Some rules are available on SonarQube but not on SonarLint, so it could be one reason. Also, in addition to setting up a connection like you did, you need to also configure a project binding. Could you please double-check if this step is complete?
If your issue persists, would you be able to enable verbose logs and provide full output, please?
may i chime in and humbly ask you to elaborate on this one?
how can i find out which rules are available on SonarQube but not on SonarLint?
what ruleset is used in sonarlint at what “state of connectivity” (un*connected* vs connected but *unbound* vs connected and bound) ← maybe there is a documentation url, you could point me to, that goes into details about this?
(I am asking because in the screenshot shown above i can read that the rule sets for languages got fetched into the sonarlint. I would expect now, that those would be used.)
how can i find out which rules are available on SonarQube but not on SonarLint
I’m afraid at the moment there is no easy way to check this , but usually in the SonarLint output you will see a list of rules that are enabled on the server, but not available in SonarLint. You could also make use of the Sonar rules page, where for each rule you will be able to see whether it is enabled in SonarQube/SonarCloud/SonarLint. In addition, you will be able to see and manage SonarLint rules under SonarLint > SonarLint Rules view.
what ruleset is used in SonarLint at what “state of connectivity” (un*connected* vs connected but *unbound* vs connected and bound) ← maybe there is a documentation url, you could point me to, that goes into details about this?
In addition, it enables users to browse Injection Vulnerabilities locally. Soon, the local detection of Security Hotspots will also be possible in Connected Mode (with SonarQube 9.7+). For all rules, in Connected Mode, analysis settings come from the server and the local configuration of rule activation is ignored.
Please note that using SonarLint in Connected Mode means having both, connection and a project binding configured.
Thank you for your detailed reply, Sophio! Also pointing to parts of the docu helps a lot
So … i try to interpret / extrapolate from that (and the unqoted rest): Is the following true?
If my “state of connectivity” is connected but *unbound* then for analysis the “baked-in” Version of the rulesets of the SonarLint version that i installed are used. (e.g. none of the SonarQube rulesets that are shown in the screenshot above as “fetched” is actually applied/used)
I promise i will not derail @antoniobriones thread anymore (after your hopefully coming reply)
//edit: i remembered something \o/ … some month ago i was already somewhere in that territory. And at that time i also made the suggestion that springs to my mind again here: add tags to the rules to show where/how they are available … not via images inside every rule, but searchable via tags like described here: Rules not getting updated in default sonar Quality profile - #5 by daniel