I’m using the latest open-source version of SonarQube and the PHP plugin. I have reviewed the sonar-php codebase, there is no code related to taint analysis, symbolic execution, these features are only available in the developer version?
Hi @d1tto,
welcome to the community.
Yes, indeed. Taint analysis and advanced bug detection are available starting from the Developer edition. However, you can test and use these features on SonarCloud for open-source projects for free.
Best,