We are looking for a way to Integrate sonarcloud code scanning alerts to Github advanced security interface. Source code is in C# , We are using dotnet sonarscanner which is integrated into Github actions workflow.
For Python scanning we are using sonarcloud github actions which shows code scanning alerts into Github advanced security tool. Whereas for compiled languages we don’t see this feature.
Hey there.
This should all happen automatically.
Yes Advanced security is enabled for this repo and project is bound
We are using trial license of SonarCloud, evaluating scanning on Github private repos
Thanks for the information.
Do you see vulnerabilities raised in SonarCloud for this project (the C# one)?
Yes, I see vulnerabilities raised by SonarCloud, it is added as comment as well on Github PR
I see its added only for the main branch