which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
SonarQube 7.9.1.27448
Sonar Scanner for msbuild 4.8.0.12008. Live system is using version Scanner for MSBuild 3.0.2.656
FXCop 1.4.1
Sonar C# 8.0 build 9566
Custom in house made roslyn analyzer
what are you trying to achieve
I have seen this for a while now, but I haven’t figured out what can cause it. I’m testing the 4.8 scanner and im getting some drastically different results compared to the 3.x scanner that are confusing me. In the screen shot i uploaded, there are 578 results with a blank file name for this project. However, another project has over 70,000 results associated to a blank file name. The issues are not all associated to one rule. They span multiple rules from multiple repositories. On our live system there are only 12 issues with a blank file name for the same example project.
Is there any way that i can track down whats causing this? In the past i would just mark them as false positive. Now I do think the 4.8 scanner is giving us much better results overall. However with the 4.8 scanner giving such large numbers of blank file names, I’m curious as to potential causes.
what have you tried so far to achieve this
I have just been marking them as false positive. Is there additional logging i can enable to see more of what’s going on? Is it normal to see that?
Wow, never saw that before. You should definitely not let that under the carpet.
Some ideas to investigate:
do these files have content? The underlying question is: are they real files but something happened with their name, or are they zombi files?
what does the analysis says during the file indexing? (enable the debug mode). Are files all having a well-recognized name?
is your custom plugin uses the SQ Java API to report issues on file? Or does it simply raise issues during the build and benefit from the .NET external issue import (see at the bottom)? Does removing your plugin and re-analyze fixes the issue?
I guess i just wasnt looking closely enough. They are all related to the rule CA1063 from i believe the fxcop plugin. I’ll disable that rule for now and see if the sonar version gives better results.
Well I’m down to only 272 issues from 3 different fxcop rules with blank file names. It definitely seems to be related to FXCop rules only, so I might have to just keep an eye on them and check future updates.