versions used (SonarQube : 5.6.7, Scanner : 3.0.3, sonar-python-plugin-220.127.116.116.jar / sonar-fortify-plugin-2.0.jar )
error observed :
For python language my print violations are getting suppressed by #NOSONAR tag however the Fortify violation’s aren’t.They are visible on UI. Not sure if this is the expected behavior.
I tried to suppress the fortify java violations and their things work as expected.
steps to reproduce
- Appended #NOSONAR on few of the print violations and security violations present in python files
- Created a fpr file using sourceanalyzer on our sample git repo.
- Run sonar-scanner on the sample repo and also provided -Dsonar.fortify.reportPath=fortify_results.fpr
Actual Result :
Print violations are suppressed but fortify violations are still shown on UI.
Expected Result :
Both print and fortify violations should be suppressed on UI
Some time back following jira was addressed to have the NOSONAR support.
- potential workaround