Skip to content

chore(ci): bump SonarSource/sonarqube-scan-action from 6.0.0 to 7.1.0#3341

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/SonarSource/sonarqube-scan-action-7.1.0
Closed

chore(ci): bump SonarSource/sonarqube-scan-action from 6.0.0 to 7.1.0#3341
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/SonarSource/sonarqube-scan-action-7.1.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 21, 2026

Copy link
Copy Markdown
Contributor

Bumps SonarSource/sonarqube-scan-action from 6.0.0 to 7.1.0.

Release notes

Sourced from SonarSource/sonarqube-scan-action's releases.

v7.1.0

What's Changed

Full Changelog: SonarSource/sonarqube-scan-action@v7...v7.1.0

v7.0.0

What's Changed

New Contributors

Full Changelog: SonarSource/sonarqube-scan-action@v6.0.0...v7.0.0

Commits
  • 299e4b7 SQSCANGHA-132 Upgrade Node to 24 (#224)
  • 3988e54 SQSCANGHA-131 Bump picomatch from 4.0.3 to 4.0.4 (#223)
  • 9598b8a SQSCANGHA-130 Bump rollup from 4.50.1 to 4.59.0 (#221)
  • dcc5211 SQSCANGHA-128 NO-JIRA Bump actions/cache from 4 to 5 (#219)
  • b9f37f9 SQSCANGHA-129 Fix the Analysis Processing team name in CODEOWNERS (#220)
  • a31c939 SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 (#218)
  • 40f5b61 SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 (#214)
  • 9bf7c12 SQSCANGHA-122 Include caveats for running SCA (#213)
  • ba6563c Update SonarScanner CLI to 7.3.0.5189 (#212)
  • 5ffbad4 SQSCANGHA-120 Bump actions/setup-node from 4 to 5 (#211)
  • See full diff in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps [SonarSource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 6.0.0 to 7.1.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](SonarSource/sonarqube-scan-action@fd88b7d...299e4b7)

---
updated-dependencies:
- dependency-name: SonarSource/sonarqube-scan-action
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code major labels Apr 21, 2026
@dependabot dependabot Bot requested review from a team as code owners April 21, 2026 15:09
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code major labels Apr 21, 2026
@github-actions github-actions Bot added comp:ci Github Actions Work size/xs labels Apr 21, 2026
@github-actions

Copy link
Copy Markdown
Contributor
Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 147.983782ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 79.440547ms

Benchmark Statistics

Name № Requests Avg Duration Min Duration Max Duration

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 411.701853ms
Throughput 242.89 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 41.725586747s
Average Latency 415.868322ms
Throughput 119.83 requests/second

@github-actions

Copy link
Copy Markdown
Contributor

⚠️ Govulncheck found vulnerabilities ⚠️

The following modules have known vulnerabilities:

  • examples
  • otdfctl
  • sdk
  • service
  • lib/fixtures
  • tests-bdd

See the workflow run for details.

@dependabot @github

dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #3705.

@dependabot dependabot Bot closed this Jul 1, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.1.0 branch July 1, 2026 17:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

comp:ci Github Actions Work dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code major size/xs

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants