SQSCANGHA-140 Add OpenPGP signature verification for scanner downloads (#235)

2026-05-08 21:20:26 +03:00 · 2026-04-28 15:49:48 +02:00
parent 30dbe5c9ee
commit 55e44800a8
17 changed files with 33778 additions and 41 deletions
@@ -24,6 +24,10 @@ inputs:
    description: URL to download the Sonar Scanner CLI binaries from
    required: false
    default: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli
+  skipSignatureVerification:
+    description: Skip GPG signature verification (not recommended for security)
+    required: false
+    default: "false"
 runs:
  using: node24
  main: dist/index.js