Skip to content

BUILD-10765 Important: Update SonarSource/gh-action_release to v6#100

Closed
mikolaj-matuszny-ext-sonarsource wants to merge 1 commit intomasterfrom
feat/BUILD-10765/update-gh-action_release
Closed

BUILD-10765 Important: Update SonarSource/gh-action_release to v6#100
mikolaj-matuszny-ext-sonarsource wants to merge 1 commit intomasterfrom
feat/BUILD-10765/update-gh-action_release

Conversation

@mikolaj-matuszny-ext-sonarsource
Copy link
Copy Markdown
Contributor

@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource commented Apr 2, 2026
edited
Loading

Important: Update SonarSource/gh-action_release to v6 (6.5.0) for compliance with allowed versions.

See: https://discuss.sonarsource.com/t/action-required-update-your-github-actions-cache-release-and-releasability-before-10-04/23899/5

@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource requested a review from a team April 2, 2026 09:53
@hashicorp-vault-sonar-prod
Copy link
Copy Markdown

hashicorp-vault-sonar-prod Bot commented Apr 2, 2026
edited by atlassian Bot
Loading

BUILD-10765

@sonar-review-alpha
Copy link
Copy Markdown

sonar-review-alpha Bot commented Apr 2, 2026
edited
Loading

Summary

Updates the SonarSource/gh-action_release action from commit hash 6.4.0 to semantic tag v6 (6.5.0) in the release workflow. The change switches from pinning a specific commit to using the stable v6 tag, which allows for automatic updates to patch versions within the v6 line.

What reviewers should know

Review is straightforward: this is a one-line dependency update in .github/workflows/release.yml. The key detail is that the ref now points to the v6 tag instead of a commit hash, which is more maintainable but requires confidence that v6's release behavior is compatible with the current workflow (publishToPyPI and publishToTestPyPI flags). If your CI system has run this workflow with the new action, verify the release was successful.

  • Generate Walkthrough
  • Generate Diagram

🗣️ Give feedback

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 2, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues
0 New dependency risks

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

sonar-review-alpha[bot]
sonar-review-alpha Bot reviewed Apr 2, 2026
View reviewed changes
Copy link
Copy Markdown

@sonar-review-alpha sonar-review-alpha Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! ✅

🗣️ Give feedback

@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource changed the title BUILD-10765 Update SonarSource/gh-action_release to v6 BUILD-10765 Important: Update SonarSource/gh-action_release to v6 Apr 2, 2026
@mikolaj-matuszny-ext-sonarsource mikolaj-matuszny-ext-sonarsource deleted the feat/BUILD-10765/update-gh-action_release branch April 2, 2026 10:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sonar-review-alpha sonar-review-alpha[bot] sonar-review-alpha[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mikolaj-matuszny-ext-sonarsource