SonarQube Scanner 184.108.40.2067
So what I am trying to do here is use Sonarqube as the static analysis engine for code checking. Not interested in unit tests results etc just the built in code analysis rules and reporting.
Now this is due to the fact that I may not have access to all the resources required to build a project and for my purpose I don’t need them - only the source code.
As an example a vendor delivers a binary without source which required decompiling and analysis performed against it.
Is there a way to leverage the analysis only without requiring a build? This should be possible given the way the rules are written but is it possible through the the scanners - I believe it used to be possible with the CLI and this is a very useful feature.