We have users reporting about the rule plsql:DeleteOrUpdateWithoutWhereCheck is throwing false positives for below attached screenshot code snippet
Justification: Delete does not need a where clause when used in cascade delete functionality In DDL scripts.
Make sure to read this post before raising a thread in this category:
Specifically – we are missing what product you’re using (A specific version of SonarQube, SonarCloud), and a self-conatined snippet of code that reproduces the issue (not a screenshot).
I have updated the summary to include the SoanrQube version which is 8.9.6 Enterprise LTS.
And snippet is below
ALTER TABLE "app_public"."PartnerUserInvite"
ADD COLUMN "status" text,
ADD COLUMN "role" text,
ADD COLUMN "userId" uuid REFERENCES app_public."User" ON UPDATE CASCADE ON DELETE CASCADE,
ADD COLUMN "accountId" uuid REFERENCES app_public."PartnerAccount" ON UPDATE CASCADE ON DELETE CASCADE
Please let us know if any feedback received
Please let us know if any updates on this
Thanks for raising this @jagadeesh2. We expect to be able to investigate it in the next few weeks.
After we confirm it is a problem, we will share here a link to the ticket we will create.
Unfortunately, I could not reproduce this FP. I analyzed the snippet that you provided with SonarQube but no issue was raised.
In case you still get a false positive issue, would it be possible to run an analysis with verbose logs and attach the result here?
You can do this like so:
sonar-scanner.bat -D"sonar.login"="token" -D"sonar.projectKey"="projectKey" -X -D"sonar.verbose"="true" > result.log