Sonarcloud-github-action@2.1.1 has been released with unsigned tag

Dear SonarCloud team,

The sonarcloud-github-action GitHub Action’s v2.1.1 has been released using an unsigned tag

, which is against security best practices. Are there plans to enforce this in the future?

Best regards,

Nicolas AS

1 Like

Thanks for letting us know. I’ve pushed a new signed tag.

1 Like

Thank you,

Best regards