Sonarsource rules vs Sonarqube rules

Hello,

I’ve been discovering Sonarqube 7.7 for a few days, but I’m having a little issue with the rules : I can find some on SonarSource but I can’t find them installed natively on Sonarqube (https://rules.sonarsource.com/java/type/Vulnerability/RSPEC-5146 for example). I tried to check the patch notes version from 7.7 to 7.8 in case I missed something but didn’t find any useful information concerning my problem.

Does anyone have a link or suggestion ? I don’t know where else to search for where those rules might come from.

Thanks for your time.

Hi.

This rule is part of the commercial ($$$) editions of SonarQube.

Hello @lenaick_gouriou,

To add to Felipe’s right answer, I would recommend you to ask for a trial license of one of the commercial editions of SonarQube (a.k.a. Developer, Enterprise or Data Center, according to your needs, volume and the features you’re interested in). You can find the link here, just select the correct edition and fill in the form :slight_smile:

I hope you’ll enjoy all the additional features you will find in commercial edition, on top of additional rules, especially in security area! And we just released the 7.8 SonarQube version, with a lot more on Security. See here!

Carine

Thanks both for your helpful replies ! I’ll see for a trial license when I’m a bit more comfortable with Sonar :slight_smile:

Regards,
Lénaick