I’m working on the PHP project some custom module like composer package will be downloaded in the vendor directory. Those modules need to scan for quality check using sonarQube. We need consider them while using Sonarlint and Sonar Scanner . Can you please help us, how we can achieve ?
Third-party libraries aren’t meant to be scanned by SonarQube – they include code that developers aren’t empowered to change, and are often packaged in such a way that makes static code analysis not very useful. SonarQube is intended to scan only the code that your developers are actually writing.