Guillaume Toison

My understanding is that Kotlin auto-generates getters and setters, so even if they are not written, the methods will be present in the bytecode analyzed by SpotBugs. Since the setter...

[Version 4.2.0](https://github.com/spotbugs/sonar-findbugs/releases/tag/4.2.0) introduced support to report issues in Kotlin code. Unless you think that these are false positives it's a feature, not a bug ;)

I will close this as there does not seem to be further questions, please don't hesitate to create a new issue

I ran into that issue while working into another problem with Gradle and could reproduce it all the time. It seems to me like the issue might actually be due...

Sorry for the belated answer, the project was a bit abandonned and I've started maintaining it about a year ago I'm running through the backlog of issues, but for this...

Sorry for the belated answer, I got involved in the project recently and I'm trying to look into the backlog of issues. I looked into the code and it seems...

I tried reproducing the issue but seem to get "\u0000" as expected with this query: http://sonarinstance/api/rules/search?rule_key=findsecbugs:FILE_UPLOAD_FILENAME with sonarqube 8.4.2 and 8.9 so I think that issue was solved

I'll close this issue as I'm not able to reproduce it, please do not hesitate to open a new one in case there's still a problem

Hello, The SpotBugs plugin uses [RulesDefinitionXmlLoader](https://github.com/SonarSource/sonarqube/blob/master/sonar-plugin-api/src/main/java/org/sonar/api/server/rule/RulesDefinitionXmlLoader.java) from the SonarQube API to load rules from XML files. It looks like this class does not handle OWASP categories (it does not call...

It is possible to link rules definitions with security standards since SQ 7.3 according to: https://jira.sonarsource.com/browse/SONAR-10986 Before that rules had tags and that's what the SpotBugs plugin does, for instance...