Analysis of related files in SonarLint


(Roger Larsson) #1

Found some issues today - SonarLint only analyses the file you are editing not all files that depends on it. As an example

class Test {
public Result method();
}

users somewhere else does
Test a;
if (a.method() == null) do;

then Test is changed to

class Test {
@Nonnull public Result static method();
}

Code still compiles and links, but the user should have been changed to
if (Test.method() == null) do;
but wait it can no longer return null, so code should be removed…


After upgrade to SQ 6.7.5 target/sonar/issues-report/issues-report-light.html is not produced
(Roger Larsson) #2

Is this handled by Sonar Pull Request analysis? (Assuming yes, if not I consider that a bug)


(Julien Henry) #3

Hi Roger,

SonarLint only trigger analysis of the currently edited file. Analyzing all dependent/depending code can be a bit expensive, not talking about how to compute this dependency graph.

You can manually trigger a full analysis of your project, if you want to check such cross-file issue.

The PR analysis is theoretically able to detect such issue, but we are not reporting them, since we only report issues on files added/changed in the PR. That’s something we are considering to change.

++