Off-hand it doesn’t look like you’re doing anything wrong. Based on the other values I see in your project homepage, it looks like you’re dealing with a fairly small, fairly clean code base. Are you sure that there are currently vulnerabilities that analysis should be picking up?
As a side note, if your project is pure JavaScript, there’s no need to define sonar.java.binaries in your analysis properties.
hi,
Thanks for your answer,
i think we should have any vulnerability, our project has more than 42K lines so is not a small project for this reason i think we should have some vulnerability. And our project is a React Native project so most of the code is JS but we have implemented some native java code for the android features.
Thank you!!