Integrates Dependency-Check reports into SonarQube v5.1 or higher. If components being analyzed by Dependency-Check are non-source files (jar, dll, etc), then the value of sonar.import_unknown_files needs to be set to True in the SonarQube configuration.
$ mvn clean package
Finally, deploy the resulting jar to your SonarQube extensions->plugins directory
Dependency-Check Sonar Plugin is Copyright (c) Steve Springett. All Rights Reserved.
Permission to modify and redistribute is granted under the terms of the LGPLv3 license.