Product icon Dependency Check for SonarQube Cloud for SonarQube™ Cloud
by BITEGARDEN SOLUTIONS SL
Integrate your Dependency Check vulnerabilities in SonarQube Cloud
Try it free Buy Now

Add security insights from Dependency Check to your SonarQube™ Cloud analysis for smarter vulnerability management.

🔄 Seamless Integration Without Workflow Changes

Keep using Dependency Check just like you always have—no need to switch to SonarQube™ Server. With our plugin, you can easily import findings into SonarQube™ Cloud and enhance your security posture without disrupting your existing CI/CD process or changing tools.

Hihlight 1 image
Hihlight 2 image

⚙️ Simple Conversion and Fast Import

Effortlessly convert Dependency Check reports (JSON or XML) into a format SonarQube™ Cloud understands. Just run your scan, use our tool to convert the output, and import it directly using the sonar.externalIssuesReportPaths parameter. Security insights in minutes.

🔐 Unified View of Code and Dependencies

Bring Software Composition Analysis (SCA) into your SonarQube™ Cloud environment. Review both code-level and dependency vulnerabilities in one place. Make informed decisions, prioritize critical issues, and manage security without leaving your SonarCloud dashboard.

Hihlight 3 image

Latest version

v1.0.2

Released 2026-01-21

Commercial
SonarQube™ Cloud

SonarQube™ Cloud

Summary

Several bugs are fixed.

Details

Errors caused by incorrectly defining package.json have been corrected. Furthermore, when exporting to JSON, deleted vulnerabilities are now excluded.

Licensing and pricing

  • 14 days evaluation license
  • Including upgrades and support.
  • When you purchase the plugin you agree with terms and conditions.
  • Do not forget to include your email. We will send the license to that email.
  • PAYMENT METHOD: Credit card, PayPal or bank transfer

App cost

200€/ year

Per organization of SonarQube™ Cloud

Use this quick usage guide for SonarQube™ Cloud command-line plugin.

After downloading the product, run this command to see available options:

java -jar bitegarden-dependency-check-for-sonarcloud.jar --help

If you use a custom properties file, run it like this:

java -Dconfig.file=myreportconfig.properties -jar bitegarden-dependency-check-for-sonarcloud.jar

If you prefer command-line properties, run:

java -Dsonar.token=mytoken -Dsonar.organizationKey=myorg -jar bitegarden-dependency-check-for-sonarcloud.jar
Running with a license key

Once the evaluation period ends, use your license file with this command:

java -Dconfig.file=myreportconfig.properties -Dlicense.file=PATH_TO_LICENSE_FILE -jar bitegarden-dependency-check-for-sonarcloud.jar

You can include license.file in your config file or pass it directly via -D.

Support resources

Contact

bitegarden

support@bitegarden.com

Open from 08:00 to 17:00 +00:00

Submit support request
Help resources

Sonar Community

Engage with Sonar-hosted discussions where other customers discuss about plugins.

Track work items

Visit the tracker page to view existing bug reports and feature requests for this app.