How to Sonarqube Vulnerability Rules Upgrade Or Additional Plugin vs.?

Hello there,

I am new using sonarqube, I am using Community Edition Version 8.0 (build 29455)LGPL v3. But most of my projects are in VB.NET language. Some of my projects are in c# language.

When I check the Sonarqube product, I see that there is only 1 vulnerability rule for VB.NET. There are a total of 15 vulnerability rules for the C# language. These numbers are pretty minor checkpoints for me. Is there 1 piece of vulnerability check that sonarqube supports here? Is there a utility/plugin that can be added to the product to increase this number? There are 7 rules for and 35 for csharp in the rule list published by the sonarqube community at the link below, but 1 vulnerability rule appears in my sonarqube interface.(Rules explorer ) How can I edit it? How can I add the missing rules myself?

I especially want to make the necessary security checks on my open web applications. For example, I want to control SANS or Owasp Top 10 control items in my project written in VB.NET on sonarqube. In this way, can I implement security standards in my sonarqube project?

Thank you for your help.


Welcome to the community!

Your version is past EOL and we’ve added a number of rules since it was released. You should upgrade to either the latest version or the current LTS at your earliest convenience. That will bring you the missing rules.