Remove sudo usage for jq installation in sonarqube.yml
The use of sudo keyword for installing 'jq' in the SonarQube workflow file, sonarqube.yml, has been removed. This change is due to the fact that the root permission is not necessary during the installation process, adhering better to the principle of least privilege.
This commit is contained in:
parent
a536ac3bde
commit
072a2aed5d
|
@ -32,7 +32,7 @@ jobs:
|
|||
|
||||
- name: Install jq
|
||||
run: |
|
||||
apt-get -y install jq; which jq
|
||||
apt-get update; apt-get -y install jq; which jq
|
||||
|
||||
- uses: sonarsource/sonarqube-scan-action@master
|
||||
env:
|
||||
|
|
Loading…
Reference in a new issue