Can I suppress SonarQube issues in C/C++?

cpp
exclusions

(Steve) #1

Hello,

I’m trying to suppress issues in a C++ file but am struggling. The //NOSONAR doesn’t seem to work like it does in Java.

Is there a way to suppress issues in C++?

Also, is there a way to track issues being suppressed like with the SonarJava plugin?

SonarQube 6.7.2 - Developer Edition

Thanks for the help!

Steve


(Colin Mueller) #2

Steve,

Are you using SonarSource’s CFamily analyzer or the Community Cxx plugin? NOSONAR support is currently not in the Community Cxx analyzer.

As for tracking usage of NOSONAR, I believe you’ll be interested in this rule. In addition, SONARJAVA-2749 is scheduled for the next release of SonarJava and will implement a rule that tracks cases where NOSONAR is used but not actually suppressing an issue.

Colin


(Steve) #3

Hi Colin,

Thanks for the help. I should have mentioned I’m using the CFamily analyzer.

Steve


(Colin Mueller) #4

Steve,

Is it possible for you to provide a small reproducer or screenshots of somewhere NOSONAR is being used that an issue is being raised?

And to really cover our bases, is it possible the issue being raised is on the usage of NOSONAR itself (it’s turtles all the way down!)

Colin


(Nicolas Bontoux) #5

Hi,

To complements Colin’s answer then:

  • you should double-check that you’re on the latest version of the CFamily analyzer

  • generally speaking usage of //NOSONAR is not a recommendation nor a common practice (risk of having to maintain in-source exclusions, and forget context too). You’re better off letting SonarQube catch the issue, and then you can declare it ‘Won’t Fix’ from there on (providing a justification comment). SonarQube will then fully track that issue state across refactorings, file move etc. and you keep the big picture at all times