SonarQube for MSBuild - End Analysis failure

Have spent more that 20 hours on this issue, but could not resolve. Requirement - SONARQube integration with MSBuild in visual studio online. Steps followed - To Setup SONARQube-5.6 A Windows...

Memory leak in scanner plugin only in iOS 10

I have a cordova(currently 5.3.3) project that uses the phonegap-plugin-barcodescanner (v 6.0.1). Recently I have encountered what I believe is a large memory leak of some kind in iOS 10. When...

SonarQube jenkins plugin returns "Server returned HTTP response code: -1, message: 'null' for URL: https://api.github.com/user"

I'm getting the following response while trying to run sonar-scanner from Jenkins per pull request - org.sonar.plugins.github.PullRequestProjectBuilder: Unable to perform GitHub WS operation:...

Integration Test for Jira Is Not Running ( Failed to execute goal com.atlassian.maven.plugins:maven-jira-plugin:6.2.3:integration-test)

I am trying to execute an integration test for my jira plugin, however, the installation of the component fails for some reason. Do you have any suggestions where to dig? Following is the...

jax rs service on wildfly doesn't seem reachable?

When deploying a jax-rs service on wildfly, I keep getting a 404 not found. My webservice class: package org.declercq.reportbuilderback.webservices; import java.util.List; import...

Admin notifications from WooCommerce not working, customer notifications are

I have a WooCommerce store here: http://vanuatucoffeeroasters.com Sometime between Jan. 17 and Jan. 26, the admin email notifications stopped working. However, when I place an order, I get a user...

"Exception caught while parsing Xanitizer XML report file" : ParserConfigurationException occurs while running SonarQube Scanner for Ant Task

I'm trying to setup SonarQube with Xanitizer on my local machine so that the findings of the last generated Security Findings XML, get picked up by the SonarQube Plugin for Xanitizer so that it...

cordova barcode scanner plugin not loading in iOS after granting camera access

I'm using the cordova barcode scanner plugin for my hybrid iOS mobile app. The issue I'm having is on initial use of the scanner, if the user has not granted camera permission it prompts for...

Sonarcloud failure with Travis, Maven & github

A project I work on (eclipse/scanning) uses Travis and Sonar for continuous integration and code analysis. Last week, I noticed that builds were failing at the sonar step with: ERROR: Error during...

Groovy pipeline in Jenkins duplicate class definition for name: "lib/lib"

We have Jenkins with a couple of plugins. Including the Groovy-Pipeline plugin. Problem is that Jenkins sometime does not run and we get the message: Sep 12, 2017 3:33:16 PM...

Wordpress plugins won't deactivate?

I haven't been able to deactivate any plugin for 3 days. When trying to deactivate a plugin, Wordpress shows me the classic success message, but the plugin stays activated. I also have troubles...

Windows docker image using nano server as base image is unable to launch bamboo remote agent on nano server

I have created a Windows docker image using nano server as the base image and installed dot net core SDK on it as nano server is a lightweight operating system. I have also downloaded and set the...

Can SonarQube be used as a Static Application Security Testing (SAST) tool?

I'm looking for a Static Application Security Testing (SAST) tool and I can't afford the commercial products (eg. Checkmarx). SonarQube is a great static code analysis tool but I notice that there...

Loading Jenkins Job Configure page is slow w/o running jobs

Currently when we tried to open Jenkins configure page, it takes round 45 seconds while for other pages like requesting a view of a job or looking into a console output it's takes less than 3...

How to fail a TFS build based on Fortify scan results

From a PowerShell query, how can I get the count of new critical or high vulnerabilities from a Fortify security scan of .NET code? The query should not include any findings already on the SSC...

Sonarqube upgrade to 6.7: Unrecoverable indexation failures

Currently we are in middle of upgrade process from v4.5.7 to v6.7.1. SonarQube is successfully upgraded to v5.6.7 (including DB upgrade) and currently in the process of updating to v6.7.1. New...

How to use sonarcloud with travis?

Description We are already using sonarqube locally and we want to use it for our open source projects. This is an example OpenSource project we are trying to...

Rails project not detected by gitlab SAST

I have a rails project hosted on gitlab and I would like to use the SAST gitlab app to run code analysis on my code. When I run SAST on my machine, It works fine: docker run \ --env...

glassfish exception while deploying .war file

I'm trying to deploy my maven project to Glassfish 4 but I get the following exception when it fails to deploy Error occurred during deployment: Exception while loading the app : CDI deployment...

Path traversal vulnerabilities not found at Scala code

I have been trying to scan my code by using SonarQube + FindBugs + FindSecBugs plugins. The idea is to detect vulnerabilities in the code, and as it says in the github project subject, it works...

SonarQube does not display Bandit's Python security vulnerability report

Overview I'm using SonarQube 7.4.0.18908 to gather code coverage and perform static code analysis for a Python 3.6 project. The server is running in AWS. Things are working as expected (see...

my project spring boot not deploy in glassfish 4.1

My problem arises in the deploy of glassfish and if execute springApplication the project execute good. my project does not deploy in glassfish, I add my build gradle and stscktrace: ...

Python OWASP ZAP API doesn't seem to successfully authenticate http basic

I have a problem with using the API to do an authenticated scan of a website that I made. This (test) website uses HTTP Basic authentication. When initiating the scan it can't seem to find the web...

Integrating SonarQube within AWS CodePipeline: Connection Refused

tl;dr CodePipeline crashes on the mvn sonar:sonar line of my buildspec.yml file with the following log (I formatted it a bit for better readability): [ERROR] SonarQube server...

Jenkins build with kubernetes integration fails with No such DSL method error

My jenkins multi branch pipeline job failed due to DSL method failure, i installed required plugin but still my job is falling, please find the below code. def label =...

Jenkins Pipeline Error : java.lang.NoSuchMethodError: No such DSL method 'withSonarQubeEnv' found

I am using a declarative jenkins pipeline and trying to integrate sonarqube step. However, when I am running the build I am getting "java.lang.NoSuchMethodError: No such DSL method...

How to cure ASM issues with TomEE 8.x, Hibernate 5.4 and Java 8?

According to this page, TomEE 8.0 is compatible with Java 8: http://tomee.apache.org/master/docs/java-compatibility.html However, I am getting some issue setting up a project with TomEE and...

Google Tsunami Security Scanner not working as expected

I have an Ubuntu VM 20.04LTS where I installed tsunami-security-scanner and also run the docker example with a vulnerable image. The example works as expected founding a vulnerability:...

Reactjs npm test: Jest encountered an unexpected token

I'm getting an error when running npm test. I feel like I have tried every existing suggestion online, but I can not get it to work. Here is my package.json. I thought the...

Getting zero coverage on sonarQube after publishing sonar report via ci-pipeline

I am working on a maven project and want to setup sonar in ci-pipeline. Below is my sonar setup script in gitlab-ci.yml. before_script: - | run_mvn() { mvn -B \ -s...