SonarLint ruleset file in Visual Studio


(Daniel Albarracin) #1


I have questions about how to control modifications in ruleset files on Visual Studio. The point is, i don’t want any modification in rules by any others (developers) so, how can i avoid it without block since TFS configuration file? That is my actual option.

There is no specific documentation about that. It’s difficult to improve the Quality Processes if any one else can disable rules and then recompile solution.


(Valeri Hristov) #2

There is no way to limit the access to ruleset files from SonarLint. If your source control allows this, you could limit the access to these files on SCM level, but the developers will still be able to modify the files locally and compile the solution.

SonarLint will complain if a ruleset is different than the Quality Profile on SonarQube, but if someone is so inclined to compile and commit without certain rules enabled, SonarLint will not prevent them to do it.

In case you use (or could use) branches, pull requests and code reviews in your development workflow, a better option would be to include build steps with Scanner for MSBuild in your CI process and prevent the PRs from merging into the master branch if the SonarQube quality gate fails. This way the quality will be assessed on the build agents, the local ruleset files will be ignored and the developers will not be able to interfere.

In any case, if the developers themselves don’t want to improve the quality of their code, it will be difficult to solve the problem with just tools…