Difference Between Code Coverage and Security Checks in SonarCloud

Hi,

I’m looking to understand if a zero code coverage means SonarCloud doesn’t scan for vulnerabilities and security issues, or if these are separate aspects.

Thanks for your insights!

Hi,

Welcome to the community!

These are entirely separate. Coverage is about test coverage, which we read from any coverage reports you feed into analysis. Finding issues is an innate part of analysis.

 
HTH,
Ann

Hi Ann,

Thank you for the response and for clarifying the distinction.

Best regards,
Bousselham