Custom Security Profile

jairmenezes · June 12, 2021, 9:09pm

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
what are you trying to achieve
what have you tried so far to achieve this

SonarQube 8.9
Hi guys,

Is creating a custom security profile a good practice? What is the best way to do it without having duplicity?

Thanks,

Jair Menezes

ganncamp · July 13, 2021, 6:13pm

Hi Jair,

In fact, it’s not a bad idea. The taint analysis rules would all be on by default (if you’ve got Developer Edition) but some of the other rules may be off by default. Creating a custom profile would allow you to turn them on.

Great question! Inheritance is the way to go here.

HTH,
Ann

Topic		Replies	Views
How to set customized rules from Sonarqube and get report for all issues SonarQube Server / Community Build sonarqube	7	1961	April 27, 2021
When scanning code with SonarQube Developer Edition, I want to scan for only one security rule SonarQube Server / Community Build	3	186	June 22, 2023
Security issues SonarQube Server / Community Build	2	269	August 11, 2022
Custom Quality Profile Plugin Development sonarqube	1	406	October 2, 2020
Enterprise level sonar profiles upgrade SonarQube Server / Community Build sonarqube , scanner	1	32	October 21, 2024

Custom Security Profile

Related topics