I want to know if files with the suffix. java can analyze SQL issues or vulnerabilities?
If I want these contents to be analyzed, is it feasible to select the SQL language in the language management module and add files with a suffix of .java?
SonarQube supports a few rules regarding SQL statements embedded in Java files you can find here.
However for full T-SQL analysis, they would need to exist in seperate files (with a .sql extension) and analyzed as such, without any of the Java code.
