I am using below configuration for SonarQube for my lua project.
This shows only code smells not bugs and Vulnerabilities.
I wanted to know if it requires any specific report to be passed for sonar.externalIssuesReportPaths in order to show the bugs and vulnerabilities.
I have tried it with TAP
luacheck * --formatter TAP > luacheck.tap
sonar.luacheck.reportPath = ./luacheck.tap
However, it is not able to show the bugs and vulnerabilities.