh (push) Has been cancelled
QA Scripts / download.sh (push) Has been cancelled
QA Scripts / fetch_latest_version.sh (push) Has been cancelled
Unit tests / test (push) Has been cancelled
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Has been cancelled
Co-authored-by: Jarek Potiuk <jarek@potiuk.com>
2026-04-23 14:20:12 +02:00
Claire Villard
c8357220fa
SQSCANGHA-134 Upgrade the libraries to latest version ( #227 )
...
QA Main action / 'projectBaseDir' input
(push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-1 (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-2 (push) Has been cancelled
QA Main action / Don't fail on Gradle project
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / runAnalysisWithCacheTest (push) Has been cancelled
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Has been cancelled
QA Main action / 'projectBaseDir' input
-1 (push) Has been cancelled
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Has been cancelled
QA Main action / 'projectBaseDir' input
-2 (push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
-1 (push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
-2 (push) Has been cancelled
QA Main action / 'scannerVersion' input
(push) Has been cancelled
QA Main action / Don't fail on Kotlin Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Maven project
(push) Has been cancelled
QA Main action / runAnalysisTest (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
(push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
(push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-1 (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-2 (push) Has been cancelled
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT'
(push) Has been cancelled
QA Main action / truststore.p12 is updated when present
(push) Has been cancelled
QA Scripts / download.sh (push) Has been cancelled
QA Scripts / create_install_path.sh (push) Has been cancelled
QA Scripts / configure_paths.sh (push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-2 (push) Has been cancelled
QA Main action / 'scannerVersion' input validation
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-1 (push) Has been cancelled
Co-authored-by: Julien Carsique <julien.carsique@sonarsource.com>
2026-04-14 15:21:19 +02:00
Claire Villard
f00de44f57
SC-45750 Migrate to dateless license headers ( #229 )
QA Main action / 'projectBaseDir' input
(push) Has been cancelled
QA Main action / 'projectBaseDir' input
-1 (push) Has been cancelled
QA Main action / 'projectBaseDir' input
-2 (push) Has been cancelled
QA Main action / 'scannerVersion' input
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / Don't fail on Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Kotlin Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Maven project
(push) Has been cancelled
QA Main action / runAnalysisTest (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
(push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-1 (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-2 (push) Has been cancelled
QA Main action / runAnalysisWithCacheTest (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
(push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-1 (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-2 (push) Has been cancelled
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-1 (push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-2 (push) Has been cancelled
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT'
(push) Has been cancelled
QA Main action / truststore.p12 is updated when present
(push) Has been cancelled
QA Main action / 'scannerVersion' input validation
(push) Has been cancelled
QA Scripts / create_install_path.sh (push) Has been cancelled
QA Scripts / configure_paths.sh (push) Has been cancelled
QA Scripts / download.sh (push) Has been cancelled
QA Scripts / fetch_latest_version.sh (push) Has been cancelled
Unit tests / test (push) Has been cancelled
2026-04-10 13:57:27 +02:00
Claire Villard
f099b44166
SQSCANGHA-133 Upgrade the Node version used in UTs + contribution guide ( #226 )
QA Main action / 'projectBaseDir' input
(push) Has been cancelled
QA Main action / 'projectBaseDir' input
-1 (push) Has been cancelled
QA Main action / 'projectBaseDir' input
-2 (push) Has been cancelled
QA Main action / 'scannerVersion' input
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / Don't fail on Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Kotlin Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Maven project
(push) Has been cancelled
QA Main action / runAnalysisTest (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
(push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-1 (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-2 (push) Has been cancelled
QA Main action / runAnalysisWithCacheTest (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
(push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-1 (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-2 (push) Has been cancelled
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-1 (push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-2 (push) Has been cancelled
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT'
(push) Has been cancelled
QA Main action / truststore.p12 is updated when present
(push) Has been cancelled
QA Main action / 'scannerVersion' input validation
(push) Has been cancelled
QA Scripts / create_install_path.sh (push) Has been cancelled
QA Scripts / configure_paths.sh (push) Has been cancelled
QA Scripts / download.sh (push) Has been cancelled
QA Scripts / fetch_latest_version.sh (push) Has been cancelled
Unit tests / test (push) Has been cancelled
2026-04-03 10:34:00 +02:00
tomverin
d899ed2996
BUILD-10861 Dependabot 5-day cooldown + internal excludes ( #225 )
QA Main action / 'projectBaseDir' input
(push) Waiting to run
QA Main action / 'projectBaseDir' input
-1 (push) Waiting to run
QA Main action / 'projectBaseDir' input
-2 (push) Waiting to run
QA Main action / 'scannerVersion' input
(push) Waiting to run
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Waiting to run
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Waiting to run
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Waiting to run
QA Main action / Don't fail on Gradle project
(push) Waiting to run
QA Main action / Don't fail on Kotlin Gradle project
(push) Waiting to run
QA Main action / Don't fail on Maven project
(push) Waiting to run
QA Main action / runAnalysisTest (push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
(push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
-1 (push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
-2 (push) Waiting to run
QA Main action / runAnalysisWithCacheTest (push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
(push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
-1 (push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
-2 (push) Waiting to run
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-1 (push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-2 (push) Waiting to run
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT'
(push) Waiting to run
QA Main action / truststore.p12 is updated when present
(push) Waiting to run
QA Main action / 'scannerVersion' input validation
(push) Waiting to run
QA Scripts / create_install_path.sh (push) Waiting to run
QA Scripts / configure_paths.sh (push) Waiting to run
QA Scripts / download.sh (push) Waiting to run
QA Scripts / fetch_latest_version.sh (push) Waiting to run
Unit tests / test (push) Waiting to run
2026-04-02 15:07:08 +02:00
Claire Villard
299e4b793a
SQSCANGHA-132 Upgrade Node to 24 ( #224 )
QA Main action / truststore.p12 is updated when present
(push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
(push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
-1 (push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
-2 (push) Has been cancelled
QA Main action / 'projectBaseDir' input
(push) Has been cancelled
QA Main action / 'projectBaseDir' input
-1 (push) Has been cancelled
QA Main action / 'projectBaseDir' input
-2 (push) Has been cancelled
QA Main action / 'scannerVersion' input
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / Don't fail on Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Kotlin Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Maven project
(push) Has been cancelled
QA Main action / runAnalysisTest (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
(push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-1 (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-2 (push) Has been cancelled
QA Main action / runAnalysisWithCacheTest (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
(push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-1 (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-2 (push) Has been cancelled
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-1 (push) Has been cancelled
QA Main action / 'scannerVersion' input validation
(push) Has been cancelled
QA Scripts / create_install_path.sh (push) Has been cancelled
QA Scripts / configure_paths.sh (push) Has been cancelled
QA Scripts / download.sh (push) Has been cancelled
QA Scripts / fetch_latest_version.sh (push) Has been cancelled
2026-04-01 11:14:54 +02:00
dependabot[bot]
3988e54db2
SQSCANGHA-131 Bump picomatch from 4.0.3 to 4.0.4 ( #223 )
...
QA Main action / 'args' input with other command injection variants does not execute command
(push) Waiting to run
QA Main action / 'args' input with other command injection variants does not execute command
-1 (push) Waiting to run
QA Main action / 'args' input with other command injection variants does not execute command
-2 (push) Waiting to run
QA Main action / 'projectBaseDir' input
(push) Waiting to run
QA Main action / 'projectBaseDir' input
-1 (push) Waiting to run
QA Main action / 'projectBaseDir' input
-2 (push) Waiting to run
QA Main action / 'scannerVersion' input
(push) Waiting to run
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Waiting to run
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Waiting to run
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Waiting to run
QA Main action / Don't fail on Gradle project
(push) Waiting to run
QA Main action / Don't fail on Kotlin Gradle project
(push) Waiting to run
QA Main action / Don't fail on Maven project
(push) Waiting to run
QA Main action / runAnalysisTest (push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
(push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
-1 (push) Waiting to run
QA Main action / 'RUNNER_DEBUG' is used
-2 (push) Waiting to run
QA Main action / 'scannerVersion' input validation
(push) Waiting to run
QA Main action / runAnalysisWithCacheTest (push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
(push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
-1 (push) Waiting to run
QA Main action / 'SONARCLOUD_URL' is used
-2 (push) Waiting to run
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Waiting to run
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-1 (push) Waiting to run
QA Scripts / create_install_path.sh (push) Waiting to run
QA Scripts / configure_paths.sh (push) Waiting to run
QA Scripts / download.sh (push) Waiting to run
QA Scripts / fetch_latest_version.sh (push) Waiting to run
Unit tests / test (push) Waiting to run
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-31 08:58:59 +02:00
dependabot[bot]
9598b8a83f
SQSCANGHA-130 Bump rollup from 4.50.1 to 4.59.0 ( #221 )
...
QA Main action / 'projectBaseDir' input
(push) Has been cancelled
QA Main action / 'projectBaseDir' input
-1 (push) Has been cancelled
QA Main action / 'projectBaseDir' input
-2 (push) Has been cancelled
QA Main action / 'scannerVersion' input
(push) Has been cancelled
QA Main action / Don't fail on Maven project
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / Don't fail on Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Kotlin Gradle project
(push) Has been cancelled
QA Main action / runAnalysisTest (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
(push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-1 (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
-2 (push) Has been cancelled
QA Main action / runAnalysisWithCacheTest (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
(push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-1 (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
-2 (push) Has been cancelled
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-1 (push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
-2 (push) Has been cancelled
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT'
(push) Has been cancelled
QA Main action / truststore.p12 is updated when present
(push) Has been cancelled
QA Main action / 'scannerVersion' input validation
(push) Has been cancelled
QA Scripts / create_install_path.sh (push) Has been cancelled
QA Scripts / configure_paths.sh (push) Has been cancelled
QA Scripts / download.sh (push) Has been cancelled
QA Scripts / fetch_latest_version.sh (push) Has been cancelled
Unit tests / test (push) Has been cancelled
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-06 10:07:15 +01:00
dependabot[bot]
dcc5211de5
SQSCANGHA-128 NO-JIRA Bump actions/cache from 4 to 5 ( #219 )
...
QA Deprecated C and C++ action / Action outputs (push) Has been cancelled
QA Install Build Wrapper action / Action outputs (push) Has been cancelled
QA Main action / No inputs
(push) Has been cancelled
QA Main action / 'args' input with backticks injection does not execute command
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / Don't fail on Gradle project
(push) Has been cancelled
QA Main action / 'args' input
(push) Has been cancelled
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT'
(push) Has been cancelled
QA Scripts / download.sh (push) Has been cancelled
QA Main action / 'args' input with command injection will fail
(push) Has been cancelled
QA Main action / 'args' input with dollar command injection does not execute command
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
(push) Has been cancelled
QA Main action / 'scannerVersion' input
(push) Has been cancelled
QA Main action / 'projectBaseDir' input
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Has been cancelled
QA Scripts / configure_paths.sh (push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / Don't fail on Maven project
(push) Has been cancelled
QA Main action / Don't fail on Kotlin Gradle project
(push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
(push) Has been cancelled
QA Main action / runAnalysisTest (push) Has been cancelled
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Has been cancelled
QA Main action / truststore.p12 is updated when present
(push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
(push) Has been cancelled
QA Main action / 'scannerVersion' input validation
(push) Has been cancelled
QA Main action / runAnalysisWithCacheTest (push) Has been cancelled
QA Scripts / fetch_latest_version.sh (push) Has been cancelled
QA Scripts / create_install_path.sh (push) Has been cancelled
Unit tests / test (push) Has been cancelled
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-16 20:53:44 +01:00
Claire Villard
b9f37f9de0
SQSCANGHA-129 Fix the Analysis Processing team name in CODEOWNERS ( #220 )
...
Unit tests / test (push) Has been cancelled
QA Deprecated C and C++ action / Action outputs (push) Has been cancelled
QA Install Build Wrapper action / Action outputs (push) Has been cancelled
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT'
(push) Has been cancelled
QA Main action / truststore.p12 is updated when present
(push) Has been cancelled
QA Main action / No inputs
(push) Has been cancelled
QA Main action / 'args' input with backticks injection does not execute command
(push) Has been cancelled
QA Main action / 'args' input with dollar command injection does not execute command
(push) Has been cancelled
QA Main action / 'scannerVersion' input
(push) Has been cancelled
QA Main action / 'args' input
(push) Has been cancelled
QA Main action / 'args' input with command injection will fail
(push) Has been cancelled
QA Scripts / create_install_path.sh (push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
(push) Has been cancelled
QA Main action / 'projectBaseDir' input
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / Don't fail on Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Kotlin Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Maven project
(push) Has been cancelled
QA Main action / runAnalysisTest (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
(push) Has been cancelled
QA Main action / 'scannerVersion' input validation
(push) Has been cancelled
QA Main action / runAnalysisWithCacheTest (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
(push) Has been cancelled
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Has been cancelled
QA Scripts / configure_paths.sh (push) Has been cancelled
QA Scripts / download.sh (push) Has been cancelled
QA Scripts / fetch_latest_version.sh (push) Has been cancelled
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-11 11:37:16 +01:00
github-actions[bot]
a31c9398be
SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 ( #218 )
QA Deprecated C and C++ action / Action outputs (push) Has been cancelled
Unit tests / test (push) Has been cancelled
QA Install Build Wrapper action / Action outputs (push) Has been cancelled
QA Main action / No inputs
(push) Has been cancelled
QA Main action / 'args' input
(push) Has been cancelled
QA Main action / 'args' input with command injection will fail
(push) Has been cancelled
QA Main action / 'args' input with backticks injection does not execute command
(push) Has been cancelled
QA Main action / 'args' input with dollar command injection does not execute command
(push) Has been cancelled
QA Main action / 'args' input with other command injection variants does not execute command
(push) Has been cancelled
QA Main action / 'projectBaseDir' input
(push) Has been cancelled
QA Main action / 'scannerVersion' input
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' input with invalid URL
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / 'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command
(push) Has been cancelled
QA Main action / Don't fail on Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Kotlin Gradle project
(push) Has been cancelled
QA Main action / Don't fail on Maven project
(push) Has been cancelled
QA Main action / runAnalysisTest (push) Has been cancelled
QA Main action / 'RUNNER_DEBUG' is used
(push) Has been cancelled
QA Main action / runAnalysisWithCacheTest (push) Has been cancelled
QA Main action / 'SONARCLOUD_URL' is used
(push) Has been cancelled
QA Main action / curl performs redirect when scannerBinariesUrl returns 3xx
(push) Has been cancelled
QA Main action / 'SONAR_ROOT_CERT' is converted to truststore
(push) Has been cancelled
QA Main action / Analysis takes into account 'SONAR_ROOT_CERT'
(push) Has been cancelled
QA Main action / truststore.p12 is updated when present
(push) Has been cancelled
QA Main action / 'scannerVersion' input validation
(push) Has been cancelled
QA Scripts / create_install_path.sh (push) Has been cancelled
QA Scripts / configure_paths.sh (push) Has been cancelled
QA Scripts / download.sh (push) Has been cancelled
QA Scripts / fetch_latest_version.sh (push) Has been cancelled
2025-12-09 09:53:51 +01:00
dependabot[bot]
40f5b61913
SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 ( #214 )
2025-10-15 15:09:18 +02:00
Brandon Davis
9bf7c126a1
SQSCANGHA-122 Include caveats for running SCA ( #213 )
2025-10-09 06:21:35 -05:00
github-actions[bot]
ba6563cca7
Update SonarScanner CLI to 7.3.0.5189 ( #212 )
2025-10-06 09:29:17 +02:00
dependabot[bot]
5ffbad4454
SQSCANGHA-120 Bump actions/setup-node from 4 to 5 ( #211 )
2025-09-22 07:47:48 +02:00
Joan Biel
fd88b7d7cc
SQSCANGHA-119 New Readme structure
...
Add quick start section
Increase visibility of special cases and alternatives
Prioritize SQC examples over SQS
2025-09-18 10:38:53 +02:00
Julien HENRY
27a157d234
SQSCANGHA-118 Update the README to document the breaking change for args parsing
2025-09-18 10:38:53 +02:00
Jeremy Davis
e327da8e78
NO-JIRA Add documentation for contribution
2025-09-18 10:38:53 +02:00
Jeremy Davis
ff001fd600
SQSCANGHA-107 Migrate install-build-wrapper
2025-09-18 10:38:53 +02:00
Jeremy Davis
a88c96d7e4
SQSCANGHA-107 Make room for install-build-wrapper action
2025-09-18 10:38:53 +02:00
Jeremy Davis
a64281002c
SQSCANGHA-112 SQSCANGHA-113 Fixes from review and keytool refactor
2025-09-18 10:38:53 +02:00
Julien HENRY
60aee7033b
NO-JIRA Disable fail fast on matrix jobs
2025-09-18 10:38:53 +02:00
Julien HENRY
502204eab4
NO-JIRA Fix test assertion
2025-09-18 10:38:53 +02:00
Jeremy Davis
0b794a06fa
SQSCANGHA-112 Delete legacy shell script
2025-09-18 10:38:53 +02:00
Jeremy Davis
ece10df5d7
SQSCANGHA-112 Extract installation step and other fixes
2025-09-18 10:38:53 +02:00
Jeremy Davis
ee80e84272
SQSCANGHA-112 Fix redirect test to deal with TLS
2025-09-18 10:38:53 +02:00
Jeremy Davis
cbabf0572a
SQSCANGHA-113 Delete legacy shell scripts
2025-09-18 10:38:53 +02:00
Jeremy Davis
16df975da5
SQSCANGHA-113 Migrate scanner run step
2025-09-18 10:38:53 +02:00
Jeremy Davis
ed9f3aad50
SQSCANGHA-112 Migrate installation step
2025-09-18 10:38:53 +02:00
Jeremy Davis
8f448484d9
SQSCANGHA-115 Delete legacy shell script
2025-09-18 10:38:53 +02:00
Jeremy Davis
6a808e9a20
SQSCANGHA-115 Migrate sanity checks
2025-09-18 10:38:53 +02:00
Jeremy Davis
9db61695c9
SQSCANGHA-117 Set up js build
2025-09-18 10:38:53 +02:00
SonarTech
5837ebfcca
BUILD-8875: Migrate to standardized GitHub runner names
...
Co-authored-by: Julien HENRY <julien.henry@sonarsource.com>
2025-09-02 10:10:38 +02:00
Daan Timmer
1a6d90ebcb
SQSCANGHA-102 Pin actions/cache to a full-length commit SHA ( #199 )
2025-08-28 12:18:32 +02:00
Aleksandra Bozhinoska
016cabf33a
SQSCANGHA-101 Add more command injection tests
2025-08-28 10:57:10 +02:00
Aleksandra Bozhinoska
5fc8cfce6b
SQSCANGHA-101 Fix sha256 check in QA Deprecated C/C++ action
2025-08-28 10:57:10 +02:00
dependabot[bot]
786af10ed4
NO-JIRA Bump actions/checkout from 4 to 5
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-08-19 13:34:18 +02:00
Julien HENRY
01850e2590
SQSCANGHA-94 Fix the scanner-update workflow
2025-07-22 11:46:10 +02:00
github-actions[bot]
8c71dc039c
SQSCANGHA-98 Update SonarScanner CLI to 7.2.0.5079 ( #196 )
...
Co-authored-by: SonarTech <sonartech@sonarsource.com>
2025-07-22 10:45:53 +02:00
Elian Doran
ef211f93a6
SQSCANGHA-97 Use /usr/bin/env for shebang ( #193 )
2025-06-30 10:17:39 +02:00
Samir M
74f62c995b
BUILD-8073 Migrate public repositories workflows to large runners
2025-05-26 14:06:24 +02:00
Aleksandra Bozhinoska
c8aa051cc4
SQSCANGHA-83 Avoid unbound variable error on parameter expansion ( #192 )
2025-05-16 16:57:48 +02:00
csaba-feher-sonarsource
bfe63be746
SQSCANGHA-95 Update CODEOWNERS ( #190 )
2025-05-07 15:34:05 +02:00
csaba-feher-sonarsource
2500896589
SQSCANGHA-92 Validate scanner version ( #189 )
...
Co-authored-by: Julien HENRY <julien.henry@sonarsource.com>
2025-05-05 17:48:40 +02:00
