Philipp Dallig

Hi @quinnturner, could you please add a small yarn sample project. So that we are able to generate a dependency check report with yarn dependencies.

Thank you for your screenshots. I was able to reproduce your problem (thanks to the little red arrow). Unfortunately, I don't know how to fix this. The whole injecting of...

@rupreck I would be grateful if you could open a PR for this.

Could you please provide the log output.

> Please let me know if any other logs or information is needed. Thank you. That logs are from the SonarQube-Process. I need the debug log of the SonarQube-Agent. The...

I tried using ExternalIssue (https://github.com/dependency-check/dependency-check-sonar-plugin/tree/external_issue) and took a fresh look at AdhocRules, but unfortunately the functionality is limited compared to the current solution. AdHocRules have neither a tag nor a...

In general, we need to analyze the dotnet project file so that we can link new SonarQube issues against parts of this file. I am not a dotnet developer, maybe...

This plugin converts all vulnerabilities found by dependency-check into SonarQube issues and tries to link these issues to a project file (e.g. pom.xml, package-lock.json ...). So this project file must...

Are you able to reproduce the bug with the [multi-module-maven example](https://github.com/dependency-check/dependency-check-sonar-plugin/blob/master/examples/multi-module-maven) project?

@kauppine The pull request feature is commercial, so I can't verify this. If you can improve this plugin with the pull request feature, I would be very grateful for pull...