Skip to content

Commit

Permalink
updates sonarsource workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
@SuttonMashing
SuttonMashing committed Jan 15, 2025
1 parent aaec935 commit bd03599
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/sonarcloud-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ jobs:
cd ..
- name: SonarCloud Scan
uses: SonarSource/sonarcloud-github-action@master
uses: SonarSource/sonarqube-scan-action@v4

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'SonarCloud-Analysis' step
Uses Step
Loading
uses 'SonarSource/sonarqube-scan-action' with ref 'v4', not a pinned commit hash
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

0 comments on commit bd03599

Please sign in to comment.