I run SonarScanner to scan a XML report which is generated by a third-party source code analysis tool.
I am using:
- Sonarqube Community Edition Version 7.9.3
- SonarScanner 126.96.36.1992
- C++ (Community) Plugin 1.3.2 modified to include my own parser
I have modified the C++ Plugin 1.3.2 in order to implement the parser for the report format. I have also included the XML rule map for the new repository.
The problem is Sonarqube does not show all the issues that the report contains.
E.g. the report gets 95 issues, the Sonarqube web only shows 77. There are 18 missed issues.
I have checked:
- I activated debug for console log to find some extra warnings
- All source and include file paths are valid
- The third-party report is correctly scanned because “INFO: CXX-xxxx processed = YY” gets the correct number of issues into the report.
- The Quality Profile that I am using into Sonarqube has all (and only) rules of my own repository in state “Active”
- Some of the not-shown issues are located on files where other issues are shown (so, skipped files behaviour can be discarded)
- None of the issues which belong to the same rule is shown (so, I guess that it can be related to the rule list)
- The rules which are not showing have active state in the Quality Profile.
I made a simple test to verify if rules are ok:
I have created a new Quality Profile with only the rules which are missed. The result is, after new scanning, issues are properly shown.
I suspect that there is a limit of active rules to check in a Quality Profile.
The current number of active rules in the used Quality Profile is 2.316.
Do you have any other suggestion?
Is there a limit to rules usage?
Thanks in advance