List of duplicated rules between SonarAnalyzer.CSharp and other analyzers?

JuanZamudioGBM · June 15, 2023, 4:27am

which versions are you using (SonarAnalyzer.CSharp 9.3.0.71466)

Hi, I was wondering if you have or know of a list of rules that are duplicated between sonar and other analyzers like Microsoft.CodeAnalysis.NetAnalyzers, for example S1481 exist in NetAnalyzers as the rule CS0168.

I ask because our building times are getting very slow and I want to disable rules that are unnecessary because are validated for another rule.

This is an example of the times we are seeing during build

Analyzer Report
    Total analyzer execution time: 31.154 seconds.
    Time (s)    %   Analyzer
    20.252   65   SonarAnalyzer.CSharp, Version=9.3.0.0, Culture=neutral, PublicKeyToken=c5b62af9de6d7244
        9.443   30      SonarAnalyzer.Rules.CSharp.SymbolicExecutionRunner (S1944, S2053, S2222, S2259, S2583, S2589, S3329, S3655, S3900, S3949, S3966, S4158, S5773)
        3.522   11      SonarAnalyzer.Rules.CSharp.VariableUnused (S1481)
        0.974    3      SonarAnalyzer.Rules.CSharp.DeadStores (S1854)
        
        
    4.774   15   Microsoft.CodeAnalysis.NetAnalyzers, Version=7.0.8.26701, Culture=neutral, PublicKeyToken=31bf3856ad364e35
        1.608    5      Microsoft.NetCore.Analyzers.Runtime.DisposeObjectsBeforeLosingScope (CA2000)
        1.016    3      Microsoft.CodeQuality.Analyzers.Maintainability.AvoidDeadConditionalCode (CA1508)
        0.172   <1      Microsoft.NetCore.Analyzers.Data.ReviewSqlQueriesForSecurityVulnerabilities (CA2100)

Thanks
Juan Zamudio

ganncamp · June 16, 2023, 4:04pm

Hi,

The current version of the SonarScanner for .NET is 5.13. Is that maybe your SonarQube version that you’ve listed? If so, it’s a bit out of date. SonarQube 9.9 LTS is the current LTS and 10.0 is the latest version. We made improvements to analysis speed in the 9-series, so if you’re on SonarQube 9.3, upgrading might help analysis speed (in addition to bringing you lots of improvements, fixes and new features!).

Regarding rule overlap, we generally try not to do that. We decided a while ago to compete with innovation, rather than re-implementing others’ rules.

HTH,
Ann

JuanZamudioGBM · June 28, 2023, 3:42am

We are using the global tool (version 5.13.0) with dotnet 7

Topic		Replies	Views
Analyze test projects using SonarAnalyzer.CSharp in Visual Studio SonarQube Server / Community Build csharp , scanner , visualstudio , dotnet , tests	2	916	January 26, 2023
Which analyzer are used for C# and how to include external analyzers? SonarQube Server / Community Build csharp , sonarqube-ide	2	393	June 11, 2021
Performance problems with S3949 SonarQube Server / Community Build performance , dotnet	3	1056	October 7, 2021
Finding SonarAnalyzer.Security Analyzer SonarQube Server / Community Build csharp , msbuild , sonarqube-ide	3	2345	March 13, 2020
CSC : warning CS8032: An instance of analyzer SonarQube Server / Community Build csharp , sonarqube , scanner	1	6958	February 18, 2020

List of duplicated rules between SonarAnalyzer.CSharp and other analyzers?

Related topics