Currently we are using soarqube v8.9.6 - Community edition. we need Groovy plugin for code scan which is not bundled in sonarQube Package. we have checked and found that sonar-groovy-plugin-1.8.jar is compatible with v8.9.6. we installed and getting the below pop up -
installed at own risk
could you please tell me what will be the risk in order to install the same.
I would suggest taking a look at the documentation on Install a Plugin
Plugins are not provided by SonarSource, and you therefore install them at your own risk. A SonarQube administrator needs to acknowledge this risk in the Marketplace before installing plugins or when prompted in SonarQube after installing a plugin manually.
This encompasses all kind of risk – like poor functionality, security issues, or a plugin that stops being maintained for some reason (and might lock you to an older SonarQube version).