Hi Team,
-
which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
SonarQube 8.9 Enterprise Edition -
what are you trying to achieve
Trying to write a custom rule for verifying presence of trojan source code vulnerability across various language files (C++, C#, JS, Java etc)
https://trojansource.codes/trojan-source.pdf -
what have you tried so far to achieve this
Understood that it might be possible via custom rules, but not sure how to write one (or which template to use for writing the custom rule)
Rules | SonarQube Docs