php:S4792 Configuring loggers

  • What language is this for?
    PHP
  • Which rule?
    php:S4792
  • Why do you believe it’s a false-positive/false-negative?
    Code follows best practices according to reference material cited.
  • SonarQube - v9.9.6
  • Recreate using this code excerpt:
// report all errors and notices but don't display any
error_reporting(E_ALL);
ini_set('display_errors', '0');

Rule examples provided state the exceptions for production servers which are valid are:

ini_set(‘display_errors’, ‘0’);
error_reporting(0);

Link to recommended settings references: PHP Logging Basics - The Ultimate Guide To Logging

Table of recommended configuration settings specifies:

display_errors: 0
error_reporting: E_ALL

Hey @CameronG

This was rule was recently SONARPHP-1486 and I expect won’t receive any further improvements. You can mark this issue as false-positive/won’t fix, and remove it from your Quality Profile if it’s particularly noisy.

Appreciate the response. I can’t access the link you provided, could you cite the contents here, so I understand what happened with this rule?

Hey @CameronG ,

the ticket states that the rule will be deprecated because we do not believe that it provides enough value anymore.