Source directory name staring with a dot (.) not recognised

SonarQube 7.4;SonarQube Scanner 3.2.0.1227.

The below source directory is not recognised by SonarQube Scanner. Remove the leading dot (.) then it works fine. However, the name .vuepress is required by the VuePress tool we used.
sonar.sources=.vuepress

Other failed attempts I tried are
sonar.sources=./.vuepress
sonar.sources=\.vuepress
sonar.sources=".vuepress"

sonar.sources=.
sonar.exclusions=**/otherdir/**

Hi,

Hidden folders are excluded from the analysis.

Can you tell what is this VuePress tool? Does the folder contain source code?

Hi Julien

VuePress is a Static Site Generator (https://vuepress.vuejs.org/). Yes, we have JavaScript code in the .VuePress folder.

I figured it’s to do with the hidden folder but we don’t seem to have control on naming the folder https://vuepress.vuejs.org/guide/directory-structure.html

Thanks
Huan

Analyzing generated code is usually not a good idea, since it will likely raise a lot of issues you won’t be in a good position to fix.

If this is “just” for curiosity, you might temporarily move the js files out of the hidden folder to run the analysis.

Those files are not generated code. They are hand written code for vuepress to use.

With other generated code we have, we use Sonar’s support to skip analysing issues on them but still include the code to get general stats like LOC.

Happy new year Julien.

I wonder if SonarQube could lift this rule about dot files, for reasons

  1. SonarQube’s contract (sonar.sources, sonar.exclusions) seems giving users full control of what source code to include and exclude. The fact that dot files are implicitly excluded comes as a surprise to users. Nor is it documented as far as I can tell.

  2. dot file being ‘hidden’ is a Unix-like file system convention, not Windows. SonarQube supports both platforms.

Please let me know if there are incentives/rationales behind excluding dot files.

Thanks
Huan

Hi @Huan_Ruan and happy new year to you.

I tend to agree with you, I think we should only exclude hidden folders, using OS definition of hidden. The problem is this is a very old code, and I wonder why it was added in the first place. I also care about the sudden change of behavior if we decided to finally let dot folders being analyzed on Windows…

Thanks to our excavator @dmeneses, I now have the reason. This is https://jira.sonarsource.com/browse/SONAR-3096

But I think there is a better solution, and I have created a ticket:
https://jira.sonarsource.com/browse/SONAR-11606

1 Like

Hi @Julien_HENRY

Many thanks for the follow up from you and
@dmeneses.

I fully understand introducing behavioral changes can break things. But, I think the risk for this case can be mitigated by the fact that users can still exclude those files explicitly if that’s what they want. That’s of course assuming users do read the release notes :slight_smile:.

Thanks for raising the ticket. I have added it to my watch list. Just an idea regarding excluding files - for git users, could the scanner honor .gitignore, which would’ve included .sonar.?

Huan

That’s in the pipe already :wink:

https://jira.sonarsource.com/browse/MMF-1491

1 Like

Thanks @Julien_HENRY.