Skip to content

*: release actions improvements #4492

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
KaloyanTanev merged 2 commits into from
Apr 24, 2026
+205 −42

Add option to do patch of an older minor

6518479
Select commit
Loading
Failed to load commit list.
Merged

*: release actions improvements #4492

Add option to do patch of an older minor
6518479
Select commit
Loading
Failed to load commit list.
SonarQubeCloud / SonarCloud Code Analysis failed Apr 23, 2026 in 21s

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Annotations

Check failure on line 52 in .github/workflows/patch-release-step3.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.target_minor is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=ObolNetwork_charon&issues=AZ26DE7Z3CJrm6sXnUC-&open=AZ26DE7Z3CJrm6sXnUC-&pullRequest=4492

Check failure on line 52 in .github/workflows/patch-release-step2.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.target_minor is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=ObolNetwork_charon&issues=AZ26DE9-3CJrm6sXnUC_&open=AZ26DE9-3CJrm6sXnUC_&pullRequest=4492

Check failure on line 63 in .github/workflows/patch-release-step4.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.target_minor is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=ObolNetwork_charon&issues=AZ26DE-e3CJrm6sXnUDB&open=AZ26DE-e3CJrm6sXnUDB&pullRequest=4492

Check failure on line 53 in .github/workflows/patch-release-step1.yml

See this annotation in the file changed.

@sonarqubecloud sonarqubecloud / SonarCloud Code Analysis

inputs.target_minor is vulnerable to script injection: values of inputs are provided by whoever triggers the workflow. Change this workflow to not use user-controlled data directly in a run block, for example by assigning this expression to an environment variable. 

See more on https://sonarcloud.io/project/issues?id=ObolNetwork_charon&issues=AZ26DE-O3CJrm6sXnUDA&open=AZ26DE-O3CJrm6sXnUDA&pullRequest=4492
View more details on SonarQubeCloud