marcusquinn
523574a93e
Resolves SonarCloud security hotspots S7636 in three workflow files: - code-quality.yml: CODACY_PROJECT_TOKEN moved to env block on check step - sonarcloud.yml: SONARCLOUD_GITHUB moved to env block on check step - sync-wiki.yml: GITHUB_TOKEN and context vars moved to env block on sync step Secrets are now passed as environment variables and referenced via $VAR rather than being expanded inline in run: shell blocks, which prevents secret values from appearing in workflow logs and resolves the hotspots. Closes #106
2.3 KiB
2.3 KiB