SonarLint and Neutral Quality Profile

[apieraf]

Hi,

When I try to bind a project in eclipse with SonarLint, with a SonarQube project, eclipse shows me the next error

The profile neutral-neutral-13672 has only one rule Using Components with Known Vulnerabilities

I need fix that issue to work with eclipse, sonarlint and dependency-check

Thanks in advance

[stevespringett]

Dependency-Check SonarQube plugin is very specialized by providing visibility to one of the OWASP Top Ten issues, specially 'A9: Using Component with Known Vulnerabilities'. As such, there is only one rule.

I cannot simply create random rules to satisfy the requirement of some other plugin. I would recommend filling an issue with the Sonarlint team to support plugins containing only one rule.

[apieraf]

I think that is a problem of dependency check plugin, specifically the quality profile that creates the plugin, because when I uninstall the plugin, SonarLint works fine. Anyway I'll talk to the team SonarLint