This is not an issue with a specific rule but with the SonarQube analysis itself.
We have noticed that since our migration from SonarQube 6.7 to 8.9 LTS, a whole lot of files from certain packages seem to have completely vanished from the analysis. We have no specific inclusions or exclusions of source files and use the default settings of the Gradle analyzer.
According to our testing, the files that went missing in the SonarQube UI all share specific package names like
build
update
target
and renaming the packages to something else caused them to be included again in the analysis.
Example:
src/main/java/com/mycompany/gradle/plugins/build/jarsigning is present in 6.7 and missing in 8.9.
src/main/java/com/mycompany/gradle/plugins/utils/livereload is present in both versions.
Could the cause be some overzealous filtering that attempts to prevent accidental inclusion of compilation output into the analysis?
But quite a bit has changed between 6.7 and 8.9, and that does include some “smart” exclusions.
Specifically, I’m guessing you’re impacted by the exclusion of files you’ve set your SCM to ignore. You can turn that behavior back off with the sonar.scm.exclusions.disabled parameter. (The docs.)
I checked our metrics again myself and it seems like our engineers didn’t look properly.
When they tried out the property you suggested on June 10th, our analysis actually started including ~90 more files than before, which all happen to be in the build folder.
One could still argue that even with the property disabled, the exclusion in the .gitignore file should be overruled for these specific files by the inclusion further down. Maybe there’s room for improvement in whatever tooling is handling this smart exclusion, but disabling it is good enough for us at the moment.
You mean for the Sonar analysis? That one just uses the default settings of the Gradle Scanner. We do not actually configure any inclusions/exclusions.