Thanks for the links to the PR!
I see you are trying to analyze the PR from a fork. This feature is currently not supported for CI-based analysis, only for automatic analysis.
It’s already identified on our side, but not planned (some links to follow the progress are on this other thread). You can also vote on that issue: SonarCloud analyzes external Pull Request - SonarCloud | Product Roadmap
@Claire_Villard
Okay no when I create a PR from a branch inside the repo it works, sonar cube could upload the report.
And really zero vulnerabilities? Can’t believe it.
However, can you tell me how I can prevent this specific job running, when I got a PR from a fork?
TBH, I don’t know, this is related to Github workflows and not to SonarSource products, and I never tried that so I can’t help.
I found that forum post that gives solutions to a similar problem, maybe it could help.