Skip to main content

Scan Start

The extension does not start a new scan in DerScanner. When starting a scan in SonarQube, the extension loads the last scan results for the specified DerScanner project (Project UUID field in the settings). The extension stores the vulnerabilities found by DerScanner in the SonarQube database, then you can work with them like with other SonarQube objects (lower/increase priority, set assignee, etc.).

Part of vulnerabilities in Java, JavaScript and Python may not be displayed in the SonarQube interface. For a complete list of vulnerabilities go to the DerScanner.