Files/Folder with special characters in names causing syntactically incorrect XML

After XCode tests run, we use xccov-to-sonarqube-generic.sh to generate coverage file for Sonar Cloud analysis. If there are special characters in names of files/folders, the generated coverage file is giving syntax error. Log attached below:

• ALM used (GitHub, Bitbucket Cloud, Azure DevOps) - Azure DevOps
• CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI - Azure DevOps
• Scanner command used when applicable (private details masked) - xccov-to-sonarqube-generic.sh
• Languages of the repository - IOS Swift
• Only if the SonarCloud project is public, the URL - Private
• Error observed (wrap logs/code around with triple quotes ``` for proper formatting)

INFO: Sensor CSS Rules [javascript] (done) | time=492ms
INFO: Sensor ThymeLeaf template sensor [securityjavafrontend]
INFO: Sensor ThymeLeaf template sensor [securityjavafrontend] (done) | time=363ms
INFO: Sensor Serverless configuration file sensor [security]
INFO: 0 Serverless function entries were found in the project
INFO: 0 Serverless function handlers were kept as entrypoints
INFO: Sensor Serverless configuration file sensor [security] (done) | time=90ms
INFO: Sensor AWS SAM template file sensor [security]
INFO: Sensor AWS SAM template file sensor [security] (done) | time=5000ms
INFO: Sensor AWS SAM Inline template file sensor [security]
INFO: Sensor AWS SAM Inline template file sensor [security] (done) | time=5237ms
INFO: Sensor Generic Coverage Report
INFO: Parsing /Users/runner/work/1/s/sonarqube-generic-coverage.xml
INFO: Time spent writing ucfgs 66ms
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 8:38.672s
INFO: Final Memory: 501M/1425M
INFO: ------------------------------------------------------------------------
##[error]ERROR: Error during SonarScanner execution
ERROR: Error during parsing of the generic coverage report '/Users/runner/work/1/s/sonarqube-generic-coverage.xml'. Look at SonarQube documentation to know the expected XML format.
ERROR: Error during SonarScanner execution
ERROR: Error during parsing of the generic coverage report '/Users/runner/work/1/s/sonarqube-generic-coverage.xml'. Look at SonarQube documentation to know the expected XML format.
##[error]The process '/Users/runner/work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/1.33.1/sonar-scanner/bin/sonar-scanner' failed with exit code 1

• Steps to reproduce - Folder name contains & symbol, like T&C. In generated XML, this ampersand is coming as single character rather than XML element &

• Potential workaround
  Added below extra step to fix the coverage file by replacing ‘&’ with “&”
  perl -pe ‘s/&(?!(quot|apos|lt|gt|amp);)/&/g’ < sonarqube-generic-coverage.xml > fixedcoveragefile.xml
  mv -f fixedcoveragefile.xml sonarqube-generic-coverage.xml

Can the scanner be enhanced to take special characters in file/folder names and handle this scenario intrinsically.

Hello @MOHIT_DANGWAL

Thanks for raising the issue here. I created a ticket to track it [SONARSWIFT-538] - Jira

FYI you are welcome to open a PR on the repo with examples to fix the problem.

Hi @MOHIT_DANGWAL,

if you use Xcode 13.3+ you can try the new version of xccov-to-sonarqube-generic.sh that includes the escaping of & characters in filenames.

The script now uses an xccov command introduced in Xcode 13.3, so it won’t work on older versions.

Hi @francois.mora ,

I tried this new script and getting some errors listed below on my Azure DevOps Hosted Agent running on MacOS 12. Can you please check if there is any additional setting or prerequisite required for running this updated script.

Errors: I have lots of these in my logs, not sure if this is a warning or error but shows up several times.

xccov[64659:390722] Requested but did not find extension point with identifier Xcode.IDEFoundation.IDEResultKitSerializationConverter
xccov[64659:390722] [MT] DVTAssertions: Warning in /System/Volumes/Data/SWE/Apps/DT/BuildRoots/BuildRoot2/ActiveBuildRoot/Library/Caches/com.apple.xbs/Sources/DVTFrameworks/DVTFrameworks-21304/DVTFoundation/DocumentLocations/DVTDocumentLocation.m:277
Details:  DVTDocumentLocation: Failed to find requested class with name Xcode3ProjectDocumentLocation (or isn't a subclass of DVTDocumentLocation). Falling back to DVTDocumentLocation.
Object:   <DVTDocumentLocation>
Method:   +deserializedDocumentLocationForClassName:stringRepresentation:error:
Thread:   <_NSMainThread: 0x600000ecc280>{number = 1, name = main}
Please file a bug at https://feedbackassistant.apple.com with this warning message and any useful information you can provide.

Hi @MOHIT_DANGWAL ,
It appears these messages may only be warnings reported by Xcode. Is the coverage XML file generated correctly? If yes, is the coverage displayed in SonarCloud consistent with Xcode?
Xcode writes these warnings on the standard error, and depending on your shell, you may add 2>/dev/null at the end of the command line to ignore them.