Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Sonar Qube Tutorial
Clone this wiki locally
There are some chance that the FindBugs plugin have already includes FindSecurityBugs rules. Make sure you are using the latest version.
Use a FindBugs profile
By default, the profile is defined to
Sonar way. Select one of the two security profiles
FindBugs Security Audit or
FindBugs Security Minimal.
The issues found by FindSecurityBugs will presented in the same as Sonar rules.
Browse to the issues
Creating custom profile
If you are building a custom profiles, you can find all the security rules by selecting the repository Find Security Bugs.