Skip to content

v5.3.1

Marketplace
Marketplace

Choose a tag to compare

View all tags
@aleksandra-bozhinoska-sonarsource aleksandra-bozhinoska-sonarsource released this 29 Aug 15:16
· 22 commits to master since this release
v5.3.1
1a6d90e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

OVERLOOKED BREAKING CHANGE!

In order to prevent command-line injection, the way to parse the args input has been changed, but this is possibly a breaking change regarding support of quotes.

For example, if you were previously passing:

- uses: SonarSource/sonarqube-scan-action@<action version>
  with:
    args: >
      -Dsonar.projectName="My Project"

you should now pass:

- uses: SonarSource/sonarqube-scan-action@<action version>
  with:
    args: >
      "-Dsonar.projectName=My Project"

Edit: We have now released v6 that more accurately reflect this breaking change.

What's Changed

New Contributors

Full Changelog: v5...v5.3.1

Contributors

daantimmer and aleksandra-bozhinoska-sonarsource
Assets 2
Loading