From a66a1e68dd3bff3e38cef411292f1044de88d552 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 23 Jan 2025 10:56:45 +0100
Subject: [PATCH 1/6] yarn(deps-dev): bump @types/node from 22.10.7 to 22.10.9
 (#4800)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package.json | 2 +-
 yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index 53435f84f6..9cd1922f60 100644
--- a/package.json
+++ b/package.json
@@ -61,7 +61,7 @@
     "@types/i18next-fs-backend": "^1.1.5",
     "@types/jest": "^29.5.14",
     "@types/js-cookie": "^3.0.6",
-    "@types/node": "^22.10.7",
+    "@types/node": "^22.10.9",
     "@types/qrcode.react": "^3.0.0",
     "@types/react": "^18.3.12",
     "@types/react-dom": "^18.3.1",
diff --git a/yarn.lock b/yarn.lock
index 949d062b14..3a6efe1abb 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2478,10 +2478,10 @@
   resolved "https://registry.yarnpkg.com/@types/mime/-/mime-1.3.2.tgz#93e25bf9ee75fe0fd80b594bc4feb0e862111b5a"
   integrity sha512-YATxVxgRqNH6nHEIsvg6k2Boc1JHI9ZbH5iWFFv/MTkchz3b1ieGDa5T0a9RznNdI0KhVbdbWSN+KWWrQZRxTw==
 
-"@types/node@*", "@types/node@^22.10.7":
-  version "22.10.7"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-22.10.7.tgz#14a1ca33fd0ebdd9d63593ed8d3fbc882a6d28d7"
-  integrity sha512-V09KvXxFiutGp6B7XkpaDXlNadZxrzajcY50EuoLIpQ6WWYCSvf19lVIazzfIzQvhUN2HjX12spLojTnhuKlGg==
+"@types/node@*", "@types/node@^22.10.9":
+  version "22.10.9"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-22.10.9.tgz#b62b5e8485b9b412262466209280405525320108"
+  integrity sha512-Ir6hwgsKyNESl/gLOcEz3krR4CBGgliDqBQ2ma4wIhEx0w+xnoeTq3tdrNw15kU3SxogDjOgv9sqdtLW8mIHaw==
   dependencies:
     undici-types "~6.20.0"
 

From 2ce241d81eadcd6dc96c32f09bb88be7c85618d2 Mon Sep 17 00:00:00 2001
From: Jakob Schwehn <schwehn42@gmail.com>
Date: Thu, 23 Jan 2025 12:23:08 +0100
Subject: [PATCH 2/6] hotfix: disable clarity (#4804)

---
 src/index.tsx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/index.tsx b/src/index.tsx
index 12705c371c..3f39112b15 100644
--- a/src/index.tsx
+++ b/src/index.tsx
@@ -1,7 +1,6 @@
 import React, {Suspense} from "react";
 import {createRoot} from "react-dom/client";
 import {Provider} from "react-redux";
-import Clarity from "@microsoft/clarity";
 import "index.scss";
 import {CookieNotice} from "components/CookieNotice";
 import {store} from "store";
@@ -51,7 +50,8 @@ const root = createRoot(document.getElementById("root") as HTMLDivElement);
 
 // If clarity ID is set and not empty in env variables, initialize Clarity
 if (CLARITY_ID && CLARITY_ID !== "") {
-  Clarity.init(CLARITY_ID);
+  // TODO: tracking, including storing data using third party services has to be explicitly opt in!
+  // Clarity.init(CLARITY_ID);
 }
 
 root.render(

From 10b5e00c54b7e28e5dc59fca4cc2458643c82022 Mon Sep 17 00:00:00 2001
From: Manuel Brandstetter <36969812+brandstetterm@users.noreply.github.com>
Date: Thu, 23 Jan 2025 13:40:29 +0100
Subject: [PATCH 3/6] Bump version to 3.10.3

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 9cd1922f60..43140b474e 100644
--- a/package.json
+++ b/package.json
@@ -6,7 +6,7 @@
     "url": "https://github.com/inovex/scrumlr.io/issues",
     "email": "info@scrumlr.io"
   },
-  "version": "3.10.2",
+  "version": "3.10.3",
   "private": true,
   "license": "MIT",
   "dependencies": {

From 6fa1362832aaa720d34f9d6571ce816dc5b96c6d Mon Sep 17 00:00:00 2001
From: Lennart Krauch <lennart.krauch@inovex.de>
Date: Sat, 25 Jan 2025 15:27:11 -0800
Subject: [PATCH 4/6] feat: SonarQube (#4808)

Signed-off-by: Lennart Krauch <lennart.krauch@inovex.de>
---
 .github/workflows/sonarqube.yaml | 19 +++++++++++++++++++
 sonar-project.properties         | 13 +++++++++++++
 2 files changed, 32 insertions(+)
 create mode 100644 .github/workflows/sonarqube.yaml
 create mode 100644 sonar-project.properties

diff --git a/.github/workflows/sonarqube.yaml b/.github/workflows/sonarqube.yaml
new file mode 100644
index 0000000000..59cd6a1c2f
--- /dev/null
+++ b/.github/workflows/sonarqube.yaml
@@ -0,0 +1,19 @@
+name: Build
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  sonarqube:
+    name: SonarQube
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: SonarQube Scan
+        uses: SonarSource/sonarqube-scan-action@v4
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/sonar-project.properties b/sonar-project.properties
new file mode 100644
index 0000000000..7602794593
--- /dev/null
+++ b/sonar-project.properties
@@ -0,0 +1,13 @@
+sonar.projectKey=scrumlr_scrumlr
+sonar.organization=scrumlr
+
+# This is the name and version displayed in the SonarCloud UI.
+#sonar.projectName=scrumlr
+#sonar.projectVersion=1.0
+
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+#sonar.sources=.
+
+# Encoding of the source code. Default is default system encoding
+#sonar.sourceEncoding=UTF-8
\ No newline at end of file

From eda322ebd9bbd8874290f9acf366f9bfc9837c06 Mon Sep 17 00:00:00 2001
From: Lennart Krauch <lennart.krauch@inovex.de>
Date: Sun, 26 Jan 2025 00:29:04 +0100
Subject: [PATCH 5/6] feat: SonarQube

---
 .github/workflows/sonarqube.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/sonarqube.yaml b/.github/workflows/sonarqube.yaml
index 59cd6a1c2f..62e184e513 100644
--- a/.github/workflows/sonarqube.yaml
+++ b/.github/workflows/sonarqube.yaml
@@ -2,7 +2,7 @@ name: Build
 on:
   push:
     branches:
-      - master
+      - main
   pull_request:
     types: [opened, synchronize, reopened]
 jobs:

From 989f4f9600f661a4b7847d1fc8fcfd383707c351 Mon Sep 17 00:00:00 2001
From: Lennart Krauch <lennart.krauch@inovex.de>
Date: Sun, 26 Jan 2025 18:55:00 +0100
Subject: [PATCH 6/6] feat: sonar quality gate (#4809)

Signed-off-by: Lennart Krauch <lennart.krauch@inovex.de>
---
 .github/workflows/sonarqube.yaml | 6 ++++++
 sonar-project.properties         | 4 +++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/sonarqube.yaml b/.github/workflows/sonarqube.yaml
index 62e184e513..897720f0cb 100644
--- a/.github/workflows/sonarqube.yaml
+++ b/.github/workflows/sonarqube.yaml
@@ -15,5 +15,11 @@ jobs:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
       - name: SonarQube Scan
         uses: SonarSource/sonarqube-scan-action@v4
+        with:
+          args: > 
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      - name: SonarQube Quality Gate
+        uses: SonarSource/sonarqube-quality-gate-action@v1
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/sonar-project.properties b/sonar-project.properties
index 7602794593..e2aed02dd0 100644
--- a/sonar-project.properties
+++ b/sonar-project.properties
@@ -10,4 +10,6 @@ sonar.organization=scrumlr
 #sonar.sources=.
 
 # Encoding of the source code. Default is default system encoding
-#sonar.sourceEncoding=UTF-8
\ No newline at end of file
+#sonar.sourceEncoding=UTF-8
+
+sonar.typescript.tsconfigPath=tsconfig.json