Unable to get the right severity of rules, for a given quality profile key

ExemplesDev · January 21, 2020, 4:02pm

Hello,

first here is my Environment:

SonarQube Community 7.9.1 (via docker)
plugin C++ (Community):1.3.1
sonar-scanner 3.0.3.778 (not used here)

Error observed
the rules returned by the API rest api/rules/search are ok but their severity have the values read in the SonarQube interface

steps to reproduce

list the issues in the sonarqube dasboard
select the rats repository
note the severities (note: they have been modified in this example)
get this list by the api rest
localhost:9000/api/rules/search?qprofile=AW_DzVUQchokphKZ5vLQ&f=name,severity&repositories=rats

Some values of severities (eg MAJOR) are not the values read in the sonarque interface (first step)

potential workaround
I’ve done a backup of the Quality profile : the same severities as provided by the api rest are in the XML output file. So…No workaround by this way.
FYI information I’ve put an issue in the cxx community issue tracker: it seems that the repository “valgrind” does not exist in SonarQube ( Issue 1793)

please provide suggestion to resolve this.

Thank you.

ganncamp · January 22, 2020, 7:52am

Hi,

For the record, the community C++ plugin isn’t supported here. However your question seems to be general, so…

It’s not clear to me what you mean by “in the interface”. Is it possible that what you’re seeing is the difference between the rules’ default severities and their activated severities in your profile?

Ann

ExemplesDev · January 22, 2020, 12:05pm

Here is may be another more detailed example:

SonarQube interface = menu in the browser
I have only one rule activated in a given profile (ex: “rats:_cprintf”)
I can see this (severity MAJOR) rule in the browser, clicking only in the name of the quality profile:
http://localhost:9000/coding_rules?activation=true&qprofile=AW_M90DXwqWeLO4WzNs3

if I do a backup of the quality profile, I can check that the XML file contains only this rule.

Now, i want to use the Rest api:

http://localhost:9000/api/rules/search?qprofile=AW_M90DXwqWeLO4WzNs3&name

…and this command displays a lot of rules …but not the expected rule (“rats:_cprintf”)

So it is not a question od severity or default_severity but a bad performance of the api/rest (or of the results in the database ?).
But maybe I’ve done something wrong ?
Thank you…

ganncamp · January 27, 2020, 8:07am

Hi,

Since your query string doesn’t include &activation=true you’re getting a paginated list of all rules. The rule you expect is in page 2+.

HTH,
Ann

ExemplesDev · February 3, 2020, 2:31pm

Hi (sorry for the delay),
Actually it was due to this missing parameter “=f=actives”

http://localhost:9000/api/rules/search?qprofile=AW_M90DXwqWeLO4WzNs3&activation=true&f=repo,name,severity,actives

I get then the default rule severity and the severity possibly changed into the Quality Profile.
Thank you

Topic		Replies	Views
Rule explenation shows default severity, not the one from the active profile IntelliJ Platform intellij , quality-profiles	6	1381	July 2, 2020
Filter by changed severity SonarQube Server / Community Build	5	24	March 24, 2025
Severity of code smell rule is not getting updated in sonar scan job SonarQube Server / Community Build sonarqube , quality-profiles	3	1303	March 9, 2022
SonarQube Quality Profile active rules acount not consistent SonarQube Server / Community Build sonarqube , quality-profiles	2	551	April 2, 2020
Bulk-activate rules with a specific severity from UI SonarQube Server / Community Build sonarqube	5	508	February 1, 2024

Unable to get the right severity of rules, for a given quality profile key

Related topics