Using Developer Edition Can't Find Injection Rules

Sonar Version: 8.1-beta
Sonar Edition: Developer LIcense

I have recently upgraded to the developer edition of sonarqube. I am looking at the available rules for PHP, and cannot find the following:

I have installed the PHP plugin. Is there anything special i need to do to make that rule available to sonar?


Welcome to the community!

You shouldn’t need to install anything, the 8.1 bundle should have already included all the relevant pieces. If you had previously manipulated the install (other than via the in-app Marketplace) you probably want to simply re-expand the zip and go from there.

With all the pieces in place, you can find the taint analysis / injection detection rules via the Repository facet on the rules page. Look at the “Security SonarAnalzyser” repo for each relevant language.