ci: bump SonarSource/sonarqube-scan-action from 6 to 7

[dependabot]

Bumps SonarSource/sonarqube-scan-action from 6 to 7.

Release notes

Sourced from SonarSource/sonarqube-scan-action's releases.

v7.0.0

What's Changed

• SQSCANGHA-120 NO-JIRA Bump actions/setup-node from 4 to 5 by @​dependabot[bot] in SonarSource/sonarqube-scan-action#211
• Update SonarScanner CLI to 7.3.0.5189 by @​github-actions[bot] in SonarSource/sonarqube-scan-action#212
• SQSCANGHA-122 Include caveats for running SCA by @​subdavis in SonarSource/sonarqube-scan-action#213
• SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 by @​dependabot[bot] in SonarSource/sonarqube-scan-action#214
• SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 by @​github-actions[bot] in SonarSource/sonarqube-scan-action#218

New Contributors

• @​subdavis made their first contribution in SonarSource/sonarqube-scan-action#213

Full Changelog: SonarSource/sonarqube-scan-action@v6.0.0...v7.0.0

Commits

• 299e4b7 SQSCANGHA-132 Upgrade Node to 24 (#224)
• 3988e54 SQSCANGHA-131 Bump picomatch from 4.0.3 to 4.0.4 (#223)
• 9598b8a SQSCANGHA-130 Bump rollup from 4.50.1 to 4.59.0 (#221)
• dcc5211 SQSCANGHA-128 NO-JIRA Bump actions/cache from 4 to 5 (#219)
• b9f37f9 SQSCANGHA-129 Fix the Analysis Processing team name in CODEOWNERS (#220)
• a31c939 SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 (#218)
• 40f5b61 SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 (#214)
• 9bf7c12 SQSCANGHA-122 Include caveats for running SCA (#213)
• ba6563c Update SonarScanner CLI to 7.3.0.5189 (#212)
• 5ffbad4 SQSCANGHA-120 Bump actions/setup-node from 4 to 5 (#211)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated code quality scanning workflow to the latest version for improved reliability and performance.

[coderabbitai]

📝 Walkthrough

Walkthrough

The SonarCloud GitHub Actions workflow was updated to use version 7 of the SonarSource sonarqube-scan-action, up from version 6. All workflow step logic, inputs, and environment variables remain unchanged.

Changes

Cohort / File(s)	Summary
GitHub Actions Workflow .github/workflows/sonarcloud.yml	Updated SonarSource/sonarqube-scan-action from v6 to v7 in the SonarCloud Scan step.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• chore(deps): bump sonarqube-scan-action v5 → v6 (supersedes #71) #75: Prior version bump of the same SonarSource sonarqube-scan-action (v5→v6), establishing a pattern of maintaining this action's version.

Poem

🐰 A hop, a skip, a version bump so neat,
From v6 to v7, the scan's more sweet,
SonarCloud flows with freshened grace,
Quality checks in this workflow space! ✨

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is a Dependabot-generated update notice with release notes and changelog details, but does not follow the repository's required template structure.	Add sections for 'What', 'Why', and 'How' as specified in the template, plus the required checklist items. The current description lacks structured explanation of the change rationale and implementation details.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the main change: bumping SonarSource/sonarqube-scan-action from version 6 to 7.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/github_actions/SonarSource/sonarqube-scan-action-7

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud