Upgrade: [dependabot] - bump SonarSource/sonarqube-scan-action from 6.0.0 to 7.0.0#133

Merged

github-actions[bot] merged 1 commit intomainfrom

dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0

Feb 27, 2026

Contributor

dependabot bot commented on behalf of github Feb 11, 2026 •

edited

Loading

Bumps SonarSource/sonarqube-scan-action from 6.0.0 to 7.0.0.

Release notes

Sourced from SonarSource/sonarqube-scan-action's releases.

v7.0.0

What's Changed

SQSCANGHA-120 NO-JIRA Bump actions/setup-node from 4 to 5 by @dependabot[bot] in SonarSource/sonarqube-scan-action#211

Update SonarScanner CLI to 7.3.0.5189 by @github-actions[bot] in SonarSource/sonarqube-scan-action#212

SQSCANGHA-122 Include caveats for running SCA by @subdavis in SonarSource/sonarqube-scan-action#213

SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 by @dependabot[bot] in SonarSource/sonarqube-scan-action#214

SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 by @github-actions[bot] in SonarSource/sonarqube-scan-action#218

New Contributors

@subdavis made their first contribution in SonarSource/sonarqube-scan-action#213

Full Changelog: SonarSource/sonarqube-scan-action@v6.0.0...v7.0.0

Commits

a31c939 SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 (#218)
40f5b61 SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 (#214)
9bf7c12 SQSCANGHA-122 Include caveats for running SCA (#213)
ba6563c Update SonarScanner CLI to 7.3.0.5189 (#212)
5ffbad4 SQSCANGHA-120 Bump actions/setup-node from 4 to 5 (#211)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot bot added dependencies github_actions labels

dependabot bot requested a review from a team as a code owner

February 11, 2026 11:15

dependabot bot added dependencies github_actions labels

Contributor

github-actions bot commented Feb 11, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from d4cbe65 to 6b3aa98 Compare

February 20, 2026 11:14

Contributor

github-actions bot commented Feb 20, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 6b3aa98 to 49d62c4 Compare

February 23, 2026 12:05

dependabot bot had a problem deploying to dev

February 23, 2026 12:05

Failure

Contributor

github-actions bot commented Feb 23, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 49d62c4 to 84a6329 Compare

February 24, 2026 14:43

Contributor

github-actions bot commented Feb 24, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 84a6329 to 36e4705 Compare

February 24, 2026 16:08

Contributor

github-actions bot commented Feb 24, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 36e4705 to 73d4794 Compare

February 25, 2026 15:28

Contributor

github-actions bot commented Feb 25, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

Contributor

eddalmond1 commented Feb 26, 2026

@dependabot recreate

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 73d4794 to 5b7da4a Compare

February 26, 2026 11:19

Contributor

github-actions bot commented Feb 26, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot had a problem deploying to dev

February 26, 2026 11:19

Failure

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 5b7da4a to f1f40bf Compare

February 26, 2026 15:41

dependabot bot had a problem deploying to dev

February 26, 2026 15:41

Failure

Contributor

github-actions bot commented Feb 26, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from f1f40bf to f9080dd Compare

February 26, 2026 16:24

Contributor

github-actions bot commented Feb 26, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from f9080dd to 9336206 Compare

February 27, 2026 10:29

dependabot bot temporarily deployed to dev

February 27, 2026 10:29

Inactive

Contributor

github-actions bot commented Feb 27, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

Contributor

eddalmond1 commented Feb 27, 2026

@dependabot rebase

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 9336206 to dfe5156 Compare

February 27, 2026 10:40

dependabot bot temporarily deployed to dev

February 27, 2026 10:40

Inactive

Contributor

github-actions bot commented Feb 27, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from dfe5156 to 28a784f Compare

February 27, 2026 15:44

Contributor

github-actions bot commented Feb 27, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

github-actions bot added the requires-manual-qa label

github-actions bot enabled auto-merge (squash)

February 27, 2026 15:44

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 28a784f to 327cb43 Compare

February 27, 2026 15:49

Contributor

github-actions bot commented Feb 27, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

Contributor

eddalmond1 commented Feb 27, 2026

@dependabot recreate

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 327cb43 to c18bf60 Compare

February 27, 2026 16:04

Contributor

github-actions bot commented Feb 27, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from c18bf60 to 06a9ad9 Compare

February 27, 2026 16:36

Contributor

github-actions bot commented Feb 27, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 06a9ad9 to 1f975f4 Compare

February 27, 2026 16:41

Contributor

github-actions bot commented Feb 27, 2026

I'm not approving this PR because it includes a major update of a dependency used in production


          Upgrade: [dependabot] - bump SonarSource/sonarqube-scan-action

e5adb24

Bumps [SonarSource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 6.0.0 to 7.0.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](SonarSource/sonarqube-scan-action@fd88b7d...a31c939)

---
updated-dependencies:
- dependency-name: SonarSource/sonarqube-scan-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot force-pushed the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch from 1f975f4 to e5adb24 Compare

February 27, 2026 16:50

dependabot bot temporarily deployed to dev

February 27, 2026 16:50

Inactive

Contributor

github-actions bot commented Feb 27, 2026

I'm not approving this PR because it includes a major update of a dependency used in production

eddalmond1 approved these changes

View reviewed changes

github-actions bot merged commit 1f24c38 into main

7 checks passed

github-actions bot deleted the dependabot/github_actions/SonarSource/sonarqube-scan-action-7.0.0 branch

February 27, 2026 16:54

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies github_actions requires-manual-qa