Fix Sonar

Mehdi-Bl · Mehdi-Bl · commit 05ed92e18f69 · 2026-02-05T01:24:58.000Z
diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml
@@ -1,8 +1,10 @@
 name: SonarCloud QA Gate
 
 on:
-  push:
   pull_request:
+  push:
+    branches:
+      - main
 
 jobs:
   sonarcloud:
@@ -34,7 +36,7 @@ jobs:
           args: >
             -Dsonar.host.url=https://sonarcloud.io
             -Dsonar.organization=codingworkflow
-            -Dsonar.projectKey=codingworkflow_claude-code-a-api
+            -Dsonar.projectKey=codingworkflow_claude-code-api
 
       - name: SonarCloud quality gate
         uses: SonarSource/sonarqube-quality-gate-action@v1.1.0
diff --git a/claude_code_api/core/security.py b/claude_code_api/core/security.py
@@ -136,7 +136,7 @@ def ensure_directory_within_base(
     resolved_path = resolve_path_within_base(path_value, base_path)
     _ensure_within_base(path_value, base_path, resolved_path)
     try:
-        os.makedirs(resolved_path, exist_ok=True)
+        os.makedirs(resolved_path, exist_ok=True)  # codeql[py/path-injection]
     except FileExistsError as e:
         raise _bad_request(
             f"Invalid path: {resolved_path} exists and is not a directory"
