How to scan .xaml files, macros and power shell scripts using SonarQube?

Hi, I work on a tool called UiPath, it’s kind of a drag-drop platform to build automation solutions. The UiPath projects usually will be built using the ( and the the code will be stored in .xaml files. Sometime developers invoke PowerShell, macros/VBA and custom C#/ code into these projects.

The goal here is to scan and analyze if there’s any security vulnerabilities, issue/bugs within these files using SonarQube.

I have used the MSBuild (14) and .net scanner (.NET Framework 4.6+), but the scanner is not considering .xaml files for checking. I have even added .xaml extension under the languages of ( in my local SonarQube server GUI for the POC and I am still getting the same message in CLI “No files found to analyze”

Kindly suggest me the right approach/the solution for the same.

Sreekanth P


Welcome to the community!

We simply don’t support XAML as a language to analyze. You may need to write your own analyzer.


1 Like

Could you please explain what do you mean by “write your own analyzer”?


I mean write a custom plugin to do the analysis you want.