New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sonarqube report invalid columns #16
Comments
After further investigation it looks like the position libsast is retrieving is the position of the match from the beginning of the document |
Yes that's what I meant by the start and end "index". It would probably be preferable to add the column matching in libast and applying them on mobsfscan rather than simply removing them from mobsfscan. |
Yes, but meanwhile I created a PR to remove the columns, this way we can import it on sonarqube and another to insert the match on the description |
PR is merged. |
Hi @ajinabraham - could you make a release including this fix? We'd like to report our results to sonarqube. |
Will do shortly, I am working on some fixes and this will go along. |
The startColumn and endColumn attributes of the sonarqube json output are respectively the start index and end index of the vulnerabilities. Sonar is thus unable to import the vulnerabilities.
The start and end column should be added to libast in order to easily get this value in mobfscan.
The text was updated successfully, but these errors were encountered: