Hi,
Does sonarqube analyse nuget packages for security and license issues like whitesource bolt?
Thanks!
Hi,
Welcome to the community
SonarQube performs static code analysis and SAST: Static Application Security Testing. It doesn’t do SCA: Software Composition Analysis.
HTH,
Ann
1 Like