March 1, 2023, 1:36pm
Due to deprecated versions in java dependencies this gives the possibility of verification of the existence of a version using xpath:
on the following code:
Is there a way to check if the all versions below 10.16.7 are also present in the code? What I could find is that we could do the following:
Is then there a way of automated verification of what is the latest version on a given website
https://www.anypoint.mulesoft.com/exchange/com.mulesoft.connectors/mule-salesforce-connector/ to adjust the rule accordingly?
March 2, 2023, 2:52pm
You shouldn’t need to write anything custom for this – there’s already a template rule to let you achieve this! S3417 -
XML static code analysis: Track uses of disallowed dependencies
March 2, 2023, 3:35pm
Thank you for the information. Could you please be more specific on how is that supposed to work in an existing Self-Hosted version? Is that somehow automated in the existing rule set?
March 2, 2023, 3:37pm
Check out the documentation on
March 2, 2023, 4:07pm
Thank you for the documentation. Is there command line to verify the same?
March 6, 2023, 9:13am
I’m not sure what you mean by “command line” in this context.
March 6, 2023, 11:07am
I was checking the documentation, and I didn’t find nothing. Therefor I was wondering if there could be command line commands to adjust the verification of the version accordingly to what you have mentioned S3417. Let me know if I can clarify you further.
March 8, 2023, 12:42pm
I was able to locate the mentioned rule at
https://sonarqube.server.com/coding_rules?is_template=true&open=xml%3AS3417 that seems to have the need for customization. Is there the possibility to link that rule to a particular website where the values would be then updated accordingly?
March 8, 2023, 3:45pm
No, the configuration must be stored in SonarQube as a part of the Quality Profile.
It sounds like you might be interested in a more sophisticated SCA (Software Component Analysis) tool. SonarQube offers a few rules around this, but it’s not comprehensive.