Related locations in SARIF files a sorted by line numbers

Must-share information:

  • SonarQube Community Build 10.7
  • how is SonarQube deployed: zip

I wanted to import issues from SARIF files.
The relatedLocations in the SARIF json file are provided in a semantically meaningful order (e.g. call sequence, call stack).

Expected behavior:
The locations are shown in the navigation panel of the issue view in the web interface in the same order as provided in the SARIF file.

Actual behavior:
The locations in the navigation panel are sorted by line numbers in the navigation panel.
This makes it very hard to understand the issue in the Webinterface.

Just found out that SonarQube SARIF import supports “stacks”.
That’s great, at least for some of my use cases.
Unfortunately it was not in the documentation.
May you update this, to show the full power of SonarQube? :thinking:

1 Like

Hi Andreas,
Thanks for your valuable input. We will update the documentation.