C# Rule query for csharpsquid:S2259

  • ALM used (Gitlab)
  • CI system used (Gitlab)
  • Languages of the repository (c#)

Hi,

we observed that in our gitlab pipelines, sonar jobs quality gate is failing from today oct6th morning IST hours with one of the rule “null on at least one execution path” and its showing as major bugs and showing C grade in Summary dashboard. The same was working fine without any bugs till yesterday.

sample bug: ‘locationView’ is null on at least one execution path . Rules - ntgfreight (sonarcloud.io)

As i checked in C# quality profiles, C# ruleset was not updated in the last 3 months and also i dont see any update happenend in the last 24 hrs. But still suddenly we see there is an issue popping from C# ruleset when there was no rules updates done by sonarway builtin profile.

i also see similar ruleset from VB.net had an update in the last 30 hours which is having ruleset code Available Since vbnet:S2259 is there any relation with this upgrade on vb.net?
Oct 05, 2022
SonarQube (VB.NET)

Regards,
Abhishek

Hi Abhishek,

Welcome to the community!

A VB.NET rule wouldn’t have impacted your C# analysis. At a guess, a code change created a new path where the dereferenced value is null.

 
Ann

Hi Ann,

If it was a code change, it should have shown the bugs from long time.

Now the observation is , without any code changes the scanner is now detecting the bugs with C# rule (dereferenced value is null). A day before(or from past few months) the same sonar scan was success.

can you please confirm why there is a sudden difference in behaviour?

Regards,
Abhishek

Hi Abhishek,

Not if the code change was the removal of a null-check.

I can tell you that an updated version of the C# analysis engine was deployed late last week. So it’s possible the rule got smarter.

 
HTH,
Ann

Hi Ann ,

I saw the same was happening for multiple dotnet applications with the same issue on same day and I verified their history too . In the past it was all success in sonar scan .

Where can I see the update for C# rule engine ? Can you please post the link ,So that I can link it to the developers .

When I navigated to quality rules on sonar cloud , I did not see any last modified date under c# . But at the same time I could see vb.net rule set was updated with latest timestamp last week .

Regards,
Abhishek

Hi Abhishek,

Found it!

 
HTH,
Ann

Hi Ann,

Thank you for the updates. The reference link helps now.

we were not seeing the rules got updated in our subscription as date modified was old for C#. so we got confused.

Regards,
Abhishek

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.