We discuss to use SonarCloud for private project with paid Organization. And I have 2 questions about TERMS OF SERVICE FOR SONARCLOUD( https://sonarcloud.io/terms.pdf).
As for 7.1., I found the statement that “Company claims no intellectual property rights or licenses to any source code you upload or link to Service”. If we use SonarCloud, Dose sonarscanner run on our local PC and the only results of scan are uploaded to SonarQube DB on AWS? The source code that is the target of scan is uploaded to SonarQube DB or SonarQube server?
As for 7.3., I found that this statement that “Company does not pre-screen source code, but Company and its designees have the right (but not the obligation), at their sole discretion, to refuse or remove any source code that you have provided” According to this statement, it seems that you(sonarsource) refuse or remove source code at your sole discretion. In what case, do you refuse or remove our source code?
For question 1, I have one more question. When we scan source code on SonarCloud, the scan runs on server? Can you tell me the flow of scanning source code? (The following flow is correct?)
sonar scanner runs on users’ local PC
The result of scan and source code are uploaded to SonarCloud DB
The result is reported on SonarQube server
For question 2, I understant that you don’t assume particular case.
I have one more question. I understant that the price (min : 10€/100K LoC, Month) is charged to the organization. If user in my team who is not belong to existing private organization for my team want to scan source code as another private project, is it necessary to pay for one more price?