SonarQube Community to GitHub Security Tab (SARIF)

Version updated for https://github.com/vmvarela/sonarqube-ce-sarif-action to version v1.0.0.

• This action is used across all versions by ? repositories.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

This GitHub Action integrates SonarQube Community Edition (CE) with GitHub by converting SonarQube analysis results into SARIF format, enabling PR decoration, inline annotations, and integration with the GitHub Security Tab. It automates the process of surfacing SonarQube issues within GitHub’s user interface, providing developers with actionable insights directly in pull requests, check summaries, and the Security Tab. By bridging the gap between SonarQube CE and GitHub, the action eliminates the need for manual context switching and enhances code review workflows.

Release notes

What’s Changed

New Features

• fix: improve security and stability by @vmvarela in https://github.com/vmvarela/sonarqube-ce-sarif-action/pull/16

Full Changelog: https://github.com/vmvarela/sonarqube-ce-sarif-action/compare/v0...v1.0.0

• vmvarela
• GitHub Actions