Consider incorporating the f# security rules by Scott Wlaschin into this plugin
Opened this issue · 6 comments
As it currently stands this plugin and @swlaschin's sonar fsharp security plugin cannot coexist in Sonarqube as they both define the same sonar language and "sonar way" profile
I've been able to install both by removing the language and profile in fork of Scott's plugin but it would be better, in my opinion, to combine the plugins into one?
If you have some pointers on how you think this could be done I'd be happy to take a shot at it (dont have any experience building these plugins!)
This might be my fault as I just copied this repo as a template :)
Sorry Richard, I saw the issue you raised on my repo but never got round to responding.
My repo is not active at the moment -- I wrote it to satisfy requirements for a specific project which is no longer needed.
I'm happy to discuss any options to resolve this issue:
- change the sonar lang/profile on my plugin to avoid a collision
- merging the two plugins somehow
- etc etc
I'm not a sonar expert, so I'm happy to take advice.
Hello, I would be happy if you could support here and bring in your additional scannings.
As the state was somewhat outdated and no longer working I got access from @jmecosta to fix the issues on my own.
I know there are a lot of open points still in - but at least it is now working and we have it running in our production SonarQube 8.2 installation.
Additionally we should rework some parts to support the current FSharpLint rules - and they are currently working an an release 1 there which will bring again several breaking changes.
great I'll have a go at bringing in Scott's security scanner into this plugin first
sorry also for the delay jumping on this, @richardjharding that would be welcome. @milbrandt next month i will also be able to work on the plugin to bring to latest sonar versions!
@jmecosta, @richardjharding is there any update on that? Maybe is it possible to help you guys with that?