Does sonar cloud store any code?

Hello All

Just a quick question.

Does sonar cloud store code?
What information is collected and stored on SC servers?

Thank you

Hello Asmgi,

Thank you for your interest in SonarCloud.

Yes. Code you scan for analysis is sent to the SonarCloud server for processing. Once your code is processed we also store the metrics and reports for you to access in the dashboard. SonarClound only keeps the latest version. Of course, we also need a few contact details to enable us to do business together.

You may find this link useful as well: https://sonarcloud.io/documentation/security/

I hope this helps.

Best regards,
Mark

2 Likes

@Mark_Clements
Thank you for the help!

I was a little confused. I understand it stores the metrics and reports. Does it also store the latest version of the actual source code that was scanned?

Thank you
Alex

Hello Alex,
Yes, that is correct.
Best regards,
Mark

1 Like

Hi @Mark_Clements. To be clear, does SonarQube, specifically the plugin for Azure DevOps (SaaS), expose any code outside of the Azure DevOps (SaaS) service?

Hello Trey,

Welcome to the community! Thank you for your interest in SonarCloud.

You mention SonarQube and you have come to the SonarCloud community forum. Assuming this is a SonarCloud question, please can you ask your security questions using the contact page: https://sonarcloud.io/contact

Kind regards,
Mark

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.