How to check the enabled checkers in SonarCloud static code analysis

  • ALM used (GitHub)
  • CI system used (Github Action)
    • Scanner command used when applicable (private details masked):
      sonar-scanner --define sonar.projectKey=balaji-nordic_unit-test-experiments
      –define sonar.organization=balaji-nordic
      –define“${{ env.SONAR_SERVER_URL }}”
      –define sonar.exclusions=“CMakeFiles
      –define sonar.cpd.exclusions=“CMakeFiles
      –define“${{ env.BUILD_WRAPPER_OUT_DIR }}”
      –define sonar.cfamily.gcov.reportsPath=“gcov_reports_dir”
  • Languages of the repository: C

If you don’t mind, could you please let me know what’s the enabled checkers in SonarCloud static code analysis?

Since we’re using another Static Code Analysis and it shows us the list of enable checkers which are quite clear for us to review such as: ALLOC_FREE_MISMATCH, ANDROID_CAPABILITY_LEAK, ANDROID_DEBUG_MODE, ANONYMOUS_DB_CONNECTION, ARRAY_VS_SINGLETON, ASSERT_SIDE_EFFECT, etc.

But we couldn’t find this information in the SonarCloud execution console or dashboard or website.

Thank you so much for your help and support!

Hey there.

You can check the Quality Profile for the C language to understand which “checks” (we call them rules) will be applied to your project.

Thank you so much :+1:, I can view the Quality Profile from the SonarCloud dashboard :slight_smile: