Groovy vs. Java Scan Results

SQ Version: 8.2 (build 32929)

I have a project with a groovy file and equivalent java file. The SonarQube Java scan finds many more vulns than the Groovy scan. Seems like SQ Groovy support isn’t as robust as Java support? But…could be a mis-configuration on my side. Any guidance would be appreciated.

Groovy support is provided by a community-supported plugin (Inform-Software/sonar-groovy). If you have feedback for them, I’d recommend you get in touch with the maintainer!