Hi,
Does sonarqube analyse nuget packages for security and license issues like whitesource bolt?
Thanks!
Hi,
Does sonarqube analyse nuget packages for security and license issues like whitesource bolt?
Thanks!
Hi,
Welcome to the community
SonarQube performs static code analysis and SAST: Static Application Security Testing. It doesn’t do SCA: Software Composition Analysis.
HTH,
Ann