Using the latest community edition of Sonarqube sonarqube-10.0.0.68432.zip I installed the Dependency-check plugin from the marketplace.
After running dependency-check on the files in my repo and producing the relevent JSON anf HTML files (I checked the files for content) I run sonar-scanner with the following lines in the sonar-project.properties file
sonar.dependencyCheck.jsonReportPath=dependency-check-report.json
sonar.dependencyCheck.htmlReportPath=dependency-check-report.html
The output from sonar-scanner shows that the fies are getting uploaded
Sensor Dependency-Check [dependencycheck]
INFO: Process Dependency-Check report
INFO: Using JSON-Reportparser
INFO: Linking 124 dependencies
INFO: Upload Dependency-Check HTML-Report
INFO: Process Dependency-Check report (done) | time=592ms
INFO: Sensor Dependency-Check [dependencycheck] (done) | time=593ms
Yet in the UI when I am in the project --> More --> Dependency-Check I get the error "Page extention failed"
I have run sonar-scanner with debug and checked the logs on the sonar server but have not been been able to find anything.
the link to the page is /project/extension/dependencycheck/report_page?id=test&qualifier=TRK
What are my next steps ?
So it seems that although the current bianry available via the Sonar Marketplace is advertised as compatibile with Sonar CE 10, on the plugin GitHub site there is a new version that came out this week. I switched the Marketplace version (3.0.x) for the latest version (4.x) and all is well.
Case closed :-)