How are bugs and vulnerabilities detected?

docestavivo · April 28, 2021, 7:15pm

Hello,
I am doing a work at the university on your tool and I would like to know how SonarQube detects bugs. I know the definition, but how are the rules designed to detect both bugs and vulnerabilities?

How is the evidence tracked?

I hope you can answer me, thank you.

Colin · April 29, 2021, 8:34am

Hey there.

Heaps of our analyzers are open-source (like SonarSource/sonar-java). That might be a good start.

Topic		Replies	Views
What are the vulnerabilities that sonarqube scans for? SonarQube Server / Community Build	2	466	April 12, 2019
A problem about SonarQube SonarQube Server / Community Build java	1	329	January 6, 2023
Can we get vulnerabilities detection in Sonarqube Community Version SonarQube Server / Community Build sonarqube , coverage	9	177	August 23, 2024
Find and add new vulnerabilities in to sonarqube community edition SonarQube Server / Community Build java , sonarqube , scanner	1	413	September 28, 2020
Unable to get bugs and vulnerabilities report in Sonar Qube 7.0 SonarQube Server / Community Build sonarqube , scanner	5	913	December 13, 2022

How are bugs and vulnerabilities detected?

Related topics