Template for a good new topic, formatted with Markdown:
ALM used (GitHub, Bitbucket Cloud, Azure DevOps) -github
CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI -circleci
Scanner command used when applicable (private details masked)
Languages of the repository
Only if the SonarCloud project is public, the URL
And if you need help with pull request decoration, then the URL to the PR too
Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
Steps to reproduce
Potential workaround
Hello Everyone ,
We are planning to hide Sonarcloud scans for security vulnerabilities which we want to turn off for reducing developer noise.we are expecting all new and old Sonar Cloud Scan must not include security results , Is possible ?
You want to disable the detection of security-related issues to reduce “developer noise”? Why would it not be a priority to detect them and get them fixed? Would you mind sharing your reasoning?
Or are you concerned here only about Security Hotspots?
In either case, the answer is to go to the Rules page, and disable the rules in question in your Quality Profiles. That assumes you’re already using custom profiles. If not, you’ll need to make a copy, disable the rules in your copy, and then set it as the default Quality Profile.
Hello Ann,
According to our requirement, we just want to hide security scan so developer should not get security scan status on dashboard. and I followed the steps and created new quality profile, understood about activation and deactivation of the rules but as i mentioned above, we are concern about hiding the security scan result in the dashboard but not to avoid it.
You can’t hide results from the project homepage. Either analysis detects the issues and they show up in the project, including on the homepage, or the rules are deactivated and the issues are not detected.