Rules available in which Sonarqube edition


I’m using SonarQube 7.9.1 Community Edition. Now I got notice of an injection vulnerability in Java via Paths.get() and wondered why SonarQube doesn’t report an issue on my code. According to the rules explorer a rule exists: and it should be available in SonarQube, but I cant find it in my own SonarQube instance.

Is there a way I can tell from the rules explorer for a specific rule in which edition this rule is available?

Hi @fxmi,

As expressed in these other threads:

These rules about detection of injection especially are only available for our commercial editions of SonarQube, or for Open Source project on SonarCloud. You consequently won’t find them in the community edition.