I’m currently working with Enterprise Edition v2025.1.1 and attempting to identify the quality profile which best makes sense to use for our C++ project.
When doing so, I elected to compare the “Mission critical” profile with the “Sonar way” profile. I was expecting to see the Mission critical profile be a superset of the Sonar way, possibly with a few minor changes where less-strict rules were replaced with more strict rules.
Instead, I was surprised to see that:
“Mission critical has 58 additional rules and 62 fewer rules than Sonar way.”
Why are there rules present in the “Sonar way” profile not present in the “Mission critical” profile? For example, the rule of “Single-bit named bit fields should not be of a signed type”. There are many others which lack comparable rules (notwithstanding the confusion between similar rules such as cpp:S859 vs cpp:M23_090).