Differences between sonarqube community and developer

Hello there,

I am interested on Sonarqube developer edition, but one of my main doubts about it is if Sonarqube developer have more rules for the languages that you’re already allowed to use in the community edition, I mean, seems that the community edition doesn’t cover all the owasp top ten at least in the javascript scanner, so is there any real difference between the rules you can use using the free edition and the developer edition talking about the rules?

Thank you all in advance

Hello Tary,

The Developer Edition has more rules than the Community Edition, yes. At the moment, DE has injection rules (i.e. taint-analysis) while the CE does not have these rules.
You can see which rules are available where on rules.sonarsource.com. For example, have a look at the bottom of JavaScript static code analysis: HTTP responses should not be vulnerable to session fixation.