I scanned a project in which I intentionally wrote buggy code according to the rules I selected.
After the scan, only code duplications are reported. Other violations are not reported.
For info my quality profile is SonarWay+All MISRA rules
Can you please tell me what I missed ?
There’s not a lot to go on here. Could you add your analysis logs?
I solved the issue. We are using CMake to build, and we wrongly run the build wrapper for the CMake configure step instead of the build step.
What is really misleading is that the Sonar Web UI shows that it scanned all our files, which is clearly not the case because the configure step consists only of compiler detection programs provided by CMake.
We has to look into the json dump of the build wrapper to figure out that it did not grab our files.