Adding reserved domain patterns to SonarQube's security exception list

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    Not applicable for implementation change.

  • how is SonarQube deployed: zip, Docker, Helm
    Not applicable for implementation change.

  • what are you trying to achieve
    I am proposing to update the security exception list in SonarQube by adding the .test and .example top-level domains in accordance with RFC 2606. Given that domains such as example.com and test.com are already permitted, I believe it is consistent and appropriate to also allow these top-level domains, which are reserved for testing and documentation purposes.

  • what have you tried so far to achieve this
    Not applicable for implementation change.

Here is the PR I implemented

1 Like

Thanks @wozitto for the feedback. I created a PR containing your changes.

1 Like