Sonar AI CodeFix - Automatically apply suggestions

We use SonarQube Enterprise and have recently activated the We use SonarQube Enterprise and have recently activated the Sonar AI CodeFix feature.

We would like to have the option of automatically accepting all AI CodeFix suggestions.
The idea: After completing a scan, SonarQube should generate a branch in which all suggestions are incorporated.
This branch can be accepted using a pull request (or corrected accordingly beforehand).

This functionality would also be very practical for so-called “no-brainers”, such as unnecessary “using …” statements that can simply be deleted (this does not even require artificial intelligence).

We would like to have the option of automatically accepting all AI CodeFix suggestions.
The idea: After completing a scan, SonarQube should generate a branch in which all suggestions are incorporated.
This branch can be accepted using a pull request (or corrected accordingly beforehand).

This functionality would also be very practical for so-called “no-brainers”, such as unnecessary “using …” statements that can simply be deleted (this does not even require artificial intelligence).

Hi @DominikTouring

Thanks for reaching out and for exposing your idea regarding AI CodeFix improvement.
For now, we generate one suggestion per issue at a time. Why having an option to automatically accept multiple suggestions would bring more value?

Alexander

Hi @alexander.rage

Especally when migrating a legacy project to SonarQube, hundrends or even thounds of findings.
It would totally help, if findings such as unused using package or even findings with an ai fix would save us a lot of time.

So the idea is, that SonarQube creates a branch with a pull requests with all the AI fixes and “no brainer” issues.
The developer can proove or modify the branch for the pull request.

I don’t see the advantage of clicking through hundreds of findings that could be solved more/less automatically.

Dominik

I see, so your main use case is resolving major technical debt on projects recently analyzed.
If Sonar scan reports thousands of issues, are you saying that providing a PR with thousands of fixes in it would be ideal? I feel the reviewing process could be very cumbersome, don’t you think? And apart from this specific need, do you see something else where it could be beneficial?

I don’t see the benifit of doing so by hand.

For example a project I am working on at the moment has the following top issues:

The first and the third could be resolved most likely completly automatically (at least the first one).
Those are 630 changes.

So the PR with those changes will be there anyways. Why do I have to do it file by file by hand.

I guess it might make sense to make a difference or even choose which problems should be auto resolved.
For example: One single PR only with S1128. And another one for a different type (currently just brainstorming)

For the “no-braines” but enough for AI CodeFix I would apply the same.
SonarQube could play the role like a Junior-Dev “Co-Worker” that still needs observation of a Mid-Dev or Senior-Dev that can do all the monkey work