Vulnerabilities (Go) doesn't show in Developer Edition?

I have SonarQube Developer Edition, with Checkstyle EXTERNAL ANALYSERS (8.40), Flutter (0.40) & SonarQube License Check Plugin (5.0.0-beta-3) plugins installed.

SonarQube should found vulnerabilities in that code but can not. Is that bug/misconfiguration or my version not support this?

Hey there.

SonarQube doesn’t currently support detecting SQL injection vulnerabilities in Go code, which I suppose is what you’re looking for based on the screenshot. You’ll notice that Go isn’t mentioned on SAST Testing | Code Security & Analysis Tools | SonarQube.

You can vote on this feature in our roadmap:

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.