How to activate security rules?

(Barry Kaplan) #1

SonarQube 7.7-community

There is a message for our projects

“Additional security-related rules are available but not active in your profiles”

But I cannot seem to see how to active these. Indeed I can’t even find which rules are enabled.

For javascript, the quality profile is “Sonar way Recommended”. There is also the option for “Sonar way”. Could this be related? What is the difference? (I see the comparison feature)