SonarLint for COBOL and SonarQube - 0 issue(s)

Please provide

  • Operating system: Windows 10 x64
  • SonarLint plugin version: 3.9.0 “Universal” (without embed jre)
  • Is connected mode used: yes
    • Connected to SonarQube: Data Center Edition Version 8.9.3 (build 48735)

And a thorough description of the problem / question:

I want to use SonarLint with legacy COBOL.

I managed to install SonarLint 3.9.0 “Universal”, configured a JRE V11 with our site certificates.
I managed to configure the connection to SonarQube and to the Sonar project of my application.

I think I understood that for the COBOL language, SonarLint did no local analysis during input, but queried the SonarQube server to retrieve the results of a previous analysis.

SonarLint communicates well with SonarQube, for my project, my components, but SonarQube systematically answers “0 issues” (with an s at the end), while there are many issues if you ask SonarQube.

Is it normal to have “0 issues”? (and in this case what is it for?).

Did I misunderstand how SonarLint works in connected mode for the COBOL language?

Thank you for your help.

image

Hi,

SonarLint for VSCode simply doesn’t support COBOL, even in connected mode. I believe there’s a vendor-specific offshoot of Eclipse (+SonarLint) that supports COBOL, but that’s it.

 
Ann

1 Like

Hi,

not sure… I saw once and only once issues coming up from SonarQube but I never managed to renew this operation.

FYI, the only issues SonarLint will “fetch” from the server:

  • security hotspots (if you click on “open in IDE” from SonarQube UI)
  • taint vulnerabilities (= some vulnerabilities that are too expensive to be computed on SonarLint side), but I don’t think we have any of them for Cobol

All other issues should be detected locally to be displayed, and SonarLint for VSCode doesn’t run Cobol analysis.