Is there any way to enable SQL injection screening for python?

stanley_chan · May 24, 2021, 12:57am

I am using SonarQube 8.9 LTS

I found that there are 172 rules are listed in 8.9 LTS for Python but the SonarDoc shows 179 rules
I am trying to screen SQL injection bugs form my program, however SonarScreen didn’t return any issue to my SonarQube
my Code : Select CUST_ID, NAME FROM CUSTOMER WHERE CUST_ID = %s"

Jeff_Zapotoczny · May 24, 2021, 8:17pm

Hi Stanley,

Based on the count of rules you mentioned, I can conclude you’re running the Community Edition of SonarQube.

We have a rule covering SQL injection for Python which is available in all commercial editions of SonarQube. Fill out the form if you’re interested in a trial license!