fix(server-nestjs/sonarqube): harden sonarqube reconciliation with strict key matching and idempotent init#2299
Merged
Conversation
Contributor
|
🤖 Hey ! The security scan report for the current pull request is available here. |
shikanime
reviewed
Jul 13, 2026
shikanime
reviewed
Jul 13, 2026
ea57522 to
478d356
Compare
Contributor
|
🤖 Hey ! The security scan report for the current pull request is available here. |
478d356 to
abcbe85
Compare
Contributor
|
🤖 Hey ! The security scan report for the current pull request is available here. |
StephaneTrebel
previously approved these changes
Jul 15, 2026
StephaneTrebel
left a comment
Collaborator
There was a problem hiding this comment.
LGTM. Là aussi il faudra une seconde passe, je pense
…atching and idempotent init
abcbe85 to
66a8f15
Compare
Contributor
|
🤖 Hey ! The security scan report for the current pull request is available here. |
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.

1 New Issue
0 Fixed Issues
0 Accepted Issues
Issues liées
Issues numéro: N/A
Quel est le comportement actuel ?
token:) avant de l'envoyer enBearer, ce qui ne correspond pas au format attendu par SonarQube.Forge Defaultétait recréé systématiquement, provoquant une erreur si le template existait déjà.<slug>-<repo>-), ce qui pouvait entraîner la suppression de projets créés manuellement ou appartenant à un autre projet dont le slug est un préfixe.Quel est le nouveau comportement ?
Bearer, sans encodage base64.permissions/search_templateset n'est créé que s'il n'existe pas.scanest ajoutée au groupe admin (GLOBAL_ADMIN_PERMISSIONS).SonarqubeErroravec le statut et les messages d'erreur retournés par l'API.generateProjectKey: les projets non gérés par la console ne sont plus jamais supprimés.generateProjectKeyetgenerateRandomPasswordsont déplacés dansapps/server-nestjs/src/utils/crypto.ts(implémentation identique octet par octet à celle de@cpn-console/hookspour préserver la compatibilité des clés existantes).Cette PR introduit-elle un breaking change ?
Non. La génération des clés de projet reste strictement identique à l'implémentation historique, aucune migration n'est nécessaire.
Autres informations
Tests ajoutés : idempotence de la création du template de permissions, suppression des projets retirés uniquement, et non-suppression des projets dont la clé n'a pas été générée par la console.