Enabled SonarQube scanning for PRs #362

mandreko-bitwarden · 2025-02-05T19:02:26Z

🎟️ Tracking

This is to enable SonarQube scanning in PRs, and not just the main/master branches.

Contributor guidelines followed
All formatters and local linters executed and passed
Written new unit and / or integration tests where applicable
Protected functional changes with optionality (feature flags)
Used internationalization (i18n) for all UI strings
CI builds passed
Communicated to DevOps any deployment requirements
Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

👍 (:+1:) or similar for great changes
📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
❓ (:question:) for questions
🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
🎨 (:art:) for suggestions / improvements
❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
⛏ (:pick:) for minor or nitpick changes

github-actions · 2025-02-05T19:23:51Z

Checkmarx One – Scan Summary & Details – 8e63bea5-95be-47eb-865f-d8d839b6518d

New Issues (1)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2025-22150	Npm-undici-5.28.2	Vulnerable Package

Modified Scan workflow to contain PR number during a PR

84aeffd

mandreko-bitwarden requested a review from a team as a code owner February 5, 2025 19:02

mandreko-bitwarden self-assigned this Feb 10, 2025

vgrassia approved these changes Feb 19, 2025

View reviewed changes

mandreko-bitwarden merged commit 2368046 into main Feb 19, 2025
5 checks passed

mandreko-bitwarden deleted the sonar-pr-scanning branch February 19, 2025 21:29