Categorize roslyn bugs by ID

I’ve read the docs and it looks like 3rd party analyzers (e.g: Roslyn for C#) will automatically get imported as “code smells”.

The docs also mention i could use these analyzer parameters to have some control over the process:

sonar.cs.roslyn.bugCategories
sonar.cs.roslyn.vulnerabilityCategories
sonar.cs.roslyn.codeSmellCategories

I am planning to import a few different Roslyn analyzers. Is there any possibility to configure which “external issue” gets imported as a bug (+ severity) based on the rule ID ?

Hello @liortal53

I apologize for the late reply.

You cannot categorize based on the rule ID. You can categorize based on the rule categories.

For example, if you want to import StyleCopAnalyzers rules and you pass the following parameters in the BEGIN step of the Scanner for MSBuild analysis,

/d:sonar.cs.roslyn.bugCategories="StyleCop.CSharp.MaintainabilityRules"

then all the maintainability rules stylecop has will be imported as Bugs in SonarQube.

I hope this helps.

And categories are not something that is “standard” ? e.g: every analyzer might define its own set of category names ?

that’s correct