Skip to content
This repository was archived by the owner on Jan 14, 2026. It is now read-only.

Refactor GitHub workflows and add semantic release configuration #44

Merged
neriberto merged 1 commit into from
Nov 26, 2025
Merged

Refactor GitHub workflows and add semantic release configuration #44

neriberto merged 1 commit into from
Nov 26, 2025

Conversation

@neriberto
Copy link
Contributor

@neriberto neriberto commented Nov 26, 2025

Refactor GitHub workflows and add semantic release configuration

@neriberto neriberto force-pushed the feature/workflows branch 2 times, most recently from d954fda to 78ffb8c Compare November 26, 2025 12:50
github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 26, 2025
View reviewed changes
.github/workflows/code-quality.yml Outdated
env:
GH_TOKEN: ${{ secrets.REPO_PAT != '' && secrets.REPO_PAT || github.token }}
run: |
PR_EXISTS=$(gh pr list --head "${{ steps.extract-branch.outputs.branch }}" --base ${{ inputs.pr_target_branch }} --json number --jq length)

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this workflow to not use user-controlled data directly in a run block. See more on SonarQube Cloud
.github/workflows/code-quality.yml Outdated
GH_TOKEN: ${{ github.token }}
run: |
gh pr create \
--title "🚀 Auto PR: ${{ steps.extract-branch.outputs.branch }} → ${{ inputs.pr_target_branch }}" \

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this workflow to not use user-controlled data directly in a run block. See more on SonarQube Cloud
.github/workflows/code-quality.yml Outdated

### Branch
- Source: \`${{ steps.extract-branch.outputs.branch }}\`
- Target: \`${{ inputs.pr_target_branch }}\`

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this workflow to not use user-controlled data directly in a run block. See more on SonarQube Cloud
.github/workflows/code-quality.yml Outdated

---
*This PR was created automatically by the Code Quality workflow.*" \
--base ${{ inputs.pr_target_branch }} \

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this workflow to not use user-controlled data directly in a run block. See more on SonarQube Cloud
.github/workflows/code-quality.yml Outdated
env:
GH_TOKEN: ${{ github.token }}
run: |
PR_NUMBER=$(gh pr list --head "${{ steps.extract-branch.outputs.branch }}" --base ${{ inputs.pr_target_branch }} --json number --jq '.[0].number')

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this workflow to not use user-controlled data directly in a run block. See more on SonarQube Cloud
@sonarqubecloud
Copy link

sonarqubecloud bot commented Nov 26, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@neriberto neriberto merged commit 9bc9347 into develop Nov 26, 2025
11 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@neriberto