Bump SonarSource/sonarqube-scan-action from 4 to 5 #2701

dependabot · 2025-02-17T13:16:54Z

Bumps SonarSource/sonarqube-scan-action from 4 to 5.

Release notes

Sourced from SonarSource/sonarqube-scan-action's releases.

v5.0.0

What's Changed

SQSCANGHA-81 Update SonarScanner CLI to 7.0.2.4839 by @github-actions in SonarSource/sonarqube-scan-action#175

Full Changelog: SonarSource/sonarqube-scan-action@v4...v5.0.0

v4.2.1

What's Changed

SQSCANGHA-77 Change title back to SonarQube Scan Action by @antonioaversa in SonarSource/sonarqube-scan-action#166

Full Changelog: SonarSource/sonarqube-scan-action@v4.2.0...v4.2.1

v4.2.0

We are happy to announce this new version of the GitHub action, which brings support for C, C++, and Objective-C projects.

The action supports both AutoConfig scenarios, as well as scenarios where Build Wrapper is required, and is a complete replacement of sonarqube-github-c-cpp and sonarcloud-github-c-cpp.

To install Build Wrapper, a new sonarqube-scan-action/install-build-wrapper sub-action is provided.

Check the README for examples of configuration.

On top of C, C++, and Objective-C support, we have also improved our support of self-hosted GitHub runners:

we don't expect anymore the temporary runner folder (RUNNER_TEMP) to be cleaned after every job execution: if present, the action will clean it, before running

similarly, we don't expect anymore the Sonar SSL folder (~/sonar/ssl) to be cleaned after every job execution: if present, the action will clean it, before running

What's Changed

SQSCANGHA-64 Shorten action description to respect 125 chars limit by @antonioaversa in SonarSource/sonarqube-scan-action#157

SQCPPGHA-9 Extend action to support C, C++, and Objective-C projects by @antonioaversa in SonarSource/sonarqube-scan-action#161

README: required programs for self-hosted and container by @trgalho in SonarSource/sonarqube-scan-action#162

Force unzip without prompt in sonar scanner installation when files already exist by @blgnksy in SonarSource/sonarqube-scan-action#163

SQSCANGHA-75 Support self-hosted runners not clearing temp after run by @antonioaversa in SonarSource/sonarqube-scan-action#164

SQSCANGHA-76 Support self-hosted runners not clearing truststore after run by @antonioaversa in SonarSource/sonarqube-scan-action#165

New Contributors

@trgalho made their first contribution in SonarSource/sonarqube-scan-action#162

@blgnksy made their first contribution in SonarSource/sonarqube-scan-action#163

Full Changelog: SonarSource/sonarqube-scan-action@v4.1.0...v4.2.0

v4.1.0

The new version is now the official entrypoint for both Server and Cloud: a single GitHub action to interact with the SonarQube solution, whether on-premise or in the cloud!

It also brings several other improvements, including:

the ability to customize the location from where the SonarScanner CLI is downloaded, which can be useful when the runner is self-hosted and has regulated or no access to the Internet

the ability to use curl as a fallback when wget is not available in the environment of the runner

the requirement of the Java keytool to be available has been lifted

What's Changed

SQSCANGHA-51 Make Scanner CLI binaries URL customizable by @antonioaversa in SonarSource/sonarqube-scan-action#148

SQSCANGHA-55 Support GitHub self-hosted runners without wget by @antonioaversa in SonarSource/sonarqube-scan-action#151

... (truncated)

Commits

0303d6b Update SonarScanner CLI to 7.0.2.4839
3ed7560 SQSCANGHA-82 Automate the update of the Scanner CLI version
73cb22d Fix permission of the version_update workflow
994c850 SQSCANGHA-81 Update SonarScanner CLI to 7.0.1.4817 (#171)
7622374 SQSCANGHA-79 Update CODEOWNERS (#170)
6bbc136 SQSCANGHA-59 Use the new way of having theme sensitive images.
d6b87b0 DOC-403 Update links in the README.md file to the documentation (#167)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [SonarSource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 4 to 5. - [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases) - [Commits](SonarSource/sonarqube-scan-action@v4...v5) --- updated-dependencies: - dependency-name: SonarSource/sonarqube-scan-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>