How to bypass legacy code

SDa · February 4, 2019, 8:44am

HI,
Please find below details
SonarQube Version - 7.5 Community Edition
SonarScanner Version - 3.2.0

Question:

We have a legacy project, which is in java. I would like to know, is there any way by which we can bypass the scan on legacy code ( because, it may show thousands of error/warning in code). Based on this we have below question.

Is it possible Sonar should scan only latest changes ( bypassing the old code)?
Can we scan the source code/file from specfic date ?
Is there any alternative to CutOff plugin ?

If none of the solution to above. Then how to handle Legacy code with new changes and run the sonar to check only recent changes.

Please help me.
Waiting for your reply.

ganncamp · February 4, 2019, 8:13pm

Hi,

There’s no good, comprehensive way to not analyze old code. However, SonarQube has plenty of ways to help you focus new code.

Fixing the Water Leak (overall concept)
Quality Gates, see Use the Best Quality Gate Configuration
Project Page, see What should I fix first?

HTH,
Ann

innanill · February 5, 2019, 4:03am

We have a similar issue to you, with a large legacy project that contains a lot of SonarQube issues that we just can’t fix. Since we decided to concentrate only on issues that are “Major” and up, we “grandfathered in” the legacy ones by downgrading all the legacy Major/Critical/Blocker issues to Minor. This allows developers to fix them if they are in the code, but doesn’t require it. Any new changes will create issues at the proper level.

Hope this helps.