SonarQube Developer Edition
Is it possible for write a new detection rule for PHP leveraging the existing SQ’s taint analyzer for PHP? Can we do it in the Developer Edition? Instead of inventing a wheel it could be easier to reuse SonarQube’s taint analysis engine and just work more on adding sources, sinks, sanitizers, passthroughs.