Skip to content

chore(deps): update sonarsource/sonarqube-scan-action action to v6 #3804

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 27, 2025
Merged

chore(deps): update sonarsource/sonarqube-scan-action action to v6 #3804

merged 1 commit into from
Oct 27, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Oct 23, 2025

This PR contains the following updates:

Package Type Update Change
SonarSource/sonarqube-scan-action action major v5.3.2 -> v6.0.0

Release Notes

SonarSource/sonarqube-scan-action (SonarSource/sonarqube-scan-action)

v6.0.0

Compare Source

BREAKING CHANGE!

In order to prevent command-line injection, the actions has been rewritten from Bash to JS, and the args input is now parsed differently. When updating to v6, you might have to update your workflow to change how arguments are quoted.
For example, if you were previously passing:

- uses: SonarSource/sonarqube-scan-action@<action version>
  with:
    args: >
      -Dsonar.projectName="My Project"

you should now pass:

- uses: SonarSource/sonarqube-scan-action@<action version>
  with:
    args: >
      "-Dsonar.projectName=My Project"

For more args passing examples, please refer to the README file

What's Changed

Full Changelog: SonarSource/sonarqube-scan-action@v5.3.1...v6.0.0

Configuration

📅 Schedule: Branch creation - "before 07:00 on Thursday" in timezone Europe/Oslo, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added backport-ignore This PR is a new feature and should not be cherry-picked onto release branches kind/dependencies Pull requests that update a dependency file labels Oct 23, 2025
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 23, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 27, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@olemartinorg olemartinorg merged commit f05dbd1 into main Oct 27, 2025
10 of 11 checks passed
@olemartinorg olemartinorg deleted the renovate/sonarsource-sonarqube-scan-action-6.x branch October 27, 2025 13:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@olemartinorg olemartinorg olemartinorg approved these changes

Assignees

No one assigned

Labels

backport-ignore This PR is a new feature and should not be cherry-picked onto release branches kind/dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@olemartinorg