SonarLint project configuration options

  • Operating system: W11
  • SonarLint plugin version:
  • Programming language you’re coding in: Java/TS
  • Is connected mode used: No

We want to disable rule/file pattern combination for both SonarQube Enterprise as well as SonarLint for IntelliJ in a single place which is VCS tracked.

The easy answer is to connect the plugin and configure in SonarQube. We would much rather have the project specification configuration as part of the VCS tracked project files. Furthermore access to the SonarQube configuration could be limited or impossible dependent on the companies setup.

Therefore we would like to have the possibility to define the different parameters for rule/file exclusions etc. in a single place for both SonarQube as well as SonarLint which is part of the VCS tracked project files.

We have found that using
in our projects pom is a decent solution. Having the IntelliJ SonarLint plugin comply to these exclusions would be a sufficient solution

Hello @gitgdako, welcome to the Sonar community and thanks for your input!

We would much rather have the project specification configuration as part of the VCS tracked project files.

We’re regularly improving the synchronization of SonarLint with SonarQube when the plugin is connected; we are aware that in some companies it is not easy or possible to access SonarQube from the developer workstations, but we haven’t prioritized this use case yet.
Could you give us some details why you prefer the configuration to be in source control rather than centralized in SonarQube?

  • As mentioned Sonarqube might not be configurable per company policy, for example because roles with rights to configure project specifics like rules include other permissions as well that you may not want to expose.
  • Having it as part of the project means its VCS tracked, which you can apply any configuration/validations etc to that are possible with any files e.g. Commit checks, GitHub Actions etc.
  • Sonarlint reading from a local file prevents any infrastructure issue, like internet issues or something as simple as Sonarqube server maintainance

There might be other reaons I cannot think of at the moment, but these are some good ones i believe. I understand though that these configurations could possibly contradict each other and I have no idea how to resolve this to be honest, probably just prefer Sonarqubes config and issue a warning

1 Like

Thanks for the details, I made a note of it.

Do you have a concrete example?