SQSCANGHA-13 Update base image

---------

Co-authored-by: Ambroise C <ambroise.christea@sonarsource.com>

.github/dependabot.yml

@@ -0,0 +1,16 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      timezone: "CET"
+    open-pull-requests-limit: 100
+    commit-message:
+      prefix: "NO-JIRA "

.github/workflows/qa.yml

@@ -6,7 +6,7 @@ jobs:
   run_qa:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
       - run: ./test/run-qa.sh

.github/workflows/update-tags.yml

@@ -16,7 +16,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Parse semver
-        uses: madhead/semver-utils@v2
+        uses: madhead/semver-utils@latest
         id: version
         with:
           version: ${{ github.ref_name }}

Dockerfile

@@ -1,6 +1,6 @@
-FROM sonarsource/sonar-scanner-cli:4.8
+FROM sonarsource/sonar-scanner-cli:5.0.1
 
-LABEL version="1.2.0" \
+LABEL version="2.0.1" \
       repository="https://github.com/sonarsource/sonarqube-scan-action" \
       homepage="https://github.com/sonarsource/sonarqube-scan-action" \
       maintainer="SonarSource" \

README.md

@@ -43,7 +43,7 @@ jobs:
   sonarqube:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
       with:
         # Disabling shallow clone is recommended for improving relevancy of reporting
         fetch-depth: 0