Using Dependency-Check with VSTS and SonarQube
Welcome to the second part on Dependency-Check. Please make sure that you have read part one and got a working suppression file. Otherwise, you will get a lot of vulnerabilities reported in SonarQube. In this post, I use Visual Studio Team Services (VSTS) for my build pipeline. You can use different services to reach the …