Sonar Scanner for .NET 8.0.3

Dear .NET Developers,

Today we publish version 8.0.3 of the scanner for .NET.
After reviewing the wonderful feedback you provided us, and carefully considering the options we had, we made one main modification in this release:
The Scanner for .NET will not analyze XML files automatically in the new default mode anymore. This caused too many issues with the amount of XML files lying around in unexpected places. This XML is, for the vast majority, not actually useful to analyze (coverage files, library documentation, etc) and leads to unknowingly increasing the amount of LOCs (Lines of Code) in projects for no or very little value to the point of causing painful issues for some people. To those who were adversely impacted, we apologize again.

Aside from that, we fixed two issues:

  1. Server-side exclusions were ignored. This was due to a modification introduced in 8.0.2 and we corrected the bug. Server-side exclusions are now correctly handled again and can be used to fine-tune the behavior of the automatic discovery of files outside the .NET projects.
  2. Malformed paths will not crash the analysis anymore, but will be logged. This will help you carry out your analysis and will help us diagnose which kinds of paths are causing issues.

As usual, the new scanner is available from nuget, our Github page or from Chocolatey.
Please continue sending us your feedback, as we continue improving the scanner. Whether it is bug report, utter frustration or feature ideas, all is welcome! We need your help to progress.

Last but not least, I want to take the opportunity to thank all of you who sent us reports, logs, pipelines, and ran tests to figure out where the problems were. You spent time helping us get it right, and we deeply appreciate your patience and commitment!

Denis

2 Likes

FYI I have tried the 8.0.0, 8.0.2, 8.0.3 version.
8.0.0 worked out of the box.
8.0.2 resulted in the “line of code” fail for the C# part; c/c++ and js/ts worked… scanAll=false fixed it
8.0.3 worked without scanAll=false

1 Like

Thank you, @slateAGF

I suspect you had been using exclusions and you were hit by the bug in 8.0.2 (where exclusions set in SonarCloud/SonqarQube did not work anymore), which would explain the LOC issue in your case.

Thank you for confirming 8.0.3 works for you!

Denis

still failing for us with below error :
INFO: 0/1 files analyzed, current file: Common/xxxxxxxxx/coverage.opencover.xml
04:00:32 INFO: 0/1 files analyzed, current file: Common/xxxxxxxxx/coverage.opencover.xml
04:00:44 INFO: 0/1 files analyzed, current file: Common/xxxxxxxxx/coverage.opencover.xml
04:00:58 INFO: 0/1 files analyzed, current file: Common/xxxxxxxxx/coverage.opencover.xml
04:00:58 INFO: 1/1 source file has been analyzed
04:00:58 INFO: ------------------------------------------------------------------------
04:00:58 INFO: EXECUTION FAILURE
04:00:58 INFO: ------------------------------------------------------------------------
04:00:58 INFO: Total time: 9:13.514s
04:00:58 INFO: Final Memory: 70M/260M
04:00:58 INFO: ------------------------------------------------------------------------
04:00:58 ERROR: Error during SonarScanner execution
04:00:58 java.lang.OutOfMemoryError: Java heap space
04:00:58 at org.sonarsource.analyzer.commons.xml.XmlFilePosition.shift(XmlFilePosition.java:83)
04:00:58 at org.sonarsource.analyzer.commons.xml.XmlFilePosition.shift(XmlFilePosition.java:62)
04:00:58 at org.sonarsource.analyzer.commons.xml.XmlFilePosition.moveAfterClosingBracket(XmlFilePosition.java:109)
04:00:58 at org.sonarsource.analyzer.commons.xml.XmlParser.visitEndElement(XmlParser.java:204)
04:00:58 at org.sonarsource.analyzer.commons.xml.XmlParser.parseXml(XmlParser.java:136)
04:00:58 at org.sonarsource.analyzer.commons.xml.XmlParser.(XmlParser.java:69)
04:00:59 at org.sonarsource.analyzer.commons.xml.XmlFile.create(XmlFile.java:90)
04:00:59 at org.sonar.plugins.xml.XmlSensor.scanFile(XmlSensor.java:113)
04:00:59 at org.sonar.plugins.xml.XmlSensor.execute(XmlSensor.java:99)
04:00:59 at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:64)
04:00:59 at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:88)
04:00:59 at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:61)
04:00:59 at org.sonar.scanner.sensor.ModuleSensorsExecutor$$Lambda$610/0x000000080144ac60.run(Unknown Source)
04:00:59 at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:79)
04:00:59 at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:61)
04:00:59 at org.sonar.scanner.scan.SpringModuleScanContainer.doAfterStart(SpringModuleScanContainer.java:82)
04:00:59 at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
04:00:59 at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
04:00:59 at org.sonar.scanner.scan.SpringProjectScanContainer.scan(SpringProjectScanContainer.java:403)
04:00:59 at org.sonar.scanner.scan.SpringProjectScanContainer.scanRecursively(SpringProjectScanContainer.java:399)
04:00:59 at org.sonar.scanner.scan.SpringProjectScanContainer.scanRecursively(SpringProjectScanContainer.java:396)
04:00:59 at org.sonar.scanner.scan.SpringProjectScanContainer.doAfterStart(SpringProjectScanContainer.java:368)
04:00:59 at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
04:00:59 at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
04:00:59 at org.sonar.scanner.bootstrap.SpringGlobalContainer.doAfterStart(SpringGlobalContainer.java:137)
04:00:59 at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
04:00:59 at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
04:00:59 at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
04:00:59 at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
04:00:59 at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
04:00:59 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
04:00:59 at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
04:00:59 ERROR:
04:01:01 The SonarScanner did not complete successfully
04:01:01 04:01:00.048 Post-processing failed. Exit code: 1
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }

Hi, @ShubhamGo

Is this with scanner v8.0.3? Then the problem is very different.
Can you post the full (redacted) verbose log of the end step?

Denis

Yes it is the same version. I will post log from verbose mode. The sonar scanner is unreliable. Please make error human friendly so that we can understand what going wrong please consider my suggestion for next development.