Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sonarqube results #268

Open
k3it opened this issue Feb 2, 2022 · 3 comments
Open

sonarqube results #268

k3it opened this issue Feb 2, 2022 · 3 comments
Assignees
@xeraph
Labels
discussion question or suggestion

Comments

@k3it
Copy link
Contributor

k3it commented Feb 2, 2022

It appears that sonarqube flagged several issues with the code. Potential bugs as well as some security "hotspots". They do not appear as serious problems but would it be possible to address these to produce a cleaner sonarqube output?
@xeraph xeraph self-assigned this Feb 2, 2022
@xeraph xeraph added the discussion question or suggestion label Feb 2, 2022
@xeraph
Copy link
Contributor

xeraph commented Feb 2, 2022
edited

@k3it Would you paste that sonarqube output? You can drag and drop zip file to comment area.

@k3it
Copy link
Contributor Author

k3it commented Feb 2, 2022

hi
I'm not sure how to export the report from the Sonarqube community edition. it may be a paid only feature. here are a few screenshots:

image
image
image

@k3it k3it mentioned this issue Feb 10, 2022
Merged
@k3it
Copy link
Contributor Author

k3it commented Feb 12, 2022

here are the scan results from a forked repo

https://sonarcloud.io/summary/overall?id=k3it_CVE-2021-44228-Scanner

note 5 new vulns discovered related to constructing a path from the filenames..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xeraph xeraph

Labels
discussion question or suggestion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xeraph @k3it