SonarSource · GabrielFleischer · Nov 11, 2025 · Nov 10, 2025 · Nov 10, 2025
diff --git a/.cirrus.star b/.cirrus.star
diff --git a/.cirrus.yml b/.cirrus.yml
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -22,23 +22,24 @@ jobs:
       id-token: write
       contents: write
     outputs:
-      build-number: ${{ steps.build-maven.outputs.BUILD_NUMBER }}
+      build-number: ${{ steps.build-step.outputs.BUILD_NUMBER }}
+      deployed: ${{ steps.build-step.outputs.deployed }}
     steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - uses: jdx/mise-action@d6e32c1796099e0f1f3ac741c220a8b7eae9e5dd # v3.2.0
         with:
           version: 2025.7.12
       - uses: SonarSource/ci-github-actions/build-maven@v1
-        id: build-maven
+        id: build-step
         with:
           deploy-pull-request: true
           artifactory-reader-role: private-reader    # Override default public-reader
           artifactory-deployer-role: qa-deployer     # Override default public-deployer
 
   qa:
     needs: [build]
+    if: ${{ needs.build.outputs.deployed }}
     runs-on: github-ubuntu-latest-l
-    if: github.event_name != 'pull_request' || (github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]')
     permissions:
       id-token: write
     strategy:
@@ -49,6 +50,8 @@ jobs:
           - { name: "for SonarQube Project Only", profile: "only-sonarqube-project", java_plugin_version: "LATEST_MASTER" }
           - { name: "with Prod SonarJava Plugin", profile: "without-sonarqube-project", java_plugin_version: "POM_PROPERTY" }
     name: "QA Tests ${{ matrix.item.name }}"
+    env:
+      BUILD_NUMBER: ${{ needs.build.outputs.build-number }}
     steps:
       - name: Checkout repository
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
@@ -101,17 +104,15 @@ jobs:
 
   promote:
     name: Promote
-    needs: [build, qa]
+    if: ${{ needs.build.outputs.deployed }}
+    needs:
+      - build
+      - qa
     runs-on: github-ubuntu-latest-s
-    if: github.event_name != 'pull_request' || (github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]')
     permissions:
       id-token: write
+    env:
+      BUILD_NUMBER: ${{ needs.build.outputs.build-number }}
     steps:
-      - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: jdx/mise-action@d6e32c1796099e0f1f3ac741c220a8b7eae9e5dd # v3.2.0
-        with:
-          cache_save: false
-          version: 2025.7.12
       - name: Promote artifacts
         uses: SonarSource/ci-github-actions/promote@v1
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-Sonar Java symbolic execution plugin  [![Build Status](https://api.cirrus-ci.com/github/SonarSource/sonar-java-symbolic-execution.svg?branch=master)](https://cirrus-ci.com/github/SonarSource/sonar-java) [![Quality Gate](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=org.sonarsource.java%3Asonar-java-symbolic-execution&metric=alert_status)](https://next.sonarqube.com/sonarqube/dashboard?id=org.sonarsource.java%3Asonar-java-symbolic-execution) [![Coverage](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=org.sonarsource.java%3Asonar-java-symbolic-execution&metric=coverage)](https://next.sonarqube.com/sonarqube/component_measures/domain/Coverage?id=org.sonarsource.java%3Asonar-java-symbolic-execution)
+Sonar Java symbolic execution plugin  [![Build Status](https://github.com/SonarSource/sonar-java-symbolic-execution/actions/workflows/build.yml/badge.svg?branch=master)](https://github.com/SonarSource/sonar-java-symbolic-execution/actions/workflows/build.yml) [![Quality Gate](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=org.sonarsource.java%3Asonar-java-symbolic-execution&metric=alert_status)](https://next.sonarqube.com/sonarqube/dashboard?id=org.sonarsource.java%3Asonar-java-symbolic-execution) [![Coverage](https://next.sonarqube.com/sonarqube/api/project_badges/measure?project=org.sonarsource.java%3Asonar-java-symbolic-execution&metric=coverage)](https://next.sonarqube.com/sonarqube/component_measures/domain/Coverage?id=org.sonarsource.java%3Asonar-java-symbolic-execution)
 ==========
 
 This SonarSource project is a plugin designed for advanced bug detection in Java projects, helping developers write [Clean Code](https://www.sonarsource.com/solutions/clean-code/).

diff --git a/pom.xml b/pom.xml
@@ -64,8 +64,8 @@
     <url>https://jira.sonarsource.com/browse/JAVASE</url>
   </issueManagement>
   <ciManagement>
-    <system>Cirrus CI</system>
-    <url>https://cirrus-ci.com/github/SonarSource/sonar-java-symbolic-execution</url>
+    <system>GitHub Actions</system>
+    <url>https://github.com/SonarSource/sonar-java-symbolic-execution/actions/workflows/build.yml</url>
   </ciManagement>
 
   <properties>

diff --git a/shadow-scan-and-issue-replication.sh b/shadow-scan-and-issue-replication.sh