Hello,
There is no automatic way to extract the results as a CSV file nor to recompute the ScoreCard. The script provided by the OWASP Benchmark for SonarQube is outdated, no longer work and no one took the time to update it.
I produced these figures using a custom script relying on the SonarQube/SonarCloud API to extract the results as JSON data and then I compared that with the expected/not expected file.
If you are using my version of the OWASP Benchmark you will see that I sorted the test cases into different sub-directories so it’s easier to review manually.
Did you manage to reproduce the speed of analysis?
Alex