Releases: SonarSource/ci-github-actions
Releases · SonarSource/ci-github-actions
1.6.0
Immutable
release. Only release title and notes can be modified.
What's Changed
New Features
- BUILD-11310 Add
report-ci-metricsaction by @mikolaj-matuszny-ext-sonarsource in #298
Improvements
- BUILD-11310 Sentinel-wrap job-metrics stdout for log recovery by @mikolaj-matuszny-ext-sonarsource in #297
- BUILD-11563: Report actionable diagnosis when SCA check times out by @bwalsh434 in #291
- BUILD-11589 Bump
gh-action_cacheto v1.7.0 by @julien-carsique-sonarsource in #302
Bug Fixes
Full Changelog: 1.5.4...1.6.0
Contributors
matemoln, bwalsh434, and 2 other contributors
Assets 3
1.5.4
Immutable
release. Only release title and notes can be modified.
What's Changed
Improvements
- BUILD-11444 Replace decision file gate with
CI_METRICS_ENABLEDenv var by @julien-carsique-sonarsource in #286 - BUILD-11553 Avoid workspace pollution in CI actions by @matemoln in #287
Full Changelog: 1.5.3...1.5.4
Contributors
matemoln and julien-carsique-sonarsource
Assets 3
1.5.3
Immutable
release. Only release title and notes can be modified.
What's Changed
Bug Fixes
- PREQ-6264: Add Gradle wrapper download retries in
config-gradleby @tomverin in #288 - BUILD-11521: Use conditional vault URL when
repox-urlcontainsdev.sonar.buildby @julien-carsique-sonarsource in #284
Improvements
- BUILD-11509: Redesign CI metrics step summary by @mikolaj-matuszny-ext-sonarsource in #290
- BUILD-11470: Use snake_case keys in cache JSON metrics by @julien-carsique-sonarsource in #289
Documentation
- BUILD-11521: Remove
repox-artifactory-urlfrom README by @julien-carsique-sonarsource in #285
config-gradle now patches gradle/wrapper/gradle-wrapper.properties at CI runtime (networkTimeout=60000, retries=3, retryBackOffMs=1000) to mitigate flaky Gradle distribution downloads. Consumers on @v1 pick this up once the v1 branch is updated.
Full Changelog: 1.5.2...1.5.3
Contributors
tomverin, julien-carsique-sonarsource, and mikolaj-matuszny-ext-sonarsource
Assets 3
1.5.2
Immutable
release. Only release title and notes can be modified.
What's Changed
Bug fixes
- BUILD-11460: Disable caching on release channel pointer in S3 by @jayadeep-km-sonarsource in #283
Full Changelog: 1.5.1...1.5.2
Contributors
jayadeep-km-sonarsource
Assets 3
1.5.1
Immutable
release. Only release title and notes can be modified.
What's Changed
Documentation
- BUILD-11462 Add README for
update-release-channelaction by @jayadeep-km-sonarsource in #277
Full Changelog: 1.5.0...1.5.1
Contributors
jayadeep-km-sonarsource
Assets 3
1.5.0
Immutable
release. Only release title and notes can be modified.
What's Changed
New Features
- BUILD-11298 Add CI metrics job-completed hook for self-hosted runners by @matemoln in #270
- BUILD-11458 Add release channel pointer JSON schema by @jayadeep-km-sonarsource in #272
- BUILD-11459 Add
update-release-channelcomposite action by @jayadeep-km-sonarsource in #273 - BUILD-11460 Implement
write_channel.shlogic and ShellSpec tests by @jayadeep-km-sonarsource in #274 - BUILD-11461 Add integration test workflow for
update-release-channelby @jayadeep-km-sonarsource in #276
Improvements
- BUILD-11460 Write S3 body via tempfile instead of
/dev/stdinby @jayadeep-km-sonarsource in #275 - BUILD-10781 Bump
gh-action_cacheto v1.6.0 (Node 24 runtime) by @jayadeep-km-sonarsource in #278
Full Changelog: 1.4.1...1.5.0
Contributors
matemoln and jayadeep-km-sonarsource
Assets 3
1.4.1
Immutable
release. Only release title and notes can be modified.
What's Changed
Bug Fixes
Improvements to the check-sca reusable workflow
- PREQ-5738: Adds maven-style project key extraction to check-sca by @bwalsh434 in #255
- BUILD-11393: Fix check-sca failures caused by local-ref by @bwalsh434 in #258
- PREQ-5794 Fix check-sca Gradle Kotlin DSL projectKey parsing by @SamirM-BE in #254
- PREQ-5827 fix(check-sca): declare
environment: devon verify-sca job by @axel-driowya-sonar in #259 - BUILD-11405: Changes the environment tag associated with the SCA Check by @bwalsh434 in #260
- BUILD-11394: Adds checking for manual setting of the SQ Project Key on check-sca by @bwalsh434 in #261
- BUILD-11438: Make SCA check look for issues on master, main, and active PR branches by @bwalsh434 in #268
Maintenance
- BUILD-10835 Use warp-custom-ubuntu-24-04 instead of github-ubuntu-latest-s by @hedinasr in #252
- BUILD-10835 Remove slack_notify reusable workflow by @hedinasr in #253
- BUILD-11388: Change pre-commit hook to koalaman/shellcheck-precommit by @bwalsh434 in #256
- Update dependency mise to 2026.5.9 by @renovate[bot] in #264
- Pin dependencies - gh-action_cache v1.5.0 by @renovate[bot] in #263
- Update GitHub actions (major) by @renovate[bot] in #111
New Contributors
- @axel-driowya-sonar made their first contribution in #259
Full Changelog: 1.4.0...1.4.1
Contributors
renovate, matemoln, and 4 other contributors
Assets 3
1.4.0
Immutable
release. Only release title and notes can be modified.
What's Changed
Documentation
- BUILD-11270: Add README for check-sca action by @bwalsh434 in #251
Full Changelog: 1.3.35...1.4.0
Contributors
bwalsh434
Assets 3
1.3.35
Immutable
release. Only release title and notes can be modified.
What's Changed
New Features
- BUILD-11091: Adds check-sca action for enforcing that SCA is active by @bwalsh434 in #247
Improvements
- PREQ-5529 Update default maven scanner to version 5.6.0.6792 by @dorian-burihabwa-sonarsource in #250
Bug Fixes
- BUILD-10827: make config-npm skip path safe from template parsing error by @tomverin in #246
- BUILD-11091: Fix vault path in downstream repos for check-sca by changing trigger to pull_request by @bwalsh434 in #248
- PREQ-5497: Bump mise to 2026.4.23 to fix jfrog-cli registry lookup by @tomverin in #249
Full Changelog: 1.3.34...1.3.35
Contributors
tomverin, bwalsh434, and dorian-burihabwa-sonarsource
Assets 3
1.3.34
Immutable
release. Only release title and notes can be modified.
Contributors
renovate