Issues for a file listed on SonarQube dont show up with a SonarLint analysis even when in Connected mode

Hi,
I’m using SonarQube enterprise version 8.4.2 . I am using the connected mode by configuring the settings for my SonarQube server in my local. But for a file, the issues that are listed on SonarQube do not show up when I run a SonarLint analysis in my local.
Am I missing something? I’ve attached screenshots of the same.



1 Like

Hi,

There are some issues that SonarLint doesn’t raise. I had thought there were 2 categories, but you’ve made me realize there are three:

  • taint analysis vulnerabilities - these are the extra security rules you get when you upgrade to Developer Edition($) (we’re working on an import from SQ in connected mode)
  • Security Hotspots - this will come
  • “Common” rules - this is the category I’d overlooked until your email

Most rules are executed during analysis & can generally be raised by SonarLint as well. There is a small set (max 6, fewer in some languages I believe) that are only run server-side. The missing issue you show in your screenshots comes from one such rule. These rules are in the “Common [language]” repositories. Because they’re only executed server-side, they aren’t available to SonarLint.

 
HTH,
Ann

2 Likes

For the record all those cases (plus some others) are listed in the FAQ.

1 Like

That was informative, thanks!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.