... codebase
To demonstrate how you could start remediation by targeting most severe “Security Hotspots” (in SonarCube lingo it’s highlights of potential severe vulnerabilities) I did a quick tour on SonarCube web UI digging in to SQLInjection: https://www.youtube.com/watch?v=yBeJr38DAFE