chore(deps): update sonarsource/sonarqube-scan-action action to v6 (#35)

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [SonarSource/sonarqube-scan-action](https://github.com/SonarSource/sonarqube-scan-action) | action | major | `v5.3.1` -> `v6.0.0` | --- ### Release Notes <details> <summary>SonarSource/sonarqube-scan-action (SonarSource/sonarqube-scan-action)</summary> ### [`v6.0.0`](https://github.com/SonarSource/sonarqube-scan-action/releases/tag/v6.0.0) [Compare Source](https://github.com/SonarSource/sonarqube-scan-action/compare/v5.3.1...v6.0.0) ##### BREAKING CHANGE! In order to prevent command-line injection, the actions has been rewritten from Bash to JS, and the `args` input is now parsed differently. When updating to v6, you might have to update your workflow to change how arguments are quoted. For example, if you were previously passing: ```yaml - uses: SonarSource/sonarqube-scan-action@<action version> with: args: > -Dsonar.projectName="My Project" ``` you should now pass: ```yaml - uses: SonarSource/sonarqube-scan-action@<action version> with: args: > "-Dsonar.projectName=My Project" ``` For more `args` passing examples, please refer to the [README](https://github.com/SonarSource/sonarqube-scan-action/tree/master?tab=readme-ov-file#args) file ##### What's Changed - SQSCANGHA-106 Migrate from Bash to JS by [@jeremy-davis-sonarsource](https://github.com/jeremy-davis-sonarsource) in [#208](https://github.com/SonarSource/sonarqube-scan-action/pull/208) **Full Changelog**: <https://github.com/SonarSource/sonarqube-scan-action/compare/v5.3.1...v6.0.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).  Reviewed-on: #35 Co-authored-by: Renovate [BOT] <renovate-bot@git.tainton.uk> Co-committed-by: Renovate [BOT] <renovate-bot@git.tainton.uk>
2025-09-18 21:45:53 +02:00
parent 18a4748738
commit 2c3850834d
11 changed files with 11 additions and 11 deletions
--- a/.gitea/workflows/ci-docker.yml
+++ b/.gitea/workflows/ci-docker.yml
@@ -24,7 +24,7 @@ jobs:
          no-fail: true

      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

--- a/.gitea/workflows/ci-python-poetry-with-docker.yml
+++ b/.gitea/workflows/ci-python-poetry-with-docker.yml
@@ -66,7 +66,7 @@ jobs:
          sed -i 's@${{ gitea.workspace }}@/github/workspace@g' coverage.xml

      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

--- a/.gitea/workflows/ci-python-poetry.yml
+++ b/.gitea/workflows/ci-python-poetry.yml
@@ -57,7 +57,7 @@ jobs:
          sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml

      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

--- a/.gitea/workflows/ci-python-uv-with-docker.yml
+++ b/.gitea/workflows/ci-python-uv-with-docker.yml
@@ -63,7 +63,7 @@ jobs:
        run: uv cache prune --ci

      - name: SonarQube Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
--- a/.gitea/workflows/ci-python-with-docker.yml
+++ b/.gitea/workflows/ci-python-with-docker.yml
@@ -58,7 +58,7 @@ jobs:
          sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml

      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

--- a/.gitea/workflows/ci-python.yml
+++ b/.gitea/workflows/ci-python.yml
@@ -51,7 +51,7 @@ jobs:
          sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml

      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

--- a/.github/workflows/ci-docker.yml
+++ b/.github/workflows/ci-docker.yml
@@ -22,7 +22,7 @@ jobs:
          format: sonarqube
          no-fail: true
      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
--- a/.github/workflows/ci-python-poetry-with-docker.yml
+++ b/.github/workflows/ci-python-poetry-with-docker.yml
@@ -49,7 +49,7 @@ jobs:
          poetry run coverage xml
          sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
--- a/.github/workflows/ci-python-poetry.yml
+++ b/.github/workflows/ci-python-poetry.yml
@@ -41,7 +41,7 @@ jobs:
          poetry run coverage xml
          sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
--- a/.github/workflows/ci-python-with-docker.yml
+++ b/.github/workflows/ci-python-with-docker.yml
@@ -50,7 +50,7 @@ jobs:
          coverage xml
          sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
--- a/.github/workflows/ci-python.yml
+++ b/.github/workflows/ci-python.yml
@@ -44,7 +44,7 @@ jobs:
          coverage xml
          sed -i 's@${{ github.workspace }}@/github/workspace@g' coverage.xml
      - name: SonarQube Cloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.3.1
+        uses: SonarSource/sonarqube-scan-action@v6.0.0
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}