I’m currently using SonarQube Community Edition 9.9. I have a couple of questions I’d appreciate some clarification on:
SQL Injection Analysis in Community Edition 9.9: - Can the Community Edition 9.9 effectively analyze and detect SQL injection vulnerabilities in my codebase? I’m trying to understand the capabilities of this specific version in this regard.
LTS Version Support and Upgrade: I noticed in the official documentation that 9.9 is referred to as an LTS (Long Term Support) version. However, I also see references to a 2025.1 LTS. Given that we are in 2025, should I be planning to upgrade my SonarQube instance from 9.9 to the latest LTS version (e.g., 2025.1 )? Or will 9.9 LTS continue to receive support for a significant period? I’m trying to determine the recommended upgrade path and support longevity for my current version.
Any insights or guidance on these points would be greatly appreciated!
The ability to detect injection vulnerabilities (SQL or otherwise) is not available in the Community Edition of SonarQube, including version 9.9. This feature is only included in the Developer Edition and higher.
There is no longer an LTS/LTA version of SonarQube Community Edition.
You should ultimately target v25.6 but you’ll have to ugprade to v24.12 first. This calculator comes in handy.