Hi All,
I am currently using the SonarQube 8.2 & need to integrate the Dependency Checker Sonar Plugin into the Quality gate?
Please if you can help on the same.
regards,
Sushil
Hi,
from what i read here GitHub - dependency-check/dependency-check-sonar-plugin: Integrates Dependency-Check reports into SonarQube ,
you need to set the severity =
To configure the severity of the created issues you can optionally specify the minimum score for each severity with the following parameter. Specify a score of
-1to completely disable a severity.sonar.dependencyCheck.severity.blocker=9.0 sonar.dependencyCheck.severity.critical=7.0 sonar.dependencyCheck.severity.major=4.0 sonar.dependencyCheck.severity.minor=0.0
Then your quality gate needs some conditions, i.e no new blocker / critical …
Gilbert
1 Like