Difference between rules and rules in quality profiles / Oracle security guidelines

Hi,

Don’t be silly. Some threads go days or weeks without response. :slightly_smiling_face:

This is really two different questions for me. The underlying rule implementations are indeed, and necessarily, updated when you upgrade SonarQube* (and thus the underlying analyzers). Built-in profiles, such as Sonar way, are also updated automatically with upgrades. Generally that means new rules are added, but it could also mean that thresholds are changed and occasionally rules are removed. If you have custom profiles that are inherited from Sonar way, they’ll inherit those updates as well.

 
HTH,
Ann

*The ability to independently upgrade analyzers outside a SonarQube upgrade is being removed.