From ebc96e5846dd10084d73796c4a98d4a7c78dd82a Mon Sep 17 00:00:00 2001
From: ShaoHua <345265198@qqcom>
Date: Tue, 2 Dec 2025 14:28:21 +0800
Subject: [PATCH] fix workflow: remove github dependency + duplicate scan

---
 .gitea/workflows/sonar-scan.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.gitea/workflows/sonar-scan.yml b/.gitea/workflows/sonar-scan.yml
index f86129e..209cacb 100644
--- a/.gitea/workflows/sonar-scan.yml
+++ b/.gitea/workflows/sonar-scan.yml
@@ -41,5 +41,9 @@ jobs:
             /d:sonar.language="csharp" `
             /d:sonar.exclusions="**/obj/**,**/bin/Debug/**" `
             /d:sonar.coverage.exclusions="**/Test/**,**/*.Tests.cs"
+            
+            /d:sonar.dependencyCheck.enabled=true `
+            /d:sonar.dependencyCheck.nuget.enabled=true `
+            /d:sonar.dependencyCheck.reportPath="./dependency-check-report.xml"
           dotnet build --configuration Release
           dotnet sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
\ No newline at end of file