I have attempted to modify a rule default values, but the warning keeps getting triggered even though it shouldn’t.
The specific rule is githubactions:S7637 … I have changed it from the default value of trustedPrefixes:./,actions/,github/ to trustedPrefixes:./,actions/,github/,LizardByte/
I have set the profile to the default and it applies to all projects.
But it seems that no matter what, it keeps flagging this.
Colin
October 13, 2025, 2:01pm
2
Hey there.
Thanks for the report. This was already reported here:
Hi @andyn-ff Thank you for your report and welcome to the community!
I created a ticket Jira and quickly fixed it. It will be available in SonarQube Cloud in few days, depends on when we release our analyzer.
In the meantime please change MyOrgName/ in trustedPrefixes to lowercase: myorgname/. The actions are case insensitive and the issue was in the way how we split trustedPrefixes (the String.lowecase() call was missing).
Best
Marcin
And a fix should be deployed on SonarQube Cloud relatively soon.
system
October 20, 2025, 2:01pm
3
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
