Hello @Zurich0
I never found Windows to be a developer friendly OS, it is always difficult to understand all of what is happening there. Going to Linux was a good idea.
Although I am a bit sad that you did not find much value in code smells and Security Hotspots 
and I believe that in the long run you may regret your choice:
- code smells are raising maintainability issues. Each issue represents a small detail individually, but if you don’t tackle them as they come, over time your code will accumulate them and any evolution or maintenance there will be a real pain.
- hotspots represent security sensible pieces of code, having a look at each of them is our recommendation but of course your choice.
And of course having tight quality profiles and quality gates is neither difficult nor too time consuming for teams that adopt the Clean As You Code approach. If you’d like to know more about it, I would recommend for you to read:
- this great community post first: Clean as You Code: How to win at Code Quality without even trying
- the Clean As You Code documentation page
If I failed to convince you about those rules, let me add here that you do not need to modify the analyzer implementation to disable rules from your analysis.
You just need your own quality profile that would not embed those rules.
Of course I know SonarQube UI quite well, but it took me less than 5mn to create a Quality Profile with Java rules for vulnerabilities and bugs rules only.
In order to do so, you may:
- Read the quality profiles documentation page
- Start a new quality Profile from scratch, if you copy or extend the Sonar Way one you will have all of its rules.
- Use the compare functionality to realign your Quality Profile with the Sonar Way on Vulnerability and Bug rules if you want to
- Once you have your Quality Profile ready, you can set it as default for all of your projects.
Best.
Sylvain