From e940b503d9a618352ad86d016ca62fc1d4d2b7a4 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 20 Jan 2025 13:15:51 +0000
Subject: [PATCH 1/2] chore(deps): update sonarsource/sonarcloud-github-c-cpp
 action to v3.2.0

---
 .github/workflows/sonarcloud.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
index 42fb85c..1007789 100644
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@@ -41,7 +41,7 @@ jobs:
         run: npm ci --ignore-scripts
 
       - name: Install SonarCloud Scan for C and C++
-        uses: SonarSource/sonarcloud-github-c-cpp@816b1822d71776ee0d32bc012e95024ec52ac1fc # v3.1.0
+        uses: SonarSource/sonarcloud-github-c-cpp@44cc4d3d487fbc35e5c29b0a9d717be218d3a0e8 # v3.2.0
 
       - name: Run build-wrapper
         run: |

From 2c6bcb549d46c764a1c98717fdefd56021086461 Mon Sep 17 00:00:00 2001
From: Volodymyr Kolesnykov <volodymyr@wildwolf.name>
Date: Tue, 1 Jul 2025 15:19:00 +0300
Subject: [PATCH 2/2] chore: switch to `SonarSource/sonarqube-scan-action`

---
 .github/workflows/sonarcloud.yml | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
index 1007789..3f1f366 100644
--- a/.github/workflows/sonarcloud.yml
+++ b/.github/workflows/sonarcloud.yml
@@ -15,19 +15,20 @@ permissions:
   contents: read
 
 jobs:
-  build-test:
-    name: SonarCloud Scan
+  build:
+    name: Build and analyze
     runs-on: ubuntu-latest
     env:
-      BUILD_WRAPPER_OUT_DIR: /tmp/build_wrapper_output_directory
+      BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory
+    permissions:
+      contents: read
     steps:
       - name: Install libmodsecurity
         run: |
           sudo apt-get update -y
           sudo apt-get install -y libmodsecurity-dev
 
-      - name: Check out the code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           fetch-depth: 0
 
@@ -40,8 +41,8 @@ jobs:
       - name: Install dependencies
         run: npm ci --ignore-scripts
 
-      - name: Install SonarCloud Scan for C and C++
-        uses: SonarSource/sonarcloud-github-c-cpp@44cc4d3d487fbc35e5c29b0a9d717be218d3a0e8 # v3.2.0
+      - name: Install Build Wrapper
+        uses: SonarSource/sonarqube-scan-action/install-build-wrapper@2500896589ef8f7247069a56136f8dc177c27ccf # v5.2.0
 
       - name: Run build-wrapper
         run: |
@@ -60,8 +61,9 @@ jobs:
           find .. -name '*.o' | xargs gcov --preserve-paths
 
       - name: Run sonar-scanner
+        uses: SonarSource/sonarqube-scan-action@2500896589ef8f7247069a56136f8dc177c27ccf # v5.2.0
         env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: |
-          sonar-scanner --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}" --define sonar.cfamily.gcov.reportsPath=coverage
+        with:
+          args: >
+            -Dsonar.cfamily.compile-commands="${{ env.BUILD_WRAPPER_OUT_DIR }}/compile_commands.json" -Dsonar.cfamily.gcov.reportsPath=coverage