So i am scanning this javascript, typescript project which contains react as well but there is a file not being scanned i get a missing blame warning.
Hello Habibou
Welcome to the community.
- which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)?
- what are you trying to achieve?
- what have you tried so far to achieve this?
I see the “missing blame information” warning in your screenshot image.
Troubleshoting is a great place to start. Enabling debug mode on SonarQube and the SonarScanner would be great. This will give you more detailed logging to understand how to fix this.
—
Regards,
Thanks Monty,
i am using the Developper Sonarqube version 9.0.0.45539.
I am trying to scan some javascript code.
So far its scans well but i inserted this malicious script <script>document.write(window.location.search)</script>
but it doesn’t detected it in the index.js file. As you can see for that index.js file in the screenshot i get a warning. so i am wondering if i am scanning that file corectly
Were there additional hints in the logs after you turned on debug?
I used the Debug method there was not any additional information
Would you zip up your $SONARQUBE_HOME/logs directory and attach for me to see? (Or you can send to me in private if you prefer.)
I would appreciate to have a conversation over email and send that private than here since im scanning sensitive code. Thanks