We are using SonarQube 6.7.4. We use some findbugs rules and some checkstyle rules and I’m aware that these are being integrated into squid rules. I have some questions about that:
In both lists, some rules were rejected and will not be integrated into squid. If we currently rely on these rejected rules, does that mean that we can never leave findbugs and checkstyle? Or will there be another review for those rules at a later point?
Also, is there a roadmap or timeline for getting the pending rules implemented? I’ve been following the findbugs list for 6 or 7 months and the pending ruleset has not changed.
The two lists you are currently using were made originally for internal use so we can track our progress when we were doing an effort to implement the most interesting rules of FindBugs and CheckStyle into SonarJava. They have been published to share them with a couple of customers but the intend was not to provide a tracking tool.
BTW, they should be deleted sooner or later. Actually they were supposed to be already dropped. Your post reminded me that someone forgot to do it. The two lists are not longer updated for months.
When we did our review, a rule was considered as rejected because:
we were not convinced about the value of the rule
the rule was not enough documented to really understand its purpose
This is not part of our current priorities to cover the pending rules. Occasionally, when a user (customer or someone from the community) is showing some interest about a rule, we try to add it in our backlog and push it to the next iteration on SonarJava.
In order to progress, I want to suggest the following:
select a couple of pending rules from the pending list of FindBugs/Checkstyle, knowing that, we have much more interest to implement bug detection rules than style ones.
select the ones that are really really important to you