Sonarcloud- filter out security scans

Template for a good new topic, formatted with Markdown:

  • ALM used (GitHub, Bitbucket Cloud, Azure DevOps) -github
  • CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI -circleci
  • Scanner command used when applicable (private details masked)
  • Languages of the repository
  • Only if the SonarCloud project is public, the URL
    • And if you need help with pull request decoration, then the URL to the PR too
  • Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
  • Steps to reproduce
  • Potential workaround

Hello Everyone ,
We are planning to hide Sonarcloud scans for security vulnerabilities which we want to turn off for reducing developer noise.we are expecting all new and old Sonar Cloud Scan must not include security results , Is possible ?

Thank you!
Hirali shah.

Hi,

I’m not sure I understand.

You want to disable the detection of security-related issues to reduce “developer noise”? Why would it not be a priority to detect them and get them fixed? Would you mind sharing your reasoning?

Or are you concerned here only about Security Hotspots?

In either case, the answer is to go to the Rules page, and disable the rules in question in your Quality Profiles. That assumes you’re already using custom profiles. If not, you’ll need to make a copy, disable the rules in your copy, and then set it as the default Quality Profile.

 
HTH,
Ann

Hello Ann,
According to our requirement, we just want to hide security scan so developer should not get security scan status on dashboard. and I followed the steps and created new quality profile, understood about activation and deactivation of the rules but as i mentioned above, we are concern about hiding the security scan result in the dashboard but not to avoid it.

Thank you!
Hirali shah.

Hi Hirali,

You can’t hide results from the project homepage. Either analysis detects the issues and they show up in the project, including on the homepage, or the rules are deactivated and the issues are not detected.

 
HTH,
Ann

Hello Ann,
Thank you so much for your quick response , i understood your point, and will try to go through all the rule and then will decide.

Again appreciate your help.
Hirali shah.

1 Like