Hi together,
until today I thought only Security Hotspots are not discovered by SonarLint.
But what about javasecurity:S5145 (vulnerabilities)? I see an issue in SQ but not in SonarLint?
Can someone please explain this to me?
thanks
Hi Mark,
Advanced vulnerabilities based on our taint analysis engine (rule keys starting by xxxsecurity:) are not detected directly in SonarLint. For the moment, the engine requires to analyze the entire project, that would not suit well in SonarLint.
If you are using SonarQube or SonarCloud, and if SonarLint is connected to the server, SonarLint should display the taint vulnerabilities found on the server. Is it not the case?
1 Like
Hi Julien,
thanks
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.