Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Ignoring a line with Sonar

Tags:

sonarqube

Sonar complains about a line.

Thread.sleep(SLEEP_TIME); // NOSONAR

Its problem is that

"Thread.sleep" should not be used in tests

Using Thread.sleep in a test is just generally a bad idea. It creates brittle tests that can fail unpredictably depending on environment ("Passes on my machine!") or load.

And it makes sense, this should be fixed. But my problem is: why doesn't the NOSONAR part has any effect here? It seems to work in other parts of the code where it's used, e.g. with

public static final String PASSWORD_FILE_NAME = "secret.txt"; // NOSONAR

it doesn't complain any more that there is a hardcoded password in the code. So why doesn't it work with the Thread.sleep() case?

I can see the issue both in SonarQube and in the SonarLint plugin for IntelliJ.

like image 309
ytg Avatar asked Mar 02 '16 07:03

ytg


People also ask

How do I make SonarQube ignore a line?

The SonarQube JAVA Analyzer allows you to use the "@SuppressWarnings" annotation to disable a specific rule locally. It will allows you to disable issues on a single line, by placing the annotation directly above an instruction, or in an entire block, by placing it above a class or a method for instance.

How do you ignore rules in Sonar?

In Java, we can exclude Sonar checks using the built-in @SuppressWarnings annotation. This works exactly the same way as suppressing compiler warnings. All we have to do is specify the rule identifier, in this case java:S106.

How do I ignore a class in SonarQube?

Ignore Code Coverage To do so, go to Project Settings > General Settings > Analysis Scope > Code Coverage and set the Coverage Exclusions property.

What is Sonar Test inclusions?

sonar.test.inclusions. Comma-delimited list of test file path patterns to be included in analysis. When set, only test files matching the paths set here will be included in analysis. sonar.issue.ignore.allfile. Files containing text matching this regular expression will be ignored by analysis.


1 Answers

You are basically hitting this problem : https://jira.sonarsource.com/browse/SONARJAVA-1113

Which was that the // NOSONAR was not taken into account in tests.

This has been fixed in the latest release of the sonar java plugin release (3.11)

(On a side note, using NOSONAR is not great IMO, you should keep track of issue you don't want to fix using SonarQube rather than cluttering your code with comments that are linked to a specific external tool)

like image 110
benzonico Avatar answered Oct 22 '22 06:10

benzonico