During one of the last evenings I decided to read and learn more about static source code review. In the past I had a pleasure to create (more or less) 'automated' tools to do it. This time I decided to not to start "from the beginning" but instead of: to learn more about SAST and SonarQube scanning scenarios. Here we go...