I’m wondering if sonar is able to check during a code analysis availability of public packages. In our env. we have got a lot of different code languages used (.NET, python, C, JS …). It happens that during an attempt of building something we detect a required package/library is not available anymore. I’d like to perform scanning of any declared requirement before actually using it.
Is sonarqube able to do such a task? Maybe do you know another solution for that?
Hey there.
SonarQube doesn’t support this. SonarQube is meant to run after code is successfully built (and assuming a public package is missing… your build will just fail, hopefully with a helpful error message).
1 Like
Roger that