sonar-runner

问题 We are using sonarqube and we love the way it works. we are trying to extend sonarqube to enhance in security aspects also. I tried to find some security plugins for sonarqube 6.x to detect vulnerabilities for Java language. But I couldn't find any plugins. I wonder, if there is any plugins for finding vulnerabilities in sonarqube. So 回答1: The SonarQube 7.2 Developer Edition($) (E.T.A. early June 2018) will include a security rules to detect SQL injection vulnerabilities. 来源： https:/

问题 Using sonar-scanner failed with an ERROR, although the Get bootstrap completed step ran successfully before. Seeing org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarQube More details: /opt/sonar-scanner/bin/sonar-scanner -X -Djavax.net.debug="ssl,handshake" -Dsonar.projectKey=project-header-forwarding -Dsonar.projectName=project-header-forwarding -Dsonar.projectVersion=0.0.80 -Dsonar.sourceEncoding=UTF-8 -Dsonar.host.url=http://my-sonarsystem:9000 -Dsonar

来源： https://stackoverflow.com/questions/23567128/sonar-runner-doesnt-index-any-files

问题 SonarQube Server 5.1.2, Sonar-Runner 2.4 As provide in Multi-moduleProject i have created a project structure as Accounts | ->invoice | ->src ->receipt | ->src ->sonar.properties File:sonar.properties sonar.projectKey=org.mycompany.acc sonar.projectName=Account sonar.projectVersion=1.0 sonar.sources=src sonar.modules=invoice,receipt invoice.sonar.projectName=Invoice receipt.sonar.projectName=Receipt When execute with above configuration in sonar-runner i encountered with error "src" folder is

问题 When running Sonar Runner 2.4 against SonarQube 5.1 RC2 I get this error: ERROR: Error during Sonar runner execution org.sonar.runner.impl.RunnerException: Unable to execute Sonar at org.sonar.runner.impl.BatchLauncher$1.delegateExecution(BatchLauncher.java:91) at org.sonar.runner.impl.BatchLauncher$1.run(BatchLauncher.java:75) at java.security.AccessController.doPrivileged(Native Method) at org.sonar.runner.impl.BatchLauncher.doExecute(BatchLauncher.java:69) at org.sonar.runner.impl

问题 Can anyone help me in getting solution for the below error. Below are the version of the components to configure SonarQube 5.1.2 Soanr-Runner 2.4 Java 1.7 [ I have to use 1.7 only since my code supports only 1.7 ] mavn 3.3.9 sonar-cobertura-plugin-1.6.3 sonar-findbugs-plugin-3.3 cobertura 2.6 Execution command mvn -fn -e org.sonarsource.scanner.maven:sonar-maven-plugin:RELEASE:sonar -Dsonar.jdbc.url="jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8

问题 Can anyone help me in getting solution for the below error. Below are the version of the components to configure SonarQube 5.1.2 Soanr-Runner 2.4 Java 1.7 [ I have to use 1.7 only since my code supports only 1.7 ] mavn 3.3.9 sonar-cobertura-plugin-1.6.3 sonar-findbugs-plugin-3.3 cobertura 2.6 Execution command mvn -fn -e org.sonarsource.scanner.maven:sonar-maven-plugin:RELEASE:sonar -Dsonar.jdbc.url="jdbc:mysql://localhost:3306/sonar?useUnicode=true&characterEncoding=utf8

问题 I am using Sonarqube 5.1 with MsBuildSonarRunner for my c#.net project analysis. Sonarqube 5.1 has come with C# 4.1 plugin, Recently I upgraded to 4.2. I have created a quality profile with ONLY Fxcop rules . I have followed the steps mentioned in Sonar site for analysis. In analysis, I see that FXcop rule violations are captured. But when I browse to SonarDash board, It shows technical debt as 0 and issues as 0. I have reviewed my steps many times and I don't see any mistakes from my side.

问题 I can make Sonar scanner work with OpenJDK 8 but not with OpenJDK 11. The Maven command used is: mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent verify sonar:sonar -Dsonar.analysis.mode=preview -Dsonar.report.export.path=sonar-report.json -P ci The build fails with: [ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.0.905:sonar (default-cli) on project framework-bio: Execution default-cli of goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.0

问题 What I am doing? I am currently working on setting up Continuous integration / delivery pipeline for front end applications. We are planning to use SonarQube as code quality tool and want to import junit test results/code coverage in SONAR for further analysis. I was able to successfully import javascript code coverage report to SONAR. We are using Gulp / Karma / PhantomJS / Jasmine etc and using Karma coverage / Junit reporters to generate test results. Junit test file name is TEST-xunit.xml