- Operating system: MacOS Monterey
- IDE name and flavor/env: VSCode
Version: 1.67.1 (Universal) Commit: da15b6fd3ef856477bf6f4fb29ba1b7af717770d Date: 2022-05-06T12:37:16.526Z (6 days ago) Electron: 17.4.1 Chromium: 98.0.4758.141 Node.js: 16.13.0 V8: 188.8.131.52-electron.0 OS: Darwin x64 21.4.0
- SonarLint plugin version: 3.4.2
- Is connected mode used: Yes
- Connected to SonarCloud
And a thorough description of the problem / question:
I just tried to test finding a vulnerability in my code by adding a very clear/explicit vulnerability:
SonarLint didn’t find it. I waited 15 minutes after saving to see if it was just a time issue.
I tried semgrep which found and reported the issue nearly immediately in VSCode.
Any idea why SonarLint isn’t catching it?