actions/gha-workflows
4
1
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity

chore(deps): update sonarsource/sonarqube-scan-action action to v6 #35

Merged
luke merged 1 commits from renovate/sonarsource-sonarqube-scan-action-6.x into main 2025-09-18 21:45:55 +02:00
Conversation 1 Commits 1 Files Changed 11 +11 -11
renovate-bot commented 2025-09-18 11:09:24 +02:00
Owner
Copy Link

This PR contains the following updates:

Package Type Update Change
SonarSource/sonarqube-scan-action action major v5.3.1 -> v6.0.0

Release Notes

SonarSource/sonarqube-scan-action (SonarSource/sonarqube-scan-action)

v6.0.0

Compare Source

BREAKING CHANGE!

In order to prevent command-line injection, the actions has been rewritten from Bash to JS, and the args input is now parsed differently. When updating to v6, you might have to update your workflow to change how arguments are quoted.
For example, if you were previously passing:

- uses: SonarSource/sonarqube-scan-action@<action version>
  with:
    args: >
      -Dsonar.projectName="My Project"

you should now pass:

- uses: SonarSource/sonarqube-scan-action@<action version>
  with:
    args: >
      "-Dsonar.projectName=My Project"

For more args passing examples, please refer to the README file

What's Changed

Full Changelog: https://github.com/SonarSource/sonarqube-scan-action/compare/v5.3.1...v6.0.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [SonarSource/sonarqube-scan-action](https://github.com/SonarSource/sonarqube-scan-action) | action | major | `v5.3.1` -> `v6.0.0` | --- ### Release Notes <details> <summary>SonarSource/sonarqube-scan-action (SonarSource/sonarqube-scan-action)</summary> ### [`v6.0.0`](https://github.com/SonarSource/sonarqube-scan-action/releases/tag/v6.0.0) [Compare Source](https://github.com/SonarSource/sonarqube-scan-action/compare/v5.3.1...v6.0.0) ##### BREAKING CHANGE! In order to prevent command-line injection, the actions has been rewritten from Bash to JS, and the `args` input is now parsed differently. When updating to v6, you might have to update your workflow to change how arguments are quoted. For example, if you were previously passing: ```yaml - uses: SonarSource/sonarqube-scan-action@<action version> with: args: > -Dsonar.projectName="My Project" ``` you should now pass: ```yaml - uses: SonarSource/sonarqube-scan-action@<action version> with: args: > "-Dsonar.projectName=My Project" ``` For more `args` passing examples, please refer to the [README](https://github.com/SonarSource/sonarqube-scan-action/tree/master?tab=readme-ov-file#args) file ##### What's Changed - SQSCANGHA-106 Migrate from Bash to JS by [@&#8203;jeremy-davis-sonarsource](https://github.com/jeremy-davis-sonarsource) in [#&#8203;208](https://github.com/SonarSource/sonarqube-scan-action/pull/208) **Full Changelog**: <https://github.com/SonarSource/sonarqube-scan-action/compare/v5.3.1...v6.0.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMTYuNyIsInVwZGF0ZWRJblZlciI6IjQxLjExNi43IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==-->
renovate-bot added the
type
dependencies
 label 2025-09-18 11:09:24 +02:00
renovate-bot added 1 commit 2025-09-18 11:09:26 +02:00
chore(deps): update sonarsource/sonarqube-scan-action action to v6 f14766b238
ai-review-bot commented 2025-09-18 11:09:36 +02:00
Owner
Copy Link

Decision: Accept
Change Score: 10/10

The proposed change updates the SonarQube scan action in multiple workflow files from version 5.3.1 to version 6.0.0. This is a straightforward version update. Ensure that the new version doesn't introduce any breaking changes to your workflow or require any configuration updates.

**Decision: Accept** **Change Score: 10/10** The proposed change updates the SonarQube scan action in multiple workflow files from version 5.3.1 to version 6.0.0. This is a straightforward version update. Ensure that the new version doesn't introduce any breaking changes to your workflow or require any configuration updates.
luke merged commit 2c3850834d into main 2025-09-18 21:45:55 +02:00
luke deleted branch renovate/sonarsource-sonarqube-scan-action-6.x 2025-09-18 21:45:56 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
duplicate
This issue or pull request already exists
good first issue
Good for newcomers
help wanted
Extra attention is needed
invalid
This doesn't seem right
type
bug
Something isn't working
type
dependencies
Issue or PR regarding project dependencies
type
documentation
Improvements or additions to documentation
type
enhancement
New feature or request
type
question
Further information is requested
wontfix
This will not be worked on
No Label
type
dependencies
Milestone
No items
No Milestone
Assignees
Clear assignees
ai-review-bot gitea-actions-bot luke renovate-bot
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: actions/gha-workflows#35
No description provided.
Delete Branch "renovate/sonarsource-sonarqube-scan-action-6.x"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?