Hey there.
Thanks for the follow-up.
SonarQube itself houses the implementation of SVN integration (not the scanner), and the problem is well summarized in this post – essentially, SonarQube uses SVNKit, which uses Trilead (which doesn’t support the algorithms you were using)
So there’re 2 solutions: 1) configure server to allow algorithms supported by the client; 2) fix the client (‘trilead’) to support those algorithms.
There might be a third option – in v1.10.5 of SVNKit, the maintainers introduced support for an Apache sshd based implementation of svn+ssh:// (SVNKIT-759) which supports newer algorithms.
While SonarQube v8.9 LTS uses an older version (v1.10.1), the latest version of SonarQube (v9.6) uses v1.10.7. It is meant to be enabled using -Dsvnkit.ssh.client=apache – which would have to be passed to the scanner… and I’m not 100% sure it would be recognized.
I don’t have an SVN server to test this with – but you might be able to try it out when you arrive at a v9.x version. I’ll also flag this for some expert attention to see if it sounds feasible (or if we want to consider making this the default).