Sonarqube and vulnerability report


(Mahzad Zahedi) #1

I have downloaded community sonarqube 7.4 . I want to analysis C++ code . Sonar C/C++ family is supported in developer edition. Is there any way to analysis C++ code with security ralated rules free (using community edition) ?

I have used sonarLint Visual studio 2017 but it shows “static analysis not supported with current platform toolset.” Why? Is sonarLint just for smell items?!

(Loïc Joly) #2

Hello Mahzad,

SonarLint :sonarlint: for Visual Studio will analyze Visual C++ projects that use the standard platform toolsets, but for instance using VisualStudio to run the clang compiler is not currently supported. What platform toolset are you trying to use?

If your C++ code is open-source, you can also analyze it for free on SonarCloud :sonarcloud:.