Scanner command used when applicable (private details masked)
Languages of the repository : C#
I am on paid version of SonarCloud and have configured analysis through Azure Pipelines for legacy ASP.NET Monolithic application with 24K LOC. This application has been developed over last few years. So, I expect lots of bugs, Vulnerabilities and code smells, but the analysis shows zero bugs, and Vulnerabilities and very less code smells. Not sure what is wrong.
Thanks Ann, for your response.
Not sure what do you mean by “Scanner for .NET”. We have configured the analysis as Azure Pipeline. Plese have look at the attached snaps.
Yes, per the docs, it looks like you have the right steps in place: prepare, run, publish.
Could you share your analysis log?
The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.