Analyze generated code with SonarAnalyzer

eugeniolt · December 2, 2021, 9:17am

Hello,

In SonarQube we have configured the analysis of the files generated by using sonar.scm.exclusions.disabled=true, but using Visual Studio we have the SonarAnalyzer.Csharp and we want it to also analyze the files generated. We try creating a .editorConfig with generated_code=false but this active all other analyzers like Stylecop but the SonarAnalyzer is not activated. Could you tell us how to activate the analysis of the generated code for the SonarAnalyzer?

Julien_HENRY · December 2, 2021, 9:32am

Hi @eugeniolt

Just for clarity, you are not using SonarLint right? But directly reference SonarAnalyzer.Csharp as NuGet package in your project?

eugeniolt · December 2, 2021, 9:33am

We are not using SonarLint, we are using SonarAnalyzer.Csharp as NuGet package.

Andrei_Epure · December 10, 2021, 1:35pm

Hi @eugeniolt

You need to configure a SonarLint.xml configuration file for your project(s).

You can find instructions in our README .

After you generate the SonarLint.xml, update the following setting to true

    <Setting>
      <Key>sonar.cs.analyzeGeneratedCode</Key>
      <Value>true</Value>
    </Setting>

eugeniolt · December 21, 2021, 3:42pm

We have been doing tests and we have managed to activate the SonarAnalyzer for all the generated code using:

    <Setting>
      <Key>sonar.cs.analyzeGeneratedCode</Key>
      <Value>true</Value>
    </Setting>

Now we want is to exclude some folders and files from the analysis, but we have tried putting it in the SonarLint.XML file and we have not succeeded:

    <Setting>
      <Key>sonar.exclusions</Key>
      <Value>**/Fakes/*.*, **/rules.cs</Value>
    </Setting>

Could you tell us how do it?

duncanp · January 14, 2022, 2:14pm

@eugeniolt there isn’t currently a Sonar-specific way to exclude C# files or folders from analysis.
It is on the roadmap for 2022 for SonarLint for VS.

As you are using the SonarAnalyzer.CSharp NuGet package directly, you can use standard VS Roslyn features to configure the analysis. You might be able to use an .editorconfig file to disable rules for specific set of files or folders.

eugeniolt · February 7, 2022, 9:02am

We have been doing various tests with the .editorConfig and the SonarAnalyzer.CSharp totally ignores any configuration put in the file.

Andrei_Epure · April 1, 2022, 1:27pm

Hello

Sorry for the late answer.

The .editorConfig exclusions are at rule level. So you’d need to configure each rule for each file.
e.g.

[**/Exclude/ThisShouldNotBeAnalyzed.cs]
dotnet_diagnostic.S1186.severity = none
dotnet_diagnostic.S1144.severity = none