Skip to content

chore(deps): bump actions/checkout from 3.5.2 to 4.2.2 #298

chore(deps): bump actions/checkout from 3.5.2 to 4.2.2

chore(deps): bump actions/checkout from 3.5.2 to 4.2.2 #298

Workflow file for this run

name: SonarCloud Analysis
on:
# Trigger analysis when pushing in master or pull requests, and when creating
# a pull request.
push:
branches:
- master
- dev
pull_request:
types: [opened, synchronize, reopened]
permissions:
contents: read
jobs:
sonarcloud:
permissions:
contents: read # for actions/checkout to fetch code
pull-requests: read # for sonarsource/sonarcloud-github-action to determine which PR to decorate
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: SonarCloud Scan
uses: sonarsource/sonarcloud-github-action@eb211723266fe8e83102bac7361f0a05c3ac1d1b # v3.0.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}