Hi, I’m using SonarCloud and we’ve been using it with only a few code smell rules to get the team used to it.
Today, I noticed that there were new code smells. When I checked them there was a tag that said “roslyn” and when hovered it says “issue detected by an external rule engine: roslyn”
Could you please indicate how to prevent these kind of rules to add issues in my projects?
Thanks!
Hi,
This kind of issues is now reported thanks to a new feature that is available on SonarCloud. SonarCloud automatically imports issues generated by the third-party Roslyn analyzers that are configured on your solutions.
This makes you see, in SonarCloud, the same issues you have locally in Visual Studio.
You can deactivate this behavior for your projects: Administration > General Settings > External analyzers > C# Ignore issues from external Roslyn analyzers.
Out of curiosity, why don’t you want to see those kind of issues in SonarCloud?
Thanks for your clear answer, Christophe.
The reason I’d like this alerts muted by now is that we’re rolling out static code analysis with only a few very clear rules (long parameter list, cognitive complexity) so the team gains awareness, act on those, and get used to have these in the definition of done.
Due to having a lot of legacy code in our codebase, if we open the floodgates, people will be overwhelmed and confused with lots of rules and alerts.
Our plan is to activate more and more rules progressively.
2 posts were split to a new topic: Customize External Roslyn Rules Imported to SonarQube
Hi,
Following the above approach, I am not getting any option to disable any specific rules reported from external rule Fortify.
Can you please help me to understand this?
Any help will be much appreciated!
Regards,
Akanchha
Hi @Colin ,
Can you please help me with the solution ?
Any input is much appreciated.
Regards,
Akanchha
