Skip to content

JAVASE-200 Update GitHub Action to use version 7 for release workflow#86

Open
rombirli wants to merge 1 commit intomasterfrom
rombirli/gh-action-release-v7
Open

JAVASE-200 Update GitHub Action to use version 7 for release workflow#86
rombirli wants to merge 1 commit intomasterfrom
rombirli/gh-action-release-v7

Conversation

@rombirli
Copy link
Copy Markdown
Contributor

@rombirli rombirli commented May 5, 2026

No description provided.

@sonar-review-alpha
Copy link
Copy Markdown

sonar-review-alpha Bot commented May 5, 2026
edited
Loading

Summary

This PR upgrades the SonarSource/gh-action_release GitHub Action from version 6 to version 7 in the release workflow. This is a routine version bump for the action that handles Maven Central releases and binary publishing.

The change is minimal and focused — only the version tag is updated from @v6 to @v7 in .github/workflows/release.yml. All workflow inputs and configuration remain unchanged.

What reviewers should know

What to review:

  • Check the SonarSource/gh-action_release v7 release notes to confirm compatibility and understand any new features or fixes
  • Verify the workflow configuration (publishToBinaries, mavenCentralSync) still works with v7
  • No code changes in this repository — this is purely a dependency update

No gotchas: This is a straightforward action version bump with no complex dependencies or breaking changes evident from the diff.

  • Generate Walkthrough
  • Generate Diagram

🗣️ Give feedback

@hashicorp-vault-sonar-prod hashicorp-vault-sonar-prod Bot changed the title Update GitHub Action to use version 7 for release workflow JAVASE-200 Update GitHub Action to use version 7 for release workflow May 5, 2026
@hashicorp-vault-sonar-prod
Copy link
Copy Markdown
Contributor

hashicorp-vault-sonar-prod Bot commented May 5, 2026
edited by atlassian Bot
Loading

JAVASE-200

sonar-review-alpha[bot]
sonar-review-alpha Bot reviewed May 5, 2026
View reviewed changes
Copy link
Copy Markdown

@sonar-review-alpha sonar-review-alpha Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! ✅

Clean, minimal change. The rest of the workflow inputs (publishToBinaries, mavenCentralSync, slackChannel, version, releaseId, dryRun) and permissions (id-token: write, contents: write) are untouched.

  • Using a mutable semver tag (@v7) is consistent with every other SonarSource action in this repo — no codebase convention is violated.
  • No stale @v6 references to gh-action_release remain elsewhere in .github/workflows/.
  • The two release workflows (release.yml and automated-release.yml) use different upstream actions for genuinely different concerns — no logic duplication.

🗣️ Give feedback

@sonarqube-next
Copy link
Copy Markdown

sonarqube-next Bot commented May 5, 2026

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
0 Dependency risks
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sonar-review-alpha sonar-review-alpha[bot] sonar-review-alpha[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rombirli