11,930 questions
Best practices
0
votes
0
replies
31
views
I want to avoid black duck scan
In my current project, our team is using Databricks, ADLS, a web app, and Power BI. We will complete development and then migrate the code to GitHub. Later, we plan to perform Black Duck scans. ...
- 27
0
votes
1
answer
98
views
How to properly re-throw an exception cause without causing SonarQube errors in Java?
I'm working on a Java method that handles multiple exceptions, and in some cases, I want to re-throw the original exception stored as the cause of an ExecutionException. Specifically, I have a piece ...
- 490
1
vote
2
answers
95
views
Does SONAR's cpp:S5213 rule imply that functions accepting lambdas must be implemented in the .h file?
SONAR's cpp:S5213 rule says that
Template parameters should be preferred to "std::function" when configuring behavior at compile time
We have tried implementing that by replacing std::...
- 6,299
2
votes
1
answer
69
views
SonarQube shows 0% coverage for Angular (LCOV exists) while .NET coverage is OK
I run a single batch script to analyze a mixed solution: .NET backend + Angular frontend.
The .NET coverage (OpenCover) is imported correctly, but Angular/TypeScript coverage always shows 0% in ...
- 28.6k
0
votes
0
answers
30
views
Filtering SonarQube Issues in Visual Studio 2022
I'm using SonarQube with Visual Studio 2022 (connected mode) and looking for the best way to filter SonarQube issues in the error list.
Goal: easily isolate SonarQube issues from compiler warnings, ...
- 347
0
votes
1
answer
55
views
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.2:sonar
I want to analyze my code project with sonarqube. When i try this command:
mvn clean verify sonar:sonar -Dsonar.projectKey=country-service -Dsonar.projectName='country-service' -Dsonar.host.url=http://...
0
votes
0
answers
51
views
Scan helm files that contain invalid yaml
I have a Helm chart that I need to scan via SonarQube. The issue is, whenever I scan my Chart it flags up a host of errors because the YAML Analyser does not know how to interpret the templating.
For ...
- 607
1
vote
2
answers
129
views
Cannot run Sonar analysis on Kotlin source code using Gradle plugin in Jenkins
Using Sonarqube Gradle plugin version 6.2.0.5505 (latest: https://plugins.gradle.org/plugin/org.sonarqube/6.2.0.5505) , the analysis of Kotlin source code fails when running on my Jenkins instance, ...
- 12.2k
0
votes
1
answer
35
views
Does this Helmet CSP violate itself with contradicting directives?
I'm building a website that will be using Helmet's CSP's, however, the current CSP I have coded seems to not agree with SonarQube.
Here is my current CSP in my app.ts:
app.use(
helmet....
- 1
8
votes
0
answers
388
views
Is there a safe way to create directories with std::filesystem?
I have compared the description of POSIX mkdir against
the description of std::filesystem::create_directory,
the specification draft for std::filesystem::create_directory, and
the specification draft ...
- 5,533
0
votes
1
answer
141
views
How to set up SonarQube SMTP without authentication?
We are using SonarQube server v2025.1.1. In the past we upgraded from former LTA versions. I'd guess the first such LTA version was 7.9.
Our SonarQube instance and our SMTP server both runs on a local ...
- 1,152
1
vote
0
answers
65
views
I'm trying to integrate sonarqube with a multi module android project.After integration I'm getting integration error
Here is the exception.
java.lang.NoClassDefFoundError: com/android/build/gradle/api/BaseVariant
at org.sonarqube.gradle.SonarQubePlugin.lambda$getAndroidCompileTasks$16(SonarQubePlugin.java:179)
...
0
votes
0
answers
51
views
How to remove method or line from sonarqube check in Go?
have a correct method to remove unique method or line from check coverage sonar? like //NOSONAR?
I've tried but I wouldn't like to have to use sonar.exclusions= in my sonar-project.properties file
0
votes
1
answer
61
views
Relevance of Sonarqbue Rule kotlin:S5612 Lambdas should not have too many lines
As a team using SonarQube for code analysis on our Jetpack Compose projects, we're frequently running into kotlin:S5612 (lambdas exceeding 20 lines) as a major code smell. The nature of Compose's ...
- 244
0
votes
0
answers
56
views
How to extract the number of passed and failed test cases from Jenkins CI pipeline?
I am currently running my test cases in a Jenkins CI pipeline. Now, I want to extract test case results—specifically the number of passed and failed tests.
Does Jenkins provide an API to fetch this ...
