Old version of Sonar used in CircleCI orb

I am using SonarCloud with:

• ALM: GitHub
• CI: Circle CI
• Language: Java

I’ve noticed that the official Circle CI orb distributed by Sonar Source is using version 5.0.1.3006: GitHub repo

When I run a scan, I get a lot of Remove this unused private field false positives in the report. From this conversation this would not happen with version 10.0.0.68432.

Is there a reason the orb is using such an outdated version?

Upon further examination, it looks like 5.0.1.3006 refers to the latest version of the Sonar Scanner CLI. Does this version correlate to the SonarQube version?

The issue I am getting is the Remove this unused private field for fields in classes annotated by Lombok annotations, and the only solution I can find is to ensure I am using the most recent version of SonarQube.

Hey there.

Putting versions aside (you’re right, it’s a red herring) – I would suggest posting a sample of code that reproduces the issue, as well as your CircleCI configuration.

Most developers wouldn’t use the orb to execute analysis of Java, but instead the Scanner for Maven or Scanner for Gradle based on the build system used. This also has the benefit of making sure your code has been compiled right before analysis, and that all necessary class files are being passed to analysis. This is required for an accurate analysis.