|
java:S2637 false negative together with lomboks log annotation
|
|
2
|
17
|
January 30, 2026
|
|
False negative: S4434 LDAPDeserializationCheck
|
|
1
|
24
|
January 5, 2026
|
|
False Negative: NullMarked Class must use Nullable for equals parameter
|
|
2
|
82
|
December 26, 2025
|
|
False Negative - SQL Injection (S3649) from azure functions HttpRequestData in c#
|
|
4
|
63
|
December 9, 2025
|
|
Secret analysis not picking up plaintext passwords in Terraform
|
|
6
|
98
|
August 29, 2025
|
|
S2259 in Community Edition v9.9.5 (build 90363)
|
|
4
|
70
|
July 31, 2025
|
|
FN on S4449 in SonarQube Server for jspecify @NullMarked annotation
|
|
6
|
172
|
May 16, 2025
|
|
False-negative for S2183 in enum values
|
|
2
|
40
|
February 19, 2025
|
|
Pull Request analysis frequently falsely marks issues as resolved or misses issues
|
|
1
|
19
|
February 3, 2025
|
|
Highly strange behaviour of Sonar analysis surrounding usage of a lombok SuperBuilder class
|
|
4
|
221
|
January 31, 2025
|
|
java:S1128: false negative when Lombok log is used
|
|
6
|
1321
|
September 13, 2024
|
|
Scanning embedded SQL calls / FN SQL Injection for Python
|
|
4
|
461
|
May 29, 2024
|
|
False-negative Async suffix reported when the character 'a' or 'A' is in front of the 'Async' suffix
|
|
8
|
585
|
February 2, 2024
|
|
java:S116 does not check fields of test classes
|
|
1
|
525
|
December 15, 2023
|
|
A false negative about the rule RSPEC-3306
|
|
1
|
367
|
September 5, 2023
|
|
False Negative In rule python:S930
|
|
1
|
564
|
February 27, 2023
|
|
SonarQube reporting duplicate code for database entities
|
|
2
|
4900
|
January 23, 2023
|
|
FN about the rule S1068
|
|
1
|
1604
|
December 22, 2022
|
|
@WebService/@WebMethod not recognized as taint source
|
|
2
|
547
|
December 5, 2022
|
|
False Negative pattern not identified in javasecurity-rules
|
|
2
|
530
|
December 12, 2022
|
|
React Native SAST
|
|
1
|
811
|
February 21, 2022
|
|
SonarQube not finding C# issues that other static analysis tools found
|
|
4
|
2054
|
February 2, 2022
|
|
[java] A false negative about the rule RSPEC-4143
|
|
2
|
871
|
December 21, 2021
|
|
[java] A false negative about the rule RSPEC-1862
|
|
2
|
816
|
December 21, 2021
|
|
Make RSPEC-1751 detect if code block
|
|
4
|
910
|
December 17, 2021
|
|
Missed catch of SQL injection in PHP code with SonarQube Developer Edition
|
|
1
|
553
|
December 6, 2021
|
|
SonarQube is not able to find an error
|
|
0
|
424
|
November 12, 2021
|
|
FromRawSql detection in EF Core?
|
|
6
|
1257
|
November 2, 2021
|
|
Java S4544 @JsonTypeInfo on Interface
|
|
2
|
717
|
October 19, 2021
|
|
False negative using Collections.unmodifiableList() on store part for rule java:S2384 - Mutable members should not be stored or returned directly : a view is stored not a copy
|
|
2
|
1214
|
October 18, 2021
|