I have encountered false positives in 2 situations.
Rule S125 is sometimes picking up directives for static code analysis tools. In the following code line 1 will have S125 trigger, even though it is not python code.
# fmt: off
# pylint: disable=line-too-long
my_long_line_1 = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
This doesn’t just depend on the contents of the line, swapping line 1 and 2 will still have the alert on line 1 even though the pylint ...
directive didn’t trigger it before. But you can stop the rule triggering by adding a blank line between the fmt
and pylint
directives.
The rule also triggers on some comments that look like a line with multiple statements
def foo():
x = 0.5 # value in [0, 1]
y = 0.5 # quantile; value in [0, 1]
return x + y
Will have S125 trigger on line 3 but not line 2.
Versions:
Sonarqube 9.5
sonar-scanner 4.7.0.2747