Must-share information (formatted with Markdown):
- which versions are you using: SonarQube - not sure of version
- how is SonarQube deployed: on-premises
- what are you trying to achieve: Vulnerability scan for Mendix deployment packages
- what have you tried so far to achieve this:
In Mendix studio pro you can “Create Deployment Package” from the App menu. This creates an .mpa file, which is basically a special zip package. This can be scanned as it contains java and JavaScript files.
My question is has anyone setup quality gates specific to Mendix?