SQL code in XML

edmund · March 11, 2021, 2:57pm

I’m evaluating use of SonarQube. We have a lot of SQL code in our project. We have the SQL code embedded in XML files in CDATA tags. Will SonarSouce scan SQL inside XML file tags?

Here is an example:

	<CreateFunctionSQL>
		<![CDATA[
create function dbo.UFN_STATUSBATCH
(
	@BATCHSPONSORSHIPID uniqueidentifier
)
returns table
as

return
(
	select
		ID
		,ROW_NUMBER() OVER (ORDER BY ID) AS SEQUENCE
	from 
		dbo.USR_BATCHSPONSORSHIPSTATUS
	where
		BATCHSPONSORSHIPID = @BATCHSPONSORSHIPID
);
	
		]]>
	</CreateFunctionSQL>

Colin · March 11, 2021, 3:00pm

Hey there. It will not. The SQL code would need to be extracted to plain .sql files in order to be analyzed.

edmund · March 11, 2021, 3:02pm

Thanks for your quick reply!

edmund · April 9, 2021, 4:30pm

Is there any way to add this functionality on my own to the product?

Topic		Replies	Views
PLSQL analysis of SQL statements inside XML SonarQube Server / Community Build plsql	1	662	September 7, 2018
One XML, Two languagens in the same file. How to Analyze? SonarQube Server / Community Build sonarqube	3	151	April 15, 2024
Sonarqube coverage for SQL code analysis SonarQube Server / Community Build plsql , jenkins , dotnet	4	5314	August 4, 2020
Would sonarqube support to scan the sql usages of tk.mybatis and mybatisPlus? SonarQube Server / Community Build sonarqube	3	608	December 13, 2021
Issues in Testcode SonarQube Server / Community Build java , sonarqube , scanner	16	131	March 20, 2025

SQL code in XML

Related topics