docs: 📝 add disclaimer for pure esm package #3

	name: sonarcloud
	on:
	push:
	branches:
	- main

	jobs:
	tests-coverage:
	uses: nodecfdi/.github/.github/workflows/test_coverage.yml@main

	sonarcloud-secrets:
	name: SonarCloud check secrets are present
	runs-on: ubuntu-latest
	outputs:
	github: ${{ steps.check-secrets.outputs.github }}
	sonar: ${{ steps.check-secrets.outputs.sonar }}
	steps:
	- name: Check secrets are present
	id: check-secrets
	run: \|
	if [ -n "${{ secrets.GITHUB_TOKEN }}" ]; then
	echo "github=yes" >> $GITHUB_OUTPUT
	else
	echo "github=no" >> $GITHUB_OUTPUT
	echo "::warning ::GITHUB_TOKEN non set"
	fi
	if [ -n "${{ secrets.SONAR_TOKEN }}" ]; then
	echo "sonar=yes" >> $GITHUB_OUTPUT
	else
	echo "sonar=no" >> $GITHUB_OUTPUT
	echo "::warning ::SONAR_TOKEN non set"
	fi

	sonarcloud:
	name: SonarCloud Scan and Report
	needs: ['tests-coverage', 'sonarcloud-secrets']
	if: ${{ needs.sonarcloud-secrets.outputs.github == 'yes' && needs.sonarcloud-secrets.outputs.sonar == 'yes' }}
	runs-on: 'ubuntu-latest'
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Unshallow clone to provide blame information
	run: git fetch --unshallow

	- name: Obtain code coverage
	uses: actions/download-artifact@v4
	with:
	name: code-coverage
	path: coverage

	- name: SonarCloud Scan
	uses: SonarSource/sonarqube-scan-action@v4
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

Provide feedback