SonarQube Quality Gate

How i can create Conditions for only check if the project has a vulnerabilities with Severity Medium or Hight or Critical .

which mean if the application vulnerable to Sql injection or owasp top 10 severity Medium or Hight or Critical the quality gate not passed . other pass .

im not looking for code quality or bugs or best Practices only iam looking for Vulnerabilities . which is the correct condition for that .


Welcome to the community!

In order to set a Quality Gate condition, there must be an underlying metric on which to set the condition. We do not collect metrics for e.g. Blocker Vulnerabilities or any other specific severity/type combination.

You’ll need to choose between setting a condition on Vulnerabilities of all severities or Blockers &etc of all types.