Skip to content

chore(deps): bump actions/upload-artifact from 3.1.2 to 4.4.3 #287

chore(deps): bump actions/upload-artifact from 3.1.2 to 4.4.3

chore(deps): bump actions/upload-artifact from 3.1.2 to 4.4.3 #287

Workflow file for this run

name: SonarCloud Analysis
on:
# Trigger analysis when pushing in master or pull requests, and when creating
# a pull request.
push:
branches:
- master
- dev
pull_request:
types: [opened, synchronize, reopened]
permissions:
contents: read
jobs:
sonarcloud:
permissions:
contents: read # for actions/checkout to fetch code
pull-requests: read # for sonarsource/sonarcloud-github-action to determine which PR to decorate
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@eb211723266fe8e83102bac7361f0a05c3ac1d1b # v3.0.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}