(SonarQube, Scanner, Plugin, and any relevant extension)
No clue, because the UI doesn’t really make this obvious – “SonarCloud Code Analysis”
The tool apparently doesn’t like the repository as a whole and thinks it’s a great idea to frustrate drive-by contributors.
Since that’s what it’s doing, I’m spending time sharing my frustration with the tool’s developers.
If you have trouble with my tools, please feel free to reach out, I’d be happy to take your feedback and work to improve them.
I’m also happy to run my tool on your tool and give you feedback or patches (depending on whether you appear to take one or the other).
steps to reproduce
- Create a PR to fix some random project’s spelling Spelling by jsoref · Pull Request #3234 · keptn/keptn · GitHub
- Get an unhappy response from something
- Note that clicking The 4.3% failed conditions box takes me to:
- It’s unclear what a
Densityis – there’s no obvious help reachable from this screen. And searching leads to a forum post where sonar something apologizes for it being broken at some point.
- Clicking the first hit brings me to https://sonarcloud.io/component_measures?id=keptn_keptn&metric=new_duplicated_lines_density&pullRequest=3234&selected=keptn_keptn%3Astatistics-service%2Fswagger-ui%2Foauth2-redirect.html&view=list
– picture intentionally omitted because of forum constraints
- Apparently I’m supposed to click the gray bar:
– this was not remotely obvious
- What is a drive-by contributor supposed to do to make this tool happy?
- Why is it reasonable to say “You’ve added new duplicated code” when in fact the files were already perfect duplicates and the user has merely kept them in sync while fixing a typo?
- Why isn’t there something suggesting how to get the tool not to complain about this?
- Compare the report from before and after and don’t report anything that was in the before
- Whenever a new duplicate whether for a whole file, a hunk, or a line, offer a visible hint for how to mark it as an acceptable duplicate
- Offer a way for maintainers to see a report for their project as a whole, as opposed to for a single commit – otherwise, they won’t be aware that their project is a trap for contributors.
Collectively, this is how my tool works. It’d be really awful if my spell-checker told users about all misspelled words in a project each time they added an unrelated sentence. People would tar and feather me.
Don’t make PRs to projects that have sonar software enabled.
This is roughly a follow-up to Adding one line to an old duplicated block marks it new