Sonarqube report invalid columns #16
Comments
Merged
|
After further investigation it looks like the position libsast is retrieving is the position of the match from the beginning of the document |
|
Yes that's what I meant by the start and end "index". It would probably be preferable to add the column matching in libast and applying them on mobsfscan rather than simply removing them from mobsfscan. |
|
Yes, but meanwhile I created a PR to remove the columns, this way we can import it on sonarqube and another to insert the match on the description |
|
PR is merged. |
|
Hi @ajinabraham - could you make a release including this fix? We'd like to report our results to sonarqube. |
|
Will do shortly, I am working on some fixes and this will go along. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The startColumn and endColumn attributes of the sonarqube json output are respectively the start index and end index of the vulnerabilities. Sonar is thus unable to import the vulnerabilities.
The start and end column should be added to libast in order to easily get this value in mobfscan.
The text was updated successfully, but these errors were encountered: