Hi,
Welcome to the community!
We try to keep it to one topic per thread. Otherwise it can get messy, fast. I’ll make a pass at these questions, but if you have followups, I reserve the right to ask you to create new threads.
Maybe not. It depends on the languages in question. For Java and C#, most of what’s needed is picked up automatically from the build environment. For the rest, you can set things that are standard across projects, like sonar.host.url in the scanner configuration and pass the rest on the analysis command line. So yes, there’s still some configuration per project, but maybe not as much…? The docs will get you started.
Ehm… it sounds like you’re interested in Security Reports, which are available starting in Enterprise Edition($$)
You’ll find the available formats are downloadable from the UI. The best way to master the API is to perform the desired action via the UI and eavesdrop to see which calls the UI made to accomplish the action.
You may also find this guide helpful.
HTH,
Ann