SonarCloud properly decorates bugs, vulnerabilities, and code smells in Azure DevOps pull requests. But it doesn’t add any comments about security hotspots.
Is there a way to configure SonarCloud to also decorate security hotspots?
If there isn’t then can some security hotspots be saved as vulnerabilities as a workaround? This question raised because we used to have the S1525 rule (“debugger” vulnerability in TypeScript) that has been marked as deprecated and became a part of a security hotspot now which is not decorated in pull requests.