Dart analysis not respecting analysis_options.yaml

Hi,

We’ve recently started integrating a Flutter codebase into SonarQube.
It looks like the dart analyzer is not respecting the linter rules defined in the analysis_options.yaml file that is defined in our project, therefore there is no way to ‘override’ the analyzer linter (without changing the quality profile) and such must adhere to all the active rules defined in Quality Profile - Dart (Sonar way)
This is counter-intuitive, as within the rules of the Dart Quality Profile, in the More Info → Resources section it specifically links out to the dart linter rules, which can be enabled/disabled in every project via the analysis_options.yaml file.

As per the doc’s it would seem this support does not exist yet, is this something that is to come in the future, I could not see on the roadmap anything around this. It would be a fantastic edition.

We would prefer not to have to use a third party plugin such as GitHub - insideapp-oss/sonar-flutter: SonarQube plugin for Flutter / Dart, which does support the overriding of the the analyzer options to use the project linter rules.

SonarQube Server 2025.1.0.102418
Developer Edition v2025.1 (102418)

Regards,
Evan

Hello Evan,

Thank you for your input. Initially, we hadn’t planned to support analysis_options.yaml, but I will reconsider this decision.

Could you clarify your expectations if an analysis_options.yaml file is available at the root of the project? Specifically:

• Would you like to enable only the rules specified in analysis_options.yaml without needing to modify the Quality Profile in SonarQube?
• Should we consider the parameters of the rules defined in analysis_options.yaml?

Are there any rules you would expect to always be deactivated? If so, could you please explain why?

Thanks
Alex

Thanks for the reply.

• Would you like to enable only the rules specified in analysis_options.yaml without needing to modify the Quality Profile in SonarQube?

Yes, that is essentially correct, lets have a look at swiftlint for example with Swift, we have a Swift codebase, which we’ve essentially disabled all the rules in the Swift Quality Profile except rules that can not be caught by static analysis, and our swiftlint.yaml file has our defined set of rules, now in this case, we run swiftlint and provide the report to Sonar via sonar.swift.swiftLint.reportPaths=swiftlint.result.json, which then show in SonarQube.

Screenshot 2025-02-05 at 10.27.321094×173 15.6 KB

It would be lovely to be able to do something similar with analysis_options.yaml for Dart. Now a static analysis reporting tool is not available for Dart to mimic this exact behaviour as swiftlint, but if the Sonar Dart profile could first check if an analysis_options.yaml file exists, or if there was a sonar property to point to it, then run against the rules defined in that, otherwise run against the default active rules. I’m guessing the profile just runs dart analyze behind the scenes against whatever rules are active currently. It would mean we have parity between static code analysis when developing locally and running via CI.

We are fresh to Dart so I can’t yet give any other recommendations on specific rules that should or should not be activated or deactivated.

Evan

Thanks for your reply. We will certainly work on it in Q2-2025.

+1 here!

We have a CI Pipeline that already produces the analyzer.output file (from an analyzer run with our own analysis_options.yaml). Now we just want to import that report instead of having Sonar run an analysis with different options.

In the third party plugin (GitHub - insideapp-oss/sonar-flutter: SonarQube plugin for Flutter / Dart) one can add the analyzer findings to sonar with sonar.dart.analysis.reportPath=analyzer.output.