Please provide
- Operating system: Windows
- SonarLint plugin version: 10.4.0.82051
- Programming language you’re coding in: english
- Is connected mode used: yes
- Connected to SonarCloud or SonarQube (and which version): SonarQube
And a thorough description of the problem / question:
The basic problem is that I cannot specify the source code folder. I only have the possibility to keep a blacklist but no white list! This is very impractical for large projects. In addition, excluding files does not work. I have tried the GLOB patterns in the project settings as well as in the workspace settings. The only thing that works are excludes for folders in the project settings.
Why is the sonar-project. Properties is not interpreted in my directory. It contains the parameter sonar. Sources=src is defined.
Hi @MarkusAndreasMueller,
thank you for reaching out
You are right that we only support file exclusions, not the other way around (HERE is the docs page). I’m a bit confused about why these exclusions are not working for files and the GLOB pattern, but I see an error popping up at the bottom of your screenshot regarding one of the files. Would you be so kind to provide me the logs?
The sonar-project.properties
is not taken into account as described in our documentation. This is on purpose as these files are for the Sonar Scanners, not for SonarLint.
We are currently working on a SOLUTION in order to speed up SonarLint by not indexing files and folders not relevant to the project. This will include output files of generated/compiled code and so on, and, if possible, already ignored files either by the user’s file exclusions or stuff in a .gitignore
.
Our main mantra is to analyze not only source files in the repository but everything that is available (generally speaking, of course, not something like binary files) as, for example, passwords can also be present in other files in the project outside of the scope of source files. Every user then can configure, what should be excluded. Seeing that you are in Connected Mode, this can even be done on SonarQube. See the documentation, this information is then propagated to all users in Connected Mode to that server/project so there is little to no manual configuration locally on the user’s side.
Best,
Tobias
Hello Mr Hahnen,
Thank you for your reply.
In fact, the solutions listed do not help us. The binary files that generate an error are part of the repository. And there are a lot of them! Perhaps this is a peculiarity of embedded firmware development? We work with modules that can be easily integrated into the projects and provide the corresponding development tools and documentation.
No chance of using .gitignore, as all the data is in the repo. Difficult only via a blacklist, as you would have to search for the files in dozens of folders. The main problem is that the mechanisms of the blacklist do not work (as shown in the previous screenshot).
A simple solution would be an additional whitelist with file endings (.c, .h, .py, …).
It looks to me as if SonarLint is trying to analyze binary files that it cannot or cannot open and is therefore causing the error shown. If it was checked in advance whether the file could be interpreted, many of our problems would probably already be solved!
Furthermore, SonarLint had worked without any problems until the update of our IDE (Renesas e²-Studio 2020-10 to 2024-04). The SonarLint version in the old IDE was 8.1.0.80220.
Can you send me an email address so that I can send you the logs?
With kind regards
Markus Müller
Hello @MarkusAndreasMueller,
thanks for all the information provided. We did some in-depth look at it internally, and based on your feedback, an exact ticket for the issue faced with files not being analyzed due to issues, was created for my colleagues to tackle.
Regarding the issues faced about narrowing down the scope of what SonarLint is taking into account for the analysis (and therefore, before that for indexing), I want to point out THIS ticket to you as well that will probably benefit you as well.
This is about speeding up the indexing and is already prepared and will be tackled in the near future by me (probably in a matter of weeks).
In the meantime I’d advice you to not analyze the whole project but only the relevant bits in order to circumvent the issue with the analysis failing on specific files.
Due to how SonarLint works currently, that even if you analyze a whole project and have exclusions set to files or folders, due to the fact that you “forced” the analysis, we are not taking this into account and try to analyze everything. We sparked a small discussion about this internally as well with no definitive answer yet if we are going to change this or not.
Best,
Tobias
Hi @MarkusAndreasMueller,
coming back to you as I just released SonarLint for Eclipse 10.6 available everywhere where you find SonarLint.
This includes the fix for the issue you were facing with the Windows symlinks as well as performance improvements that should come in handy as you were looking forward to narrowing down the focus for SonarLint about what it should analyze and take into account.
We currently don’t cover CDT, as this will be handled on its own. Its documentation is lacking, and they don’t have many options to exclude output directories.
Also, a few follow-up tickets are planned, including THIS, which should be interesting for you!
Best,
Tobias