SQSCANGHA-127 Rename downloaded file to .zip before extraction on Windows#251
Conversation
Agentic Analysis: Early ResultsAgentic Analysis and Context Augmentation are available on your project. Here are some issues that could have been prevented. Follow the links to learn how to put them into action. 10 issue(s) found across 1 file(s):
Analyzed by SonarQube Agentic Analysis in 3.3 s |
68a8c82 to
b24f324
Compare
…dows PowerShell 5.1, used on some Windows GitHub Actions runners, requires Expand-Archive to receive a file with a .zip extension. The @actions/tool-cache downloadTool function saves to a temp path without any extension, causing extraction to fail on PS 5.1. Rename the file to add .zip before calling extractZip. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
b24f324 to
af0fbd4
Compare
|
Code Review ✅ ApprovedRenames downloaded files to include a .zip extension before extraction to ensure compatibility with PowerShell 5.1 on Windows runners. Added pinning for Node.js version and verified the fix with new unit tests; no issues found. OptionsAuto-apply is off → Gitar will not commit updates to this branch. Comment with these commands to change:
Was this helpful? React with 👍 / 👎 | Gitar |
…(#12) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [SonarSource/sonarqube-scan-action](https://github.com/SonarSource/sonarqube-scan-action) | action | minor | `v8.1` → `v8.2` | --- ### Release Notes <details> <summary>SonarSource/sonarqube-scan-action (SonarSource/sonarqube-scan-action)</summary> ### [`v8.2.0`](https://github.com/SonarSource/sonarqube-scan-action/releases/tag/v8.2.0) [Compare Source](SonarSource/sonarqube-scan-action@v8.2.0...v8.2.0) #### What's Changed - SQSCANGHA-149 Add scannerBinariesAuthHeader input by [@​henryju](https://github.com/henryju) in [#​246](SonarSource/sonarqube-scan-action#246) - SQSCANGHA-88 Deprecate the SONARCLOUD\_URL env variable support by [@​henryju](https://github.com/henryju) in [#​249](SonarSource/sonarqube-scan-action#249) - SQSCANGHA-84 Remove outdated wget/curl references by [@​henryju](https://github.com/henryju) in [#​248](SonarSource/sonarqube-scan-action#248) - SQSCANGHA-135 Fix scanner binaries always re-downloaded due to incompatible 4-part version by [@​henryju](https://github.com/henryju) in [#​250](SonarSource/sonarqube-scan-action#250) - SQSCANGHA-127 Rename downloaded file to .zip before extraction on Windows by [@​henryju](https://github.com/henryju) in [#​251](SonarSource/sonarqube-scan-action#251) **Full Changelog**: <SonarSource/sonarqube-scan-action@v8...v8.2.0> ### [`v8.2`](SonarSource/sonarqube-scan-action@v8.1.0...v8.2.0) [Compare Source](SonarSource/sonarqube-scan-action@v8.1.0...v8.2.0) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMTYuMiIsInVwZGF0ZWRJblZlciI6IjQzLjIxNi4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: https://git.tainton.uk/repos/epage-go/pulls/12 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>
…(#455) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [SonarSource/sonarqube-scan-action](https://github.com/SonarSource/sonarqube-scan-action) | action | minor | `v8.1` → `v8.2` | --- ### Release Notes <details> <summary>SonarSource/sonarqube-scan-action (SonarSource/sonarqube-scan-action)</summary> ### [`v8.2.0`](https://github.com/SonarSource/sonarqube-scan-action/releases/tag/v8.2.0) [Compare Source](SonarSource/sonarqube-scan-action@v8.2.0...v8.2.0) #### What's Changed - SQSCANGHA-149 Add scannerBinariesAuthHeader input by [@​henryju](https://github.com/henryju) in [#​246](SonarSource/sonarqube-scan-action#246) - SQSCANGHA-88 Deprecate the SONARCLOUD\_URL env variable support by [@​henryju](https://github.com/henryju) in [#​249](SonarSource/sonarqube-scan-action#249) - SQSCANGHA-84 Remove outdated wget/curl references by [@​henryju](https://github.com/henryju) in [#​248](SonarSource/sonarqube-scan-action#248) - SQSCANGHA-135 Fix scanner binaries always re-downloaded due to incompatible 4-part version by [@​henryju](https://github.com/henryju) in [#​250](SonarSource/sonarqube-scan-action#250) - SQSCANGHA-127 Rename downloaded file to .zip before extraction on Windows by [@​henryju](https://github.com/henryju) in [#​251](SonarSource/sonarqube-scan-action#251) **Full Changelog**: <SonarSource/sonarqube-scan-action@v8...v8.2.0> ### [`v8.2`](SonarSource/sonarqube-scan-action@v8.1.0...v8.2.0) [Compare Source](SonarSource/sonarqube-scan-action@v8.1.0...v8.2.0) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMTYuMiIsInVwZGF0ZWRJblZlciI6IjQzLjIxNi4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: https://git.tainton.uk/repos/roboluke/pulls/455 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>
…(#453) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [SonarSource/sonarqube-scan-action](https://github.com/SonarSource/sonarqube-scan-action) | action | minor | `v8.1` → `v8.2` | --- ### Release Notes <details> <summary>SonarSource/sonarqube-scan-action (SonarSource/sonarqube-scan-action)</summary> ### [`v8.2.0`](https://github.com/SonarSource/sonarqube-scan-action/releases/tag/v8.2.0) [Compare Source](SonarSource/sonarqube-scan-action@v8.2.0...v8.2.0) #### What's Changed - SQSCANGHA-149 Add scannerBinariesAuthHeader input by [@​henryju](https://github.com/henryju) in [#​246](SonarSource/sonarqube-scan-action#246) - SQSCANGHA-88 Deprecate the SONARCLOUD\_URL env variable support by [@​henryju](https://github.com/henryju) in [#​249](SonarSource/sonarqube-scan-action#249) - SQSCANGHA-84 Remove outdated wget/curl references by [@​henryju](https://github.com/henryju) in [#​248](SonarSource/sonarqube-scan-action#248) - SQSCANGHA-135 Fix scanner binaries always re-downloaded due to incompatible 4-part version by [@​henryju](https://github.com/henryju) in [#​250](SonarSource/sonarqube-scan-action#250) - SQSCANGHA-127 Rename downloaded file to .zip before extraction on Windows by [@​henryju](https://github.com/henryju) in [#​251](SonarSource/sonarqube-scan-action#251) **Full Changelog**: <SonarSource/sonarqube-scan-action@v8...v8.2.0> ### [`v8.2`](SonarSource/sonarqube-scan-action@v8.1.0...v8.2.0) [Compare Source](SonarSource/sonarqube-scan-action@v8.1.0...v8.2.0) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMTYuMiIsInVwZGF0ZWRJblZlciI6IjQzLjIxNi4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJ0eXBlL2RlcGVuZGVuY2llcyJdfQ==--> Reviewed-on: https://git.tainton.uk/repos/pypilot/pulls/453 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>



PowerShell 5.1, used on some Windows GitHub Actions runners, requires Expand-Archive to receive a file with a .zip extension. The @actions/tool-cache downloadTool function saves to a temp path without any extension, causing extraction to fail on PS 5.1. Rename the file to add .zip before calling extractZip.
Please be aware that we are not actively looking for feature contributions. The truth is that it's extremely difficult for someone outside SonarSource to comply with our roadmap and expectations. Therefore, we typically only accept minor cosmetic changes and typo fixes. If you would like to see a new feature, please create a new thread in the forum "Suggest new features".
With that in mind, if you would like to submit a code contribution, make sure that you adhere to the following guidelines and all tests are passing:
We will try to give you feedback on your contribution as quickly as possible.
Thank You!
The SonarSource Team
Summary by Gitar
mise.tomlto pin the Node.js version to24.ensureZipExtensionto conditionally append.zipto downloaded files.install-sonar-scanner.test.jsto verify file renaming logic and edge cases.This will update automatically on new commits.