Philipp Dallig

This is due to SonarQube settings, which prohibit inline scripts for security reasons. There is nothing you can do.

> @Reamer Do you know if this stands for sonar's v10.6 explicitly or it affects all of the 10.x releases? This should apply to all versions

@dependabot rebase

@dependabot rebase

@dependabot close

Checkout https://github.com/dependency-check/dependency-check-sonar-plugin/pull/900 security Hotspot are deprecated and have not been properly removed. I will therefore close your request.

Based on https://github.com/dependency-check/dependency-check-sonar-plugin/issues/952#issuecomment-2612480396 Security Hotspots are not deprecated anymore. Here the rule must be added again in the plugin. PullRequest is welcome. You can then activate the security hotspot rule...

You can implement the use of the hotspot rule globally at the following location. 

I have just reactivated the security hotspot feature in the master branch. https://github.com/dependency-check/dependency-check-sonar-plugin/pull/1059

Sorry for the late response. Please use the report the goal `dependency-check:aggregate` to create a report in the parent module. Take a look at the Maven example project. https://github.com/dependency-check/dependency-check-sonar-plugin/tree/master/examples/multi-module-maven