chore(deps): update sonarsource/sonarqube-scan-action action to v4 (#9)
Some checks failed
Lint / Lint (push) Successful in 32s
SonarQube Scan / SonarQube Trigger (push) Has been cancelled

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [SonarSource/sonarqube-scan-action](https://github.com/SonarSource/sonarqube-scan-action) | action | major | `v3.1.0` -> `v4.0.0` |

---

### Release Notes

<details>
<summary>SonarSource/sonarqube-scan-action (SonarSource/sonarqube-scan-action)</summary>

### [`v4.0.0`](https://github.com/SonarSource/sonarqube-scan-action/releases/tag/v4.0.0)

[Compare Source](https://github.com/SonarSource/sonarqube-scan-action/compare/v3.1.0...v4.0.0)

#### What's Changed

-   SQSCANGHA-46 Replace the Docker action by a composite action by [@&#8203;henryju](https://github.com/henryju) and [@&#8203;antonioaversa](https://github.com/antonioaversa) in https://github.com/SonarSource/sonarqube-scan-action/pull/145

This new major version removes Docker, moving to a [composite action](https://docs.github.com/en/actions/sharing-automations/creating-actions/creating-a-composite-action).
This has multiple benefits:

-   you can now use our GitHub action with Java and Dart project, which previously didn’t support it due to Docker isolation
-   your run won’t fail anymore in peak workload scenarios due to the Docker image hitting the rate limit on DockerHub
-   the scan won’t need to run the scan as a root user, as recommended by GitHub for operations happening in a Docker container
-   you will be able to run the action as part of your workflow on any Operating System

We expect no issues for the vast majority of users, and we encourage you to move to the new version.
You can read more about this new release [here](https://community.sonarsource.com/t/the-upcoming-release-of-github-action-for-sonarqube-v-4-0-0-remove-docker/130180).

**Full Changelog**: https://github.com/SonarSource/sonarqube-scan-action/compare/v3.1.0...v4.0.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMTAuMiIsInVwZGF0ZWRJblZlciI6IjM4LjExMC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Reviewed-on: #9
Co-authored-by: Renovate Bot <renovatebot@schulze.network>
Co-committed-by: Renovate Bot <renovatebot@schulze.network>
This commit is contained in:
Renovate Bot 2024-11-18 13:38:56 +01:00 committed by Felix Schulze
parent 02b28c3b29
commit b69ef2ff26

View File

@ -19,7 +19,7 @@ jobs:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: SonarQube Scan
uses: SonarSource/sonarqube-scan-action@13990a695682794b53148ff9f6a8b6e22e43955e # v3.1.0
uses: SonarSource/sonarqube-scan-action@94d4f8ac4aaefccd7fb84bff00b0aeb2d65fcd49 # v4.0.0
env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}