Bump [email protected], [email protected], [email protected]

.github/workflows/master.yml

@@ -10,7 +10,6 @@ jobs:
   build-test:
     name: Build & Test
     runs-on: ubuntu-latest
-    if: "! contains(toJSON(github.event.commits.*.message), '[skip ci]')"
     concurrency: ci-${{ github.ref }}
 
     steps:
@@ -40,6 +39,7 @@ jobs:
         uses: sonarsource/[email protected]
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        if: env.SONAR_TOKEN != ''
 
   docker:
     name: Publish Docker Image

.github/workflows/sonar.yml

@@ -0,0 +1,62 @@
+name: Manual SonarCloud Analysis
+
+on:
+  workflow_dispatch:
+    inputs:
+      pr_id:
+        description: 'Pull Request ID to analyze'
+        required: true
+        type: string
+
+jobs:
+  sonar-analysis:
+    name: SonarCloud Analysis for PR
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Get PR details
+        id: pr
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const pr = await github.rest.pulls.get({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: ${{ inputs.pr_id }}
+            });
+            core.setOutput('head_ref', pr.data.head.ref);
+            core.setOutput('base_ref', pr.data.base.ref);
+            core.setOutput('head_sha', pr.data.head.sha);
+
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ steps.pr.outputs.head_sha }}
+          fetch-depth: 0
+
+      - name: Set up Python 3.13
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.13"
+
+      - name: Install dependencies
+        run: |
+          pip install pipenv
+          pipenv install --dev
+
+      - name: Test
+        run: pipenv run pytest -v --cov=./ --cov-report xml
+
+      - name: Fix code coverage path
+        working-directory: ./
+        run: sed -i 's@'$GITHUB_WORKSPACE'@/github/workspace/@g' coverage.xml
+
+      - name: SonarCloud Scan
+        uses: sonarsource/[email protected]
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        if: env.SONAR_TOKEN != ''
+        with:
+          args: >
+            -Dsonar.pullrequest.key=${{ inputs.pr_id }}
+            -Dsonar.pullrequest.branch=${{ steps.pr.outputs.head_ref }}
+            -Dsonar.pullrequest.base=${{ steps.pr.outputs.base_ref }}

Pipfile

@@ -7,10 +7,10 @@ name = "pypi"
 slack-bolt = "==1.23.0"
 python-dotenv = "==1.1.1"
 gunicorn = "==23.0.0"
-flask = "==3.1.1"
-requests = "==2.32.4"
+flask = "==3.1.2"
+requests = "==2.32.5"
 pyjwt = "==2.10.1"
-gql = "==3.5.3"
+gql = "==4.0.0"
 
 # Managed dependencies and security patches
 requests-toolbelt = "==1.0.0"