Please provide
And a thorough description of the problem / question:
We want to configure the SonarLint only to alert the SW Eng. of Security Issues and NOT any other problem.
can anyone provide me with the best practice for it in the above configuration?
Thx!
Hi Eli,
Which IDE are u using?
Hi, we use IntelliJ and Eclipse.
Hello Eli,
Thanks for raising this need here. May I ask you a bit more details to understand where your request comes from and your use case ? Why do you want to focus only on security problems ? Why do you want to filter out other types of issues, like bugs or code smells ? What is your workflow ?
By security issues here I suppose you are talking about vulnerabilities that SonarLint is able to detect
We want to target only security issues to be raised (as-you-code), because in the past when all the rest was enabled it overwhelmed the developers and they were busy understanding what the problem was instead of fixing the security issues.