SonarLint source control


(Haejoong Lee) #1


I have a question about files that SonarLint creates. I have a visual studio project that is bound to a sonarqube project. SonarLint generates .ruleset files under each project directory. It also modifies project files (.csproj files in my case) to add the ruleset file to the project. I guess I’ll have to include these changes to the source control.

In addition to those files, it also creates a folder called “.sonarlint”. In the directory, it creates a ruleset file and a .slconfig file. Should I add these files to source control as well? It has a property called “ProfileKey”, which could be an auth token.


(Duncan Pocklington) #2

Hi there,

Yes, you should check in all of the changed files, including the .sonarlint folder.
The profile key isn’t an auth token - it’s the identifier for the Quality Profile for the Sonar project the solution is bound to.

If your SonarQube server requires user credentials (i.e. doesn’t allow anonymous access) then the credentials you provide will be stored in the Windows Credential Manager.

Note that the credentials are stored per-user and per-machine, so any other developer who opens the solution will need to provide their own credentials. However, there is a known bug in this area that was reported last week that will affect you if your server does not allow anonymous access: see for more information.