fix: Bump up protobuf to solve CVE-2026-0994 for legacy tracer 2.x series. #2040
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| push: | |
| branches: | |
| - master # or the name of your main branch | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| fetch-depth: 0 | |
| - uses: sonarsource/sonarqube-scan-action@master | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
| # If you wish to fail your job when the Quality Gate is red, uncomment the | |
| # following lines. This would typically be used to fail a deployment. | |
| # We do not recommend to use this in a pull request. Prefer using pull request | |
| # decoration instead. | |
| # - uses: sonarsource/sonarqube-quality-gate-action@master | |
| # timeout-minutes: 5 | |
| # env: | |
| # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |