Should I exclude the /dist folder from sonarQube scan

SonarQube : 8.2.0.32929, Scanner: 4.3.0.2102

I have an angular project to scan and scan works perfectly fine. But should I exclude /dist folder from scan when running it ? Or do you think its a good practice to fix the build generated /dist folder files like main.js and vendor.js ??

Hi,

Welcome to the community!

SO tells me that dist is where minified production versions of libs and code go. So you should exclude it. Otherwise, it’ll be a painful experience with all the issues in a library or file reported on the same unreadable line. Plus since you’re presumably analyzing the contents of src any issues raised on code in dist should be duplicates.

 
HTH,
Ann

Hi Ann, thanks for your response. IMO, dist directory should be included since the minified code may have some sensitive information sometimes like API Keys or passwords which are used to connect backend or SaaS systems.

Thanks,
Vijay.