Dear SonarCloud team,
The sonarcloud-github-action GitHub Action’s v2.1.1 has been released using an unsigned tag
, which is against security best practices. Are there plans to enforce this in the future?
Best regards,
Nicolas AS
, which is against security best practices. Are there plans to enforce this in the future?
1 Like
Hi,
Thanks for letting us know. I’ve pushed a new signed tag.
1 Like
Thank you,
Best regards