We are using Sonarcloud for scanning our Java GitHub repositories.
In the Sonarcloud project page, we are seeing the following warning message:
Dependencies/libraries were not provided for analysis of SOURCE files. The ‘sonar.java.libraries’ property is empty. Verify your configuration, as you might end up with less precise results.
Does this mean that the source code did not undergo vulnerability scanning?
We are seeing this pretty much for all of our repositories.
How should we resolve this?