Sonar Qube Vulnerablility checking for Libraries

Hi All,

We are using a Sonar Qube Developer edition (8.X).Currently there is no specific way to check the vulnerablity for library files. Upon checking there is a plugin available for this

dependency-check/dependency-check-sonar-plugin: Integrates Dependency-Check reports into SonarQube (

Is it possible to use this plugin on Developer version, Can some one support on this .

We use this extension on developer edition, works great. Keep in mind that the plugin only reads the report into sonarqube, it does not generate the report. To generate the report you will have to run the dpendency check commandline tool as well in your pipeline.