Regular PRs are analyzed properly, but PRs opened by Dependabot are not. I could not find any error in background tasks or anywhere else.
Using GitHub and GitHub Actions.
Thanks in advance for any help.
Hello @esasse,
Dependabot PRs will not be decorated due to the fact that they are triggered based on pull_request_target event instead of pull_request.
See related thread here: GitHub comments stopped working in GitHub action after switch to pull_request_target
Best,
Marcin
Thanks Marcin, but after reading the related thread, it’s not clear if it’s something I can resolve or if it’s not supported at all.
I’m using the workflow trigger as suggested by Sonar:
on:
push:
branches:
- master
pull_request:
types: [opened, synchronize, reopened]
Can you help me change it to trigger for Dependabot PRs as well?
Thanks!
Hey @esasse,
Just to clarify, I may have misunderstood. So the problem is that, the Dependabot PRs are not triggering the SonarCloud analysis (using the workflow suggested by Sonar)? Can you confirm it?
Best,
Marcin
Yes, that’s the problem.
Hi,
The issue solved? I’m having the same problem using Git Actions + SONAR Community.