QA Main action

SQSCANGHA-134 Upgrade the libraries to latest version #266

Triggered via pull request April 8, 2026 08:52

claire-villard-sonarsource

opened #227

claire/upgrade-libs

Status Success

Total duration 3m 55s

Artifacts –

qa-main.yml

on: pull_request

'scannerVersion' input

'scannerBinariesUrl' input with invalid URL

33s

'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command

36s

'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command

53s

Don't fail on Gradle project

Don't fail on Kotlin Gradle project

Don't fail on Maven project

runAnalysisTest

1m 41s

runAnalysisWithCacheTest

1m 41s

curl performs redirect when scannerBinariesUrl returns 3xx

36s

Analysis takes into account 'SONAR_ROOT_CERT'

1m 37s

truststore.p12 is updated when present

14s

'scannerVersion' input validation

Matrix: 'args' input with command injection will fail

Matrix: 'args' input

Matrix: 'args' input with backticks injection does not execute command

Matrix: 'args' input with dollar command injection does not execute command

Matrix: No inputs

Matrix: 'args' input with other command injection variants does not execute command

Matrix: 'SONARCLOUD_URL' is used

Matrix: 'projectBaseDir' input

Matrix: 'RUNNER_DEBUG' is used

Matrix: 'SONAR_ROOT_CERT' is converted to truststore

Annotations

12 errors and 48 warnings

'args' input with command injection will fail (macos-latest, -Dsonar.someArg=aValue && echo "Inje...

Action failed: The process '/Users/runner/hostedtoolcache/sonar-scanner-cli/8.0.1.6346/macosx-aarch64/bin/sonar-scanner' failed with exit code 1

'args' input with command injection will fail (macos-latest, -Dsonar.someArg="value\"; whoami; ec...

Action failed: The process '/Users/runner/hostedtoolcache/sonar-scanner-cli/8.0.1.6346/macosx-aarch64/bin/sonar-scanner' failed with exit code 1

'scannerVersion' input validation

Sanity checks failed: Invalid scannerVersion format. Expected format: x.y.z.w (e.g., 7.1.0.4889)

'scannerBinariesUrl' is escaped with curl so special chars are not injected in the download command

Action failed: Invalid URL

'args' input with command injection will fail (github-ubuntu-latest-s, -Dsonar.someArg="value\"; ...

Action failed: The process '/opt/hostedtoolcache/sonar-scanner-cli/8.0.1.6346/linux-x64/bin/sonar-scanner' failed with exit code 1

'args' input with command injection will fail (github-ubuntu-latest-s, -Dsonar.someArg=aValue && ...

Action failed: The process '/opt/hostedtoolcache/sonar-scanner-cli/8.0.1.6346/linux-x64/bin/sonar-scanner' failed with exit code 1

'scannerBinariesUrl' is escaped with wget so special chars are not injected in the download command

Action failed: Invalid URL

'scannerBinariesUrl' input with invalid URL

Action failed: getaddrinfo EAI_AGAIN invalid_uri

Analysis takes into account 'SONAR_ROOT_CERT'

Action failed: The process '/opt/hostedtoolcache/sonar-scanner-cli/8.0.1.6346/linux-x64/bin/sonar-scanner' failed with exit code 1

Analysis takes into account 'SONAR_ROOT_CERT'

Action failed: The process '/opt/hostedtoolcache/sonar-scanner-cli/8.0.1.6346/linux-x64/jre/bin/java' failed with exit code 1

'args' input with command injection will fail (github-windows-latest-s, -Dsonar.someArg="value\";...

Action failed: The process 'C:\hostedtoolcache\windows\sonar-scanner-cli\8.0.1.6346\windows-x64\bin\sonar-scanner.bat' failed with exit code 1

'args' input with command injection will fail (github-windows-latest-s, -Dsonar.someArg=aValue &&...

Action failed: The process 'C:\hostedtoolcache\windows\sonar-scanner-cli\8.0.1.6346\windows-x64\bin\sonar-scanner.bat' failed with exit code 1

'args' input with dollar command injection does not execute command (github-ubuntu-latest-s)