Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider incorporating the f# security rules by Scott Wlaschin into this plugin #96

Open
richardjharding opened this issue May 19, 2020 · 6 comments
Open

Consider incorporating the f# security rules by Scott Wlaschin into this plugin #96

richardjharding opened this issue May 19, 2020 · 6 comments
Labels
enhancement help wanted

Comments

@richardjharding
Copy link

As it currently stands this plugin and @swlaschin's sonar fsharp security plugin cannot coexist in Sonarqube as they both define the same sonar language and "sonar way" profile

I've been able to install both by removing the language and profile in fork of Scott's plugin but it would be better, in my opinion, to combine the plugins into one?

If you have some pointers on how you think this could be done I'd be happy to take a shot at it (dont have any experience building these plugins!)
@swlaschin
Copy link

This might be my fault as I just copied this repo as a template :)
Sorry Richard, I saw the issue you raised on my repo but never got round to responding.

My repo is not active at the moment -- I wrote it to satisfy requirements for a specific project which is no longer needed.

I'm happy to discuss any options to resolve this issue:

  • change the sonar lang/profile on my plugin to avoid a collision
  • merging the two plugins somehow
  • etc etc

I'm not a sonar expert, so I'm happy to take advice.

@swlaschin swlaschin mentioned this issue May 19, 2020
Open
@milbrandt
Copy link
Collaborator

Hello, I would be happy if you could support here and bring in your additional scannings.
As the state was somewhat outdated and no longer working I got access from @jmecosta to fix the issues on my own.
I know there are a lot of open points still in - but at least it is now working and we have it running in our production SonarQube 8.2 installation.

Additionally we should rework some parts to support the current FSharpLint rules - and they are currently working an an release 1 there which will bring again several breaking changes.

@richardjharding
Copy link
Author

great I'll have a go at bringing in Scott's security scanner into this plugin first

@jmecosta
Copy link
Owner

jmecosta commented Jun 7, 2020

sorry also for the delay jumping on this, @richardjharding that would be welcome. @milbrandt next month i will also be able to work on the plugin to bring to latest sonar versions!

@MNie
Copy link

MNie commented Jul 23, 2021

@jmecosta, @richardjharding is there any update on that? Maybe is it possible to help you guys with that?

@jmecosta
Copy link
Owner

@MNie you are welcomed to provide a pull request. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jmecosta @swlaschin @richardjharding @MNie @milbrandt