Skip to content

Comments

🔐 Update security tokens and documentation#34

Merged
afonsoft merged 1 commit intomainfrom
feature/update-actions
Feb 20, 2026
Merged

🔐 Update security tokens and documentation#34
afonsoft merged 1 commit intomainfrom
feature/update-actions

Conversation

@afonsoft
Copy link
Owner

@afonsoft afonsoft commented Feb 20, 2026

  • Update all GitHub Actions workflows to use standardized security tokens
  • Configure CODECOV_TOKEN for coverage uploads in ci-build-test.yml
  • Update SONAR_TOKEN to SONNAR_TOKEN in code-quality.yml and security-scan.yml
  • Add comprehensive security tokens section to README.md
  • Update CHANGELOG.md with security token changes
  • Fix build status badge to point to correct workflow
  • Document token configuration for developers

Tokens configured:

  • CODECOV_TOKEN: For codecov coverage uploads
  • NUGET_TOKEN: For NuGet.org publishing
  • SONNAR_TOKEN: For SonarCloud analysis
  • SNYK_TOKEN: Optional for Snyk security scans
  • QODANA_TOKEN: Optional for Qodana code analysis

All Submissions:

  • Have you followed the guidelines in our Contributing document?
  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?

New Feature Submissions:

  1. Does your submission pass tests?
  2. Have you lint your code locally prior to submission?

Changes to Core Features:

  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your core changes, as applicable?
  • Have you successfully ran tests with your changes locally?

@afonsoft
🔐 Update security tokens and documentation
1d38c0e 
- Update all GitHub Actions workflows to use standardized security tokens
- Configure CODECOV_TOKEN for coverage uploads in ci-build-test.yml
- Update SONAR_TOKEN to SONNAR_TOKEN in code-quality.yml and security-scan.yml
- Add comprehensive security tokens section to README.md
- Update CHANGELOG.md with security token changes
- Fix build status badge to point to correct workflow
- Document token configuration for developers

Tokens configured:
- CODECOV_TOKEN: For codecov coverage uploads
- NUGET_TOKEN: For NuGet.org publishing
- SONNAR_TOKEN: For SonarCloud analysis
- SNYK_TOKEN: Optional for Snyk security scans
- QODANA_TOKEN: Optional for Qodana code analysis
@afonsoft afonsoft merged commit 181ac4a into main Feb 20, 2026
10 of 12 checks passed
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 20, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@afonsoft