Issue with .NET Core Project Analysis in Scanner Mode ('dotnet')

Hello,

We are experiencing an issue when analyzing .NET Core projects using scannerMode: 'dotnet'. The analysis currently covers the entire solution, which can distort key indicators such as code coverage, duplicated code, and security hotspots.

Our requirement is that the analysis should focus only on the specific .NET project and its dependencies.

Using sonar.projectBaseDir to manually set the folder is not an ideal solution for us, as we would like the folder selection to be determined automatically.

Could you please advise on how to achieve this behavior?

Thank you.

Hi,

It sounds like you’re looking for exclusions.

 
HTH,
Ann

Hello,

SonarExclusion is mainly used to exclude uncovered code.

For scanner projects dotnet, The solution is to use sonar.projectBaseDir on extra params to specify the project to analyze. Otherwise, SonarQube won’t be able to determine the project from the .csproj or .sln file and will send all the source code to SonarQube.

Thanks for your response.