collaborationFactory · slaven3kopic · Feb 19, 2026 · Feb 19, 2026
diff --git a/.github/workflow-templates/fe/fe-check-upmerge.yml b/.github/workflow-templates/fe/fe-check-upmerge.yml
@@ -4,11 +4,15 @@ on:
     # Runs "At 18:00 every day" (see https://crontab.guru)
     - cron: '0 18 * * *'
 
-permissions: write-all
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+  checks: write
 
 jobs:
   check-upmerge:
-    uses: collaborationFactory/github-actions/.github/workflows/fe-check-upmerge.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-check-upmerge.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     secrets:
       SLACK_TOKEN_UPMERGE: ${{ secrets.SLACK_TOKEN_UPMERGE }}
       GIT_USER_EMAIL: ${{ secrets.GIT_USER_EMAIL }}

diff --git a/.github/workflow-templates/fe/fe-cleanup-snapshots.yml b/.github/workflow-templates/fe/fe-cleanup-snapshots.yml
@@ -4,11 +4,15 @@ on:
     # Runs "At 00:00 on day-of-month 28 in every 3rd month." (see https://crontab.guru)
     - cron: '0 0 28 */3 *'
 
-permissions: write-all
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+  checks: write
 
 jobs:
   cleanup-snapshots:
-    uses: collaborationFactory/github-actions/.github/workflows/fe-cleanup-snapshots.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-cleanup-snapshots.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     secrets:
       JFROG_BASE64_TOKEN: ${{ secrets.JFROG_BASE64_TOKEN }}
       JFROG_URL: ${{ secrets.JFROG_URL }}

diff --git a/.github/workflow-templates/fe/fe-licenses.yml b/.github/workflow-templates/fe/fe-licenses.yml
@@ -5,15 +5,19 @@ on:
       - 'package.json'
       - 'package-lock.json'
 
-permissions: write-all
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+  checks: write
 
 env:
   NX_BRANCH: ${{ github.event.number }}
   NX_RUN_GROUP: ${{ github.run_id }}
 
 jobs:
   check-licenses:
-    uses: collaborationFactory/github-actions/.github/workflows/fe-licenses.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-licenses.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       FOSS_DIST: dist
       CUSTOM_LICENSES_JSON: custom-licenses/custom-licenses.json

diff --git a/.github/workflow-templates/fe/fe-main.yml b/.github/workflow-templates/fe/fe-main.yml
@@ -5,15 +5,19 @@ on:
       - main
       - master
 
-permissions: write-all
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+  checks: write
 
 env:
   NX_BRANCH: ${{ github.event.number }}
   NX_RUN_GROUP: ${{ github.run_id }}
 
 jobs:
   install-deps:
-    uses: collaborationFactory/github-actions/.github/workflows/fe-install-deps.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-install-deps.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ''
     secrets:
@@ -22,7 +26,7 @@ jobs:
   # This job is only needed in case you are using Percy
   e2e-tests:
     needs: install-deps
-    uses: collaborationFactory/github-actions/.github/workflows/fe-e2e.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-e2e.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ''
       GHA_BASE: ${{ github.event.before }}
@@ -31,14 +35,14 @@ jobs:
 
   build:
     needs: install-deps
-    uses: collaborationFactory/github-actions/.github/workflows/fe-build.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-build.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ''
       GHA_BASE: ${{ github.event.before }}
 
   snapshot:
     needs: build
-    uses: collaborationFactory/github-actions/.github/workflows/fe-snapshot.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-snapshot.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ''
       GHA_BASE: ${{ github.event.before }}

diff --git a/.github/workflow-templates/fe/fe-pr-close.yml b/.github/workflow-templates/fe/fe-pr-close.yml
@@ -5,11 +5,15 @@ on:
     branches:
       - '**'
 
-permissions: write-all
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+  checks: write
 
 jobs:
   remove-artifacts:
-    uses: collaborationFactory/github-actions/.github/workflows/fe-pr-close.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-pr-close.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_BASE: ${{ github.event.pull_request.base.ref }}
     secrets:

diff --git a/.github/workflow-templates/fe/fe-pr-snapshot.yml b/.github/workflow-templates/fe/fe-pr-snapshot.yml
@@ -5,11 +5,15 @@ on:
     branches:
       - '**'
 
-permissions: write-all
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+  checks: write
 
 jobs:
   publish-pr-snapshot:
-    uses: collaborationFactory/github-actions/.github/workflows/fe-pr-snapshot.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-pr-snapshot.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_BASE: ${{ github.event.pull_request.base.ref }}
     secrets:

diff --git a/.github/workflow-templates/fe/fe-pr.yml b/.github/workflow-templates/fe/fe-pr.yml
@@ -4,36 +4,40 @@ on:
     branches:
       - '**'
 
-permissions: write-all
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+  checks: write
 
 env:
   NX_BRANCH: ${{ github.event.number }}
   NX_RUN_GROUP: ${{ github.run_id }}
 
 jobs:
   install-deps:
-    uses: collaborationFactory/github-actions/.github/workflows/fe-install-deps.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-install-deps.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ${{ github.event.pull_request.head.ref }}
     secrets:
       DOT_NPMRC: ${{ secrets.DOT_NPMRC }}
 
   build:
     needs: install-deps
-    uses: collaborationFactory/github-actions/.github/workflows/fe-build.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-build.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ${{ github.event.pull_request.head.ref }}
       GHA_BASE: ${{ github.event.pull_request.base.ref }}
 
   code-quality:
     needs: install-deps
-    uses: collaborationFactory/github-actions/.github/workflows/fe-code-quality.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-code-quality.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ${{ github.event.pull_request.head.ref }}
       GHA_BASE: ${{ github.event.pull_request.base.ref }}
   e2e:
     needs: install-deps
-    uses: collaborationFactory/github-actions/.github/workflows/fe-e2e.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-e2e.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ${{ github.event.pull_request.head.ref }}
       GHA_BASE: ${{ github.event.pull_request.base.ref }}

diff --git a/.github/workflow-templates/fe/fe-release.yml b/.github/workflow-templates/fe/fe-release.yml
@@ -4,23 +4,27 @@ on:
     branches:
       - 'release/*'
 
-permissions: write-all
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+  checks: write
 
 env:
   NX_BRANCH: ${{ github.event.number }}
   NX_RUN_GROUP: ${{ github.run_id }}
 
 jobs:
   install-deps:
-    uses: collaborationFactory/github-actions/.github/workflows/fe-install-deps.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-install-deps.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ''
     secrets:
       DOT_NPMRC: ${{ secrets.DOT_NPMRC }}
 
   e2e-tests:
     needs: install-deps
-    uses: collaborationFactory/github-actions/.github/workflows/fe-e2e.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-e2e.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ''
       GHA_BASE: ${{ github.event.before }}
@@ -29,14 +33,14 @@ jobs:
 
   build:
     needs: install-deps
-    uses: collaborationFactory/github-actions/.github/workflows/fe-build.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-build.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ''
       GHA_BASE: ${{ github.event.before }}
 
   tag:
     needs: [build, e2e-tests]
-    uses: collaborationFactory/github-actions/.github/workflows/fe-tag.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-tag.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     with:
       GHA_REF: ''
       GHA_BASE: ${{ github.event.before }}

diff --git a/.github/workflow-templates/fe/fe-tag-pushed.yml b/.github/workflow-templates/fe/fe-tag-pushed.yml
@@ -4,15 +4,19 @@ on:
     tags:
       - '*/*'
 
-permissions: write-all
+permissions:
+  contents: write
+  pull-requests: write
+  actions: read
+  checks: write
 
 env:
   NX_BRANCH: ${{ github.event.number }}
   NX_RUN_GROUP: ${{ github.run_id }}
 
 jobs:
   release-version:
-    uses: collaborationFactory/github-actions/.github/workflows/fe-release.yml@release/25.2
+    uses: collaborationFactory/github-actions/.github/workflows/fe-release.yml@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
     secrets:
       JFROG_BASE64_TOKEN: ${{ secrets.JFROG_BASE64_TOKEN }}
       JFROG_URL: ${{ secrets.JFROG_URL }}

diff --git a/.github/workflows/fe-build.yml b/.github/workflows/fe-build.yml
@@ -41,7 +41,7 @@ jobs:
           key: ${{ runner.os }}-modules-${{ hashFiles('**/package-lock.json') }}
 
       - name: Build and Storybook
-        uses: collaborationFactory/github-actions/.github/actions/run-many@release/25.2
+        uses: collaborationFactory/github-actions/.github/actions/run-many@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
         with:
           target: ${{ matrix.target }}
           jobIndex: ${{ matrix.jobIndex }}

diff --git a/.github/workflows/fe-check-upmerge.yml b/.github/workflows/fe-check-upmerge.yml
@@ -32,7 +32,7 @@ jobs:
           key: ${{ runner.os }}-modules-${{ hashFiles('**/package-lock.json') }}
 
       - name: check if upmerge is necessary and post to slack
-        uses: collaborationFactory/github-actions/.github/actions/upmerge@release/25.2
+        uses: collaborationFactory/github-actions/.github/actions/upmerge@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
         env:
           SLACK_TOKEN_UPMERGE: ${{ secrets.SLACK_TOKEN_UPMERGE }}
           GIT_USER_EMAIL: ${{ secrets.GIT_USER_EMAIL }}

diff --git a/.github/workflows/fe-cleanup-snapshots.yml b/.github/workflows/fe-cleanup-snapshots.yml
@@ -39,7 +39,7 @@ jobs:
           dot-npmrc: ${{ secrets.DOT_NPMRC }}
 
       - name: Cleanup Snapshot Artifacts
-        uses: collaborationFactory/github-actions/.github/actions/snapshots@release/25.2
+        uses: collaborationFactory/github-actions/.github/actions/snapshots@feature/PFM-TASK-7338-Backport-Sonar-Scan-in-github-actions
         env:
           JFROG_BASE64_TOKEN: ${{ secrets.JFROG_BASE64_TOKEN }}
           JFROG_URL: ${{ secrets.JFROG_URL }}