Findbugs can not work as exception

Hello, best wishes to u~
I download the findbug plugin in the marketplace,but it didn`t work as expection.

Must-share information (formatted with Markdown):
My vesion is:

SonarQube: 7.9community
Plugin: Findbugs 4.0

My Vulnerable Code is like this:

  public List<Map<String, String>> execSQL(String id, String name) {
        String sql = "select * from city where name = '" + name + "' and id = '" + id + "'";
        return gisDao.execSQL(sql);

I have acitive it like this:

I except the plugin --Security - Potential SQL Injection can find it is wrong, but the result is nothing to find.
Any help will be appreciate.


Neither spotbugs/sonar-findbugs or find-sec-bugs/find-sec-bugs are developed, maintained or supported by SonarSource. You should reach out to the maintainers for any questions you have.

Thank u for your help. But what I use is SonarQube and can I look for sonarqube help in here? :sweat_smile:

SonarSource is the company that makes SonarQube, SonarCloud, and SonarLint. :slight_smile: You’re on the SonarSource Community right now!

Community-supported plugins, like spotbugs/sonar-findbugs (which you installed on your instance) are just that, community supported! Just not… this one, on theirs. :slight_smile:

I wonder whether I config the wrong quality profile to make the plugin dosen`t work as exception.
Do you have any idea about the plugin not working?
It troubles me several days, any help will be appreciate.
best wishes!

You’ll need to make sure a Quality Profile that this rule is activated in is assigned to your project!

But I really encourage you to get in touch with the plugin maintainers if you have trouble getting the rule to trigger on your code. I’ve linked the repositories in my previous posts.

It`s so kind of you to help me to fix me problem.
I will try to get in touch with the plugin maintainers, thank u !

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.