Dependencies should not have "system" scope

  • ALM used (GitHub)

  • Java

  • We were using SonarCloud to analyze the projects (BUILT-IN profile used) in our company and as we are using some local libraries we were seeing the “Dependencies should not have “system” scope” bug.

  • We have noticed this is not appearing anymore but we do not know when it stopped.

  • Pom.xml is not being analyzed anymore?

  • What is happening?

  • How can we bring this rule back to our projects?

Thank you.

Hey there.

I’ve moved your post to the section on reporting false-postiives/false-negatives.

It would be useful if you could provide a pom.xml file where you expect the issue to be raised, but it is no longer.

Hi there,

Sorry for the late response.

I hope it will be enough just provide the relevant piece of pom.xml:

  <dependency>
			 <groupId>OsgiTest</groupId>
  			<artifactId>OsgiTest</artifactId>
 			 <version>0.0.1</version>
 			 <scope>system</scope>
			<systemPath>${project.basedir}/src/main/resources/OsgiTest-0.0.1.jar</systemPath>
		</dependency>