- I am using SonarQube6.7.5 with the Sonar Scanner and the FindBugs Plugin.
- I want a SonarQube report containing multiple vulnerabilities.
I scanned the bodgeit application which is designed to contain vulerabilities but the Sonar Scanner doesn’t find anything but Code Smell. (https://github.com/psiinon/bodgeit)
Is this a normal result ?
Thanks for the help!