Must-share information (formatted with Markdown):
- 8.3.1 (SonarQube, Scanner, Plugin, and any relevant extension)
- Azure DevOps Quality Gate controls based on Sonar Security Vulnerabilities
I’m looking for how to properly do this. I’ve written scripts to pull from the API “Critical” and “blockers” but it is mostly pulling things like Code Smells, and not exactly “Security” issues. What is the proper way to pull security only related issues from the API?