Hi @Andrei_Epure, thanks for the response.
I’m actually not running retrieving the Roslyn ruleset directly with SonarLint; instead, we wrote a custom script that generates it. So the script itself could support grabbing the rules from that repo and mapping it onto the SonarAnalyzer.Security analyzer.
Considering the aforementioned analyzer does exist in a NuGet by the same name (as used in SonarScanner for MSBuild), it seems like I’d technically be able to just point to that NuGet locally and use the analyzer within. Is there any other technical limitation that would prevent me from doing that? Can I just host that NuGet myself and use it as such (or better yet, do you guys provide some distribution channel for it)?
Thanks!