Hello!
I would like to know if there is any way to disable the use of NOSONAR globally in our projects instead of working with the rules that detect the use of it.
Thank you!
Rebse
July 3, 2023, 5:25pm
2
Welcome
this still stands
In fact, as Sonarqube admin you need to activate two rules.
java:NoSonar âTrack uses of âNOSONARâ commentsâ
to prevent the use of //NOSONAR for hiding issues
call https://$yoursonarhost/coding_rules?open=java%3ANoSonar&rule_key=java%3ANoSonar
for activation
[java_nosonar]
java:S1309 âTrack uses of â@SuppressWarningsâ annotationsâ
with an appropriate whitelist to prevent some clever developers
using @SuppressWarnings("all") in all their classes
see documentation => Java
call https:/âŚ
beside thereâs also the use of sonar.exclusions as scanner property, think of sonar.exclusions=**/*.*
Youâve raised a very important point, but it seems weâre on our own, see this thread
Guess we will need to diff their sonar.exclusions with the sonar.exclusions configured at
Sonarqube server and break the build if there is more excluded.
Still considering how to implement that for Maven pipelines using the sonar:sonar goal , any ideas !?
Will use api/settings/values?keys=sonar.global.exclusions and compare it with the given
property sonar.exclusions from the pom.
The tricky part is, whâŚ
Gilbert
1 Like
All right, weâll use this, thank you very much for the answer Gilbert.
system
July 11, 2023, 4:12pm
4
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
