Hi All, My project is a legacy one which we can’t build/create a solution. Sonar Scanner is expecting to build the application to analyse code. Is it possible to scan the code and get the report without building the application?
I have been using static analysis with the help of SonarLint which is working fine in IDE, But the expectation is to use SonarQube and SonarScanner without building project.
Thanks in advance
Hey there.
What languages are you trying to analyze?
For compiled languages – there’s no way out of it. Java, C#, and C/C++ require a bulid.
As a developer, how do you work on a project if you can’t build it?
There is one scenario where it requires.
We are using a lowcode platform, which basically generates c# code. The platform build the project by internally managing the references. But we are not able to build the solution when we try to build manually using msbuild. Due to this, the sonarclient is failing to scan the code.
Not seeing any way around for this.
Is it really worth scanning the code if it’s autogenerated? Will developers be able to go in and change and the autogenerated code?