With the entered code here, I am trying to build a project on springboot. I am using AES encryption in my project. I am keeping the password(key) of AES in the application properties. The variable ...

have a correct method to remove unique method or line from check coverage sonar? like //NOSONAR? I've tried but I wouldn't like to have to use sonar.exclusions= in my sonar-project.properties file

I’m currently running SonarQube code analysis through Jenkins as part of my CI pipeline. In the Jenkins pipeline, I’m passing the SonarQube project name, project key, and authentication token to ...

According to the Sonar Cloud Documentation it is possible to use wildcards in the sonar.javascript.lcov.reportPaths following the Test Coverage parameters guideline for wildcards. However, when trying ...

I’m working with a custom Quality Profile for the Natural language in SonarQube. so even after deploying the latest version of the plugin on the quality default profile its showing “Sonar way (...

In a pipeline (Jenkins Version 2.496) script block; I have an environment params variable defined with 4 & to pass multiple values; SET tools_params=mainBranch=%default_branch%^&...

I have the following update_sonar job in my CI pipeline: stage: update_sonar allow_failure: false image: sonarscanner:4.7-n14 tags: - "ocp_l" script: - sonar-scanner -...

We recently upgraded our codebase from Java 17 to Java 21. During our Maven build, we use the following Azure pipeline tasks to run SonarQube: - task: SonarQubePrepare@7 inputs: SonarQube: '...

I try to set up a simple CI pipeline in gitlab with sonarqube. I don't know how I can start the sonarqube server inside the CI pipeline and access it. I tried the following CI pipeline: image: ...

I am running a Jenkins a multibranch pipeline with SonarQube scanner. It looks like the scanner requires target branch of the PR to be fetched in order to run the analysis but Jenkins is only fetching ...

How can I analyze a PHP project that doesn’t have a “Build” stage? I have the following pipeline: trigger: branches: include: - '*' pool: vmImage: 'ubuntu-latest' variables: # Sonar-...

I'm trying to integrate SonarQube scanner into a TeamCity build configuration. I have installed the Sonar Runner plugin and set the build step to use scanner version 4.2.0, and run a build with the ...

I am working on a custom SonarQube plugin for a programming language that are not supported by the conventional sonar plugin. My current task is to implement a feature where lines containing a ...

I need to know how I can find the JARs without the vulnerabilities. I have an application, lets say, service A, now when I build this application, Sonar points to the list of vulnerabilities and ...

When I open a PR on GitHub, SonarQube Cloud checks the source code and reports any problems. I also have the IntelliJ plugin "SonarQube for IDE" installed. By connecting the IDE plugin to ...