test sonar

.gitea/workflows/azure-pipelines.yml

@@ -12,6 +12,8 @@ jobs:
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
 
       # ---------------- NODE ----------------
       - name: Setup Node
@@ -24,11 +26,12 @@ jobs:
         run: npm ci
 
       # ---------------- SONARQUBE ----------------
-      # Set repository secret SONAR_TOKEN (User token from SonarQube). Do not commit tokens to git.
+      # In Gitea: Repository → Settings → Secrets and variables → add secret SONAR_TOKEN
+      # (SonarQube user token). Name must be exactly SONAR_TOKEN — not the token value as the name.
       - name: SonarQube Scan
-        uses: SonarSource/sonarqube-scan-action@v4
+        uses: SonarSource/sonarqube-scan-action@v6
         env:
-          SONAR_TOKEN: ${{ secrets.sqp_b87b0e90564ffc64e9059611d458d777d5148b8b }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
           SONAR_HOST_URL: http://98.70.31.53:9000
 
       # ---------------- JAVA ----------------

App.js

@@ -1,3 +1,4 @@
 
 console.log("trest")
 console.log("test2")
+console.log("test3")

sonar-project.properties

@@ -1,3 +1,6 @@
+# Auth: use SONAR_TOKEN (env) or -Dsonar.token=... — never commit tokens or sonar.login here.
 sonar.projectKey=novaCodeTest
 sonar.sources=.
-sonar.exclusions=**/node_modules/**,**/android/build/**,**/ios/Pods/**,**/ios/build/**
+sonar.host.url=http://98.70.31.53:9000
+# From CLI intent: skip Java/Kotlin and the Android tree; **/ forms cover the repo (not only repo root).
+sonar.exclusions=**/*.java,**/*.kt,**/android/**,**/node_modules/**,**/ios/Pods/**,**/ios/build/**