We are using Sonarqube Developer Edition Version 10.0 to scan Native code.
Checking available Quality Profiles for Swift language, It only contains 1 rule regarding Vulnerabilities and 3 for Security Hotspots.
While SwiftLint reports seems to be supported, it does not contain rules regarding Vulnerabilities / Hotspots. Is there an alternative, like gosec go Golang or Brakeman for Ruby? Thank you in advance
We’ve just announced SonarQube 10.7 today. You’ll definitely seem some upgrades to Swift analysis since 10.0, although unfortunately no additional security-related rules.
Maybe someone else will chime in, but I’m not aware of any other analyzers for Swift.