Using Azure DevOps
We have 2 analysers added to our dotnet core projects (c#):
<ItemGroup> <PackageReference Include="SonarAnalyzer.CSharp" Version="22.214.171.12419"> <PrivateAssets>all</PrivateAssets> <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets> </PackageReference> <PackageReference Include="StyleCop.Analyzers" Version="1.2.0-beta.113"> <PrivateAssets>all</PrivateAssets> <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets> </PackageReference> </ItemGroup>
We also have a code analysis ruleset set up and configured. We’ve built the code to leave just two warnings behind as a test.
SonarCloud is setup to run on our PRs.
All working fine and we get an analysis but every possible rule is being applied so lots of issues.
Is there a way to ensure that the local code analysis ruleset gets imported as we cannot deactivate external analyser rules from the admin settings and I don’t want disable the all client side rules as these need to be enforced along with any SQ rules.
For example, the following gets reported by Sonar Cloud but is not one of our active rules:
Code Smell: Using directive should appear within a namespace declaration ([external_roslyn:SA1200])
How we continue to use the imported rosyln rules along with the correct ruleset?