Avoid the use or report of sonar.exclusions

  • which versions are you using - SonarQube 8.9.2 LTS
  • what are you trying to achieve - Avoid or report the use of sonar.exclusions
  • what have you tried so far to achieve this - Found nothing relevant or working

Hello everybody,
I would like to block our developpers to use sonar.exclusions to avoid the sonar analysis.
I doubt that there is a way to block it but I would like to know if there is a way to emit a report (mail) when an analysis using it is possible.
Thanks for your help,

You’ve raised a very important point, but it seems we’re on our own, see this thread

Guess we will need to diff their sonar.exclusions with the sonar.exclusions configured at
Sonarqube server and break the build if there is more excluded.
Still considering how to implement that for Maven pipelines using the sonar:sonar goal , any ideas !?
Will use api/settings/values?keys=sonar.global.exclusions and compare it with the given
property sonar.exclusions from the pom.
The tricky part is, when the global setting uses glob patterns and sonar.exclusions has absolute path.