False Negative on Kotlin S1128 using Sonar Scanner Gradle

Must-share information (formatted with Markdown):

  • Tool version:
    Gradle (Wrapper) 7.6.2, SonarQube 9.9.1, Sonar Scanner Gradle 4.3.1.3277, JDK 17
  • SonarQube deployed as provided service on Kubernetes
  • what are you trying to achieve
    Sonar Scanner Gradle should detect Kotlin S1128 correctly

Hello guys,
Our team’ve just modularized the project lately, and we found out that the SonarQube report via Sonar Scanner Gradle plugin is overlooking the rule “Unnecessary imports should be removed” in case it’s the import from same project module. The SonarLint detects it alright, even the console log indicates the line with issue, but the final result on SonarQube does not. It makes our code review unreliable and error-prone. I have created a example repository for reproducing this : Example repo

Updated: To be more informative, in our SonarQube we’ve extended builtin “Sonar-way” profile and bump the severity from “Minor” to “Critical”.

1 Like

Hello Backer,
I was able to reproduce the issue on SQ 9.9. Do you have the ability to update the SonarQube instance provided to you to the latest version? The issue is not present on SQ 10.1 for instance, and I can correctly see both imports being reported.

Let me know if I can help further!

Hi Leonardo,
Thank you for this verification. Good to know that the issue was comprehended and the fix has been available already. I would show this thread to the provider and tell them to plan upgrading. Have a good day !

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.