Installing dependency-checker

Must-share information (formatted with Markdown):
*** which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)**
Sonarqube 9.5, Dependency-chcker 3.0.1. Running in Windows

  • what are you trying to achieve
    I am trying to run and to config correctly the dependency checker module. Everytime I run an scan I get a message “No HTML-Report found. Please check property sonar.dependencyCheck.htmlReportPath”, nevertherless I am not able to find that archive into my sonarqube files. I did install the plugin from the marketplace and I did the configuration through the Sonarqube configuration panel. (So, I haven’t touched any file yet). I have read the documentation and seems that I need to config a Pom file, however I am not able to locate any pom file.
  • what have you tried so far to achieve this
    -Installing manually
    -Modifying the configurations to set my own path to the html file.

Thank you all in advance, this is my first time using Sonarqube and implementing such tool, so maybe I am misunderstanding something.


Per the plugin readme:

This SonarQube plugin does not perform analysis , rather, it reads existing Dependency-Check reports. Use one of the other available methods to scan project dependencies and generate the necessary JSON report which can then be consumed by this plugin. Refer to the Dependency-Check project for relevant documentation.

So you’re going to need to run Dependency Check before SonarQube analysis.