It would be very helpful and save a lot of time if SonarLint would have an option to automatically apply suggested changes for a number of issues.
Some things like removing unneccessary usings are easily fixed, some things may be a bit more tricky.
There are other ways to doing this, but that requires a combination of different tools and they won’t be linked to SonarQube’s rulesets.
Hello @akorevaar,
please allow me to ask you a few questions so that we can better consider your suggestion:
And a last one: you mention “automatically apply” in your request, what is your expectation exactly, e.g. for simple issues, you would like SonarLint to automatically fix your issue (e.g. remove the unused import, maybe displaying a “Undo this” popup to rollback if needed? or would you prefer to manually trigger the fix (e.g. click on Quick Actions → Apply suggested fix?).
Thanks in advance for your insights!
Hello @Marco_Comi, thank you for your reply.
which IDE are you using SonarLint with?
I am using SonarLint with Visual Studio and Visual Studio Code.
which programming language(s) are you coding with?
Among many others… mainly C#, Java, html / css, javascript / typescript
what is the main reason you would like SonarLint to propose and apply fixes?
The main reason would be to save time. I don’t have exact numbers, but we do have projects with over 9k code smells (that’s something for another discussion…) and in an enterprise environment like ours with hundreds of projects, we’re talking about many man-years to solve them all.
what is your expectation exactly
If we’re talking about saving time, then SonarLint would ideally automatically fix issues where possible. This could be on demand, on save, on build. I would probably prefer on demand for an entire project (or: solution if we’re talking Visual Studio). An Undo function could be helpful, then again we have source control for that. Manually trigger fixing individual issues would only marginally contribute to saving time so that would not be my first intention.
Perhaps spotless that I use for Java projects may be a good example of what I am thinking about.
What it exactly should and shouldn’t automatically fix is up for debate I guess. Removing unused imports/usings seems trivial, so are simple things like writing hex color values in lower case in css. Formatting parentheses, indentation, newlines… Other things like making private member variables final/readonly might prove to be less trivial. And there are certainly things that could/should not be fixed automatically. But starting with low hanging fruit, it could save a lot of time and thus costs.
Thanks @akorevaar for your answers, that seems to make a lot of sense. We’ll probably be doing some study around this subject this year - not only limiting to automatic fixes, we may also consider suggestions or contextual guidance for more complex cases - and will definitely keep your input into account. And true, automatic fixes could potentially save quite some time although they seem to be (safely) applicable to only a subset of Sonar rules.
One little side note though, about this:
I don’t have exact numbers, but we do have projects with over 9k code smells (that’s something for another discussion…) and in an enterprise environment like ours with hundreds of projects, we’re talking about many man-years to solve them all.
Our philosophy at SonarSource is to rather focus on newly introduced issues, in facts we promote the Clean as You Code principle; I invite you to check this page on our website or this blog article to learn more