sonar-shellcheck
sonar-shellcheck copied to clipboard
sbaudoin
SonarQube plugin to analyze Shell scripts with ShellCheck
During run of shellcheck extension in sonarqube the analysis is not detecting any duplications in result even when multiple duplicated files or lines are added.
Bumps [sonar-plugin-api](https://github.com/SonarSource/sonarqube) from 7.1 to 7.4. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [json](https://github.com/douglascrockford/JSON-java) from 20180813 to 20230227. Release notes Sourced from json's releases. 20230227 Pull Request Description #723 Protect JSONML from stack overflow exceptions caused by recursion #720 Limit the XML...
Good news ! In your readme we can read that our plugin is not compatible with shellcheck: https://github.com/sbaudoin/sonar-shellcheck#plugin-not-compatible-with-the-sonar-i-code-cnes-plugin As we have deprecated shell analysis in I-Code to use ShellCheck analysis...
The readme for this plugin says to use the standalone Sonar Scanner binary. I've configured my Jenkins pipeline according to the SonarQube documentation and use the Sonar Scanner Maven plugin...
We had installed ShellCheck plugin 2.4.0 on January, 2022, but it looks like this plugin got uninstalled automatically without any intimation or alert. When we are trying to install ShellCheck...
# which versions are you using SonarQube: `serverVersion=8.5.1.38104` shellcheck-plugin: `sonar-shellcheck-plugin-2.3.0.jar` sonar-scanner-cli (docker-image)=`4.50` # what are you trying to achieve checking a shell file and make the results visible in sonarqube...
Dear sbaudin, I am trying to enable static code analysis for shell scripts using SonarQube 8.0 (also tried with newest one - v9.0) and shellcheck plugin v0.71 and shellcheck analyzer...
Unlike other language plugin , no rules for Vulnerabilities or security hotspot for hardcoded password. Can you add a rule for checking this words for review ? (password, passwd etc.)...
Hi @sbaudoin, I tried to upgrade the plugin for SonarQube 2025.2. I upgrade JDK, dependencies, the code and the unitary test and integration test. I also upgrade Shellcheck rules with...
