pin to working version of sonarcloud github action

2023-04-23 23:40:28 -04:00 · 2023-04-23 23:40:28 -04:00 · bb0b6d22aa
parent 9639660e89
commit bb0b6d22aa
1 changed files with 1 additions and 1 deletions
--- a/.github/workflows/backend_tests.yml
+++ b/.github/workflows/backend_tests.yml
@ -276,7 +276,7 @@ jobs:
        uses: codecov/codecov-action@v3.1.3

      - name: SonarCloud Scan
-        uses: sonarsource/sonarcloud-github-action@master
+        uses: sonarsource/sonarcloud-github-action@v1.8
        # thought about just skipping dependabot
        # if: ${{ github.actor != 'dependabot[bot]' }}
        # but figured all pull requests seems better, since none of them will have access to sonarcloud.