Skip to content

BUILD-10724 fix host paths #237

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
julien-carsique-sonarsource merged 1 commit into from
Mar 25, 2026
+5 −14

BUILD-10724 fix host paths

ecf0776
Select commit
Loading
Failed to load commit list.
Merged

BUILD-10724 fix host paths #237

BUILD-10724 fix host paths
ecf0776
Select commit
Loading
Failed to load commit list.
SonarQubeCloud / SonarCloud Code Analysis succeeded Mar 25, 2026 in 32s

Quality Gate passed

Issues
0 New issues
5 Accepted issues
0 Dependency risks

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Annotations

Check failure on line 45 in config-pip/action.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.host-actions-root is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this action to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=SonarSource_ci-github-actions&issues=AZ0mIN0_goHiKX6ZH4wV&open=AZ0mIN0_goHiKX6ZH4wV&pullRequest=237

Check failure on line 24 in get-build-number/action.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.host-actions-root is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this action to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=SonarSource_ci-github-actions&issues=AZ0mIN1cgoHiKX6ZH4wX&open=AZ0mIN1cgoHiKX6ZH4wX&pullRequest=237

Check failure on line 59 in config-maven/action.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.host-actions-root is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this action to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=SonarSource_ci-github-actions&issues=AZ0mIN00goHiKX6ZH4wU&open=AZ0mIN00goHiKX6ZH4wU&pullRequest=237

Check failure on line 61 in config-npm/action.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.host-actions-root is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this action to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=SonarSource_ci-github-actions&issues=AZ0mINxjgoHiKX6ZH4wT&open=AZ0mINxjgoHiKX6ZH4wT&pullRequest=237

Check failure on line 58 in config-gradle/action.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.host-actions-root is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this action to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=SonarSource_ci-github-actions&issues=AZ0mIN1JgoHiKX6ZH4wW&open=AZ0mIN1JgoHiKX6ZH4wW&pullRequest=237
View more details on SonarQubeCloud