Hi,
I’m trying to figure out the meaning of issue keys as reported by the API as well as trying to figure out how to link to issues. Given that they occur once per issue object, always are the first key value pair, and literally have the name “key”, at first I assumed them to be unique keys identifying the issue. However, this doesn’t seem to be documented anywhere (or I really can’t find it in the documentation; if you know about it, please let me know) and I also quickly discovered that this was not the case by simply picking a random project, querying the API for the first 100 issues (curl --header 'Authorization: Bearer <my API token>' 'https://sonarcloud.io/api/issues/search?p=1&ps=100&projects=secguro_clouditor' 2> /dev/null), and searching the resulting JSON for the first issue key in it – it occurs a 2nd time:
1st occurrence (1st issue):
{
"key": "AY_y0UJZAO0TchMNeuEy",
"rule": "go:S1186",
"severity": "CRITICAL",
"component": "secguro_clouditor:api/ontology/ontology.pb.go",
"project": "secguro_clouditor",
"line": 891,
"hash": "4b06806d863018edcd9fd5cc8fe107a4",
"textRange": {
"startLine": 891,
"endLine": 891,
"startOffset": 51,
"endOffset": 53
},
"flows": [],
"status": "OPEN",
"message": "Add a nested comment explaining why this function is empty or complete the implementation.",
"effort": "5min",
"debt": "5min",
"author": "oxisto@clouditor.io",
"tags": [
"suspicious"
],
"creationDate": "2024-03-19T21:18:40+0100",
"updateDate": "2024-06-07T15:08:37+0200",
"type": "CODE_SMELL",
"organization": "secguro",
"cleanCodeAttribute": "COMPLETE",
"cleanCodeAttributeCategory": "INTENTIONAL",
"impacts": [
{
"softwareQuality": "MAINTAINABILITY",
"severity": "HIGH"
}
]
}
2nd occurrence (76th issue):
{
"key": "AY_y0UJZAO0TchMNeuEY",
"rule": "go:S100",
"severity": "MINOR",
"component": "secguro_clouditor:api/ontology/ontology.pb.go",
"project": "secguro_clouditor",
"line": 173,
"hash": "c8dca0a175433a7b1c25a57515de52b3",
"textRange": {
"startLine": 173,
"endLine": 173,
"startOffset": 49,
"endOffset": 73
},
"flows": [],
"status": "OPEN",
"message": "Rename function \"isAccessRestriction_Type\" to match the regular expression ^(_|[a-zA-Z0-9]+)$",
"effort": "5min",
"debt": "5min",
"author": "angelika.schneider@aisec.fraunhofer.de",
"tags": [
"convention"
],
"creationDate": "2024-02-16T12:37:14+0100",
"updateDate": "2024-06-07T15:08:37+0200",
"type": "CODE_SMELL",
"organization": "secguro",
"cleanCodeAttribute": "IDENTIFIABLE",
"cleanCodeAttributeCategory": "CONSISTENT",
"impacts": [
{
"softwareQuality": "MAINTAINABILITY",
"severity": "LOW"
}
]
}
I noticed that when you open an issue in sonarcloud’s web interface, the react app changes the “URL” displayed by the browser to something that looks a lot like https://sonarcloud.io/project/issues?open=<issue key> However, I noticed that this doesn’t seem to be the case by trying to open the issue in question:
I then noticed that the URL the react app tells the browser the link to an issue within the sonarcloud webapp goes to includes the project ID, so I added the project ID (https://sonarcloud.io/project/issues?open=AY_y0UJZAO0TchMNeuEY&id=secguro_clouditor) and actually arrived at one of the issues mentioned earlier:
So given a “key” that I know is not unique, I arrived at a unique issue (my 76th issue). I don’t know how to link to my 1st issue that has the same “key”. Does anyone know more about this?
