chore(deps): update sonarsource/sonarqube-scan-action action to v8

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
sonarsource/sonarqube-scan-action	action	major	v7 → v8

---

Release Notes

sonarsource/sonarqube-scan-action (sonarsource/sonarqube-scan-action)

v8

Compare Source

v8.0

Compare Source

v8.0.0

Compare Source

What's Changed

Breaking change

• SQSCANGHA-145 Set skipSignatureVerification default value to false by @​antoine-vinot-sonarsource in SonarSource#241

Full Changelog: SonarSource/sonarqube-scan-action@v7...v8.0.0

v7.2.1

Compare Source

What's Changed

• SQSCANGHA-140 Set skipSignatureVerification default value to true to avoid breaking change by @​gmmcal in SonarSource#240

Full Changelog: SonarSource/sonarqube-scan-action@v7...v7.2.1

v7.2

Compare Source

v7.2.0

Compare Source

What's Changed

• SQSCANGHA-133 Upgrade the Node version used in UTs + contribution guide by @​claire-villard-sonarsource in SonarSource#226
• SC-45750 Migrate to dateless license headers by @​claire-villard-sonarsource in SonarSource#229
• SQSCANGHA-134 Upgrade the libraries to latest version by @​claire-villard-sonarsource in SonarSource#227
• SQSCANGHA-138 Update dist and add ci test by @​antoine-vinot-sonarsource in SonarSource#233
• SQSCANGHA-140 Add OpenPGP signature verification for scanner downloads by @​claire-villard-sonarsource in SonarSource#235

Full Changelog: SonarSource/sonarqube-scan-action@v7...v7.2.0

v7.1

Compare Source

v7.1.0

Compare Source

What's Changed

• SQSCANGHA-128 NO-JIRA Bump actions/cache from 4 to 5 by @​dependabot[bot] in SonarSource#219
• SQSCANGHA-130 Bump rollup from 4.50.1 to 4.59.0 by @​dependabot[bot] in SonarSource#221
• SQSCANGHA-131 Bump picomatch from 4.0.3 to 4.0.4 by @​dependabot[bot] in SonarSource#223
• SQSCANGHA-132 Upgrade Node to 24 by @​claire-villard-sonarsource in SonarSource#224

Full Changelog: SonarSource/sonarqube-scan-action@v7...v7.1.0

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • "before 9am"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

.github/workflows/ci.yaml

Package	Version	License	Issue Type
sonarsource/sonarqube-scan-action	8.*.*	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
actions/sonarsource/sonarqube-scan-action	8.*.*	Unknown	Unknown

Scanned Files

• .github/workflows/ci.yaml

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (e2240a9) to head (cbc68b9).

Additional details and impacted files

@@            Coverage Diff            @@
##              main      #182   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            8         8           
  Lines          231       231           
=========================================
  Hits           231       231           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud