Hello @Mike_Gresens,
Thanks for raising this problem. We did a huge effort recently to make the rule squid:S2699 raising less FPs. Still it looks we missed BDDAssertions. The good news is that you can now configure the rule S2699 to take into account extra frameworks. Here is how to achieve that:
- Create a custom Quality Profile by extending “Sonar Way” for Java. This can be done in your organization, here: https://sonarcloud.io/organizations/octopus-prime-github/quality_profiles - there is a button “Create” on the top right on this page when you are owner of the organization.
- Override the configuration of S2699 in your custom Quality Profile like this:
org.assertj.core.api.BDDAssertions#then*
- Associate your new Quality Profile to your project.
- Scan your project once again.
I did this configuration of the QP on my organization: https://sonarcloud.io/organizations/agigleux-github/quality_profiles/show?language=java&name=Java_Custom_S2699 so that you have an example.
Regards
Thank you! Works fine.
Hello @Mike_Gresens,
Latest version of the Java analyzer was deployed on SonarCloud.
It should work better out of the box without the workaround now.
Thanks