Bump SonarSource/sonarcloud-github-action from 2.2.0 to 2.3.0

[dependabot[bot]]

Bumps SonarSource/sonarcloud-github-action from 2.2.0 to 2.3.0.

Release notes

Sourced from SonarSource/sonarcloud-github-action's releases.

v2.3.0

What's Changed

• SCSCANGHA-18 Add workflow to automate tags creation upon release by @​antoine-vinot-sonarsource in SonarSource/sonarcloud-github-action#81
• SCSCANGHA-22 Revert "SCSCANGHA-16 Support passing args with spaces (#79)" by @​csaba-feher-sonarsource in SonarSource/sonarcloud-github-action#83

New Contributors

• @​csaba-feher-sonarsource made their first contribution in SonarSource/sonarcloud-github-action#83

Full Changelog: https://github.com/SonarSource/sonarcloud-github-action/compare/v2...v2.3.0

Commits

• e44258b Revert "SCSCANGHA-16 Support passing args with spaces (#79)" (#83)
• 13d84ab SCSCANGHA-18 Add workflow to automate tags creation upon release
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

:mag: Vulnerabilities of sommerfeldio/source2adoc:b710f72ae8d33df7f7ca15a780cc38c631c0a2e8

:package: Image Reference sommerfeldio/source2adoc:b710f72ae8d33df7f7ca15a780cc38c631c0a2e8

digest	sha256:ec65c4f38bf3002a865b0f05aceac95386768070c6d6096821017739e9737178
vulnerabilities
size	6.8 MB
packages	21

:package: Base Image alpine:3

also known as	3.20 3.20.0 latest
digest	sha256:216266c86fc4dcef5619930bd394245824c2af52fd21ba7c6fa0e618657d4c3b
vulnerabilities

ssl_client 1.36.1-r28 (apk) pkg:apk/alpine/ssl_client@1.36.1-r28?arch=x86_64&upstream=busybox&distro=alpine-3.20.0 ```dockerfile # Dockerfile (39:39) FROM alpine:3.20.0 AS run ``` Affected range <1.36.1-r29 Fixed version 1.36.1-r30 EPSS Score 0.04% EPSS Percentile 13th percentile Description Affected range <1.36.1-r29 Fixed version 1.36.1-r30 EPSS Score 0.04% EPSS Percentile 13th percentile Description

libssl3 3.3.0-r2 (apk) pkg:apk/alpine/libssl3@3.3.0-r2?arch=x86_64&upstream=openssl&distro=alpine-3.20.0 ```dockerfile # Dockerfile (39:39) FROM alpine:3.20.0 AS run ``` Affected range <3.3.0-r3 Fixed version 3.3.0-r3 Description

[github-actions[bot]]

Overview

Image reference	sommerfeldio/source2adoc:rc	sommerfeldio/source2adoc:b710f72ae8d33df7f7ca15a780cc38c631c0a2e8
- digest	dc77e1e53326	ec65c4f38bf3
- provenance	https://github.com/sommerfeld-io/source2adoc/commit/dc2b9496fa5374c8cb2f95306921de39ee33c913	https://github.com/sommerfeld-io/source2adoc/commit/b710f72ae8d33df7f7ca15a780cc38c631c0a2e8
- vulnerabilities
- platform	linux/amd64	linux/amd64
- size	6.8 MB	6.8 MB (+14 B)
- packages	25	21 (-4)
Base Image	alpine:3 also known as: • 3.20 • 3.20.0 • latest	alpine:3.20.0 also known as: • 3 • 3.20 • latest
- vulnerabilities

Labels (3 changes)

> * `±` 3 changed > * _9 unchanged_ ```diff maintainer=sebastian@sommerfeld.io org.opencontainers.image.authors=source2adoc open source project -org.opencontainers.image.created=2024-06-11T08:34:11.088Z +org.opencontainers.image.created=2024-06-17T19:46:21.421Z org.opencontainers.image.description=Streamline the process of generating AsciiDoc documentation from inline comments within source code files. This tool converts inline documentation into AsciiDoc files, tailored for seamless integration with Antora. org.opencontainers.image.documentation=https://source2adoc.sommerfeld.io org.opencontainers.image.licenses=NOASSERTION -org.opencontainers.image.revision=dc2b9496fa5374c8cb2f95306921de39ee33c913 +org.opencontainers.image.revision=b710f72ae8d33df7f7ca15a780cc38c631c0a2e8 org.opencontainers.image.source=https://github.com/sommerfeld-io/source2adoc org.opencontainers.image.title=source2adoc org.opencontainers.image.url=https://github.com/sommerfeld-io/source2adoc org.opencontainers.image.vendor=source2adoc open source project -org.opencontainers.image.version=main +org.opencontainers.image.version=pr-70 ```

Packages and Vulnerabilities (4 package changes and 0 vulnerability changes)

> * :heavy_minus_sign: 3 packages removed > * :infinity: 1 packages changed > * 20 packages unchanged

Changes for packages of type apk (3 changes)

	Package	Version sommerfeldio/source2adoc:rc	Version sommerfeldio/source2adoc:b710f72ae8d33df7f7ca15a780cc38c631c0a2e8
:heavy_minus_sign:	ca-certificates	20240226-r0
:heavy_minus_sign:	openssl	3.3.0-r2
		Removed vulnerabilities (1):
:heavy_minus_sign:	pax-utils	1.3.7-r2

Changes for packages of type golang (1 changes)

	Package	Version sommerfeldio/source2adoc:rc	Version sommerfeldio/source2adoc:b710f72ae8d33df7f7ca15a780cc38c631c0a2e8
:infinity:	stdlib	go1.22.4	1.22.4