Comments (5)
Hi @cynthiabaran , really sorry for delay. About the timestamps on report, the insider have a -force
flag that generate reports without timestamp and will override existent report files.
About the sonarqube report, I think that we should create a new flag -format
for example, and specify a type of output report, something like this:
$ insider -tech javascript -target <dir> -format sonarqube
This will generate a report in sonarqube format, if this flag is not informed, we generate the "default" report that we generate today. What do you think? And again, sorry for delay.
from insider.
Hey @cynthiabaran
I liked your naming convention sugestion.
What do you think guys @hermescanutodesouza @bieeldeveloper @GouveaHeitor
from insider.
Hi @cynthiabaran,
First of all, I would like to thank you for opening this issue!
This kind of functionality is very interesting, I believe that we can work on that...
But, if you find it interesting, feel free to open a PR with this implementation, it will be very welcome!
Thx!
from insider.
I actually did it 3 days ago, but one day later you guys released v2 😅
Sooo I'll have to rewrite some stuff, but probably I'll be able to contribute. This feature is important for us.
You okay with my suggestion for the naming convention of the rules' ids?
from insider.
Another issue worth discussing is the name of the SonarQube report.
I just noticed that in v2 you've added a timestamp to the name of the report file. That's kind of an issue when adding this tool to automatic CI pipelines, since it requires extra work for the pipeline script to figure out the name of the report to send to SonarQube.
Off the top of my head, I think we could output a fixed filename such as report-sonarqube.json
, dropping the timestamp for the SonarQube report. That is easy to implement, and we don't really need an unique timestamp for SonarQube reports since it keeps track of all analysis for us.
Any thoughts?
from insider.
Related Issues (20)
- 0 vulnerabilities reported for iGoat-Swift HOT 7
- 0 vulnerabilities found in Android library project HOT 4
- NewInputFile throws an unhandled exception, with both javascript and C# HOT 2
- Skip files based on pattern HOT 2
- More information about -exclude HOT 2
- Insider 3.0.0 Hung on macOS when running analysis on JS application HOT 1
- html report is not getting generated HOT 5
- How To Install It On Macbook HOT 1
- README is unclear about how the -security switch works HOT 3
- Add a per-directory config file
- docker version report is stored in the image HOT 2
- Add tool/scan metadata to .json results file
- iOS Code Scan issue
- Option to define custom reports Path and Name
- Severity is blank in the report HOT 1
- SVG path in React component is detected and constants as hard coded credentials HOT 1
- Install from Source Instructions Need Update HOT 1
- Ability to scan from gradle project
- Unable to install Insider CLI software in Windows 10
- insider for ARM based computers HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from insider.