Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Removed Github token from Sonarqube configuration #81

Merged
merged 1 commit into from
Jan 13, 2025
Merged

Removed Github token from Sonarqube configuration #81

merged 1 commit into from
Jan 13, 2025

Conversation

mandreko-bitwarden
Copy link
Contributor

🎟️ Tracking

https://bitwarden.atlassian.net/browse/VULN-126

📔 Objective

Part of the upgrade of the SonarQube GitHub Action. During review, @withinfocus identified that the GitHub token in many scan.yml files was automatically available to the action, and did not need to be specified. This is a cleanup of that finding.

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

@mandreko-bitwarden mandreko-bitwarden requested review from a team as code owners January 13, 2025 21:51
@codecov Codecov
Copy link

codecov bot commented Jan 13, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 37.06%. Comparing base (385b522) to head (54a5e77).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main      #81   +/-   ##
=======================================
  Coverage   37.06%   37.06%           
=======================================
  Files          37       37           
  Lines        1071     1071           
  Branches       91       91           
=======================================
  Hits          397      397           
  Misses        642      642           
  Partials       32       32

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@github-actions GitHub Actions
Copy link
Contributor

Logo
Checkmarx One – Scan Summary & Details2394a394-be20-4fec-8014-c1125b75ce27

Great job, no security vulnerabilities found in this Pull Request

@mandreko-bitwarden mandreko-bitwarden merged commit f13e4bd into main Jan 13, 2025
10 checks passed
@mandreko-bitwarden mandreko-bitwarden deleted the sonarqube-remove-github-token branch January 13, 2025 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@withinfocus withinfocus withinfocus approved these changes

@coroiu coroiu Awaiting requested review from coroiu coroiu is a code owner automatically assigned from bitwarden/team-platform-dev

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mandreko-bitwarden @withinfocus