sonarqube

问题 I am running SonarQube 5.5 with the following wrapper config settings. wrapper.java.initmemory=3 wrapper.java.maxmemory=4096 I am still getting the following stack trace, this project has run successfully with sonarqube 5.3. 2016.05.09 11:14:09 INFO [o.s.s.c.s.ComputationStepExecutor] Compute coverage measures | time=105ms 2016.05.09 11:14:09 INFO [o.s.s.c.s.ComputationStepExecutor] Compute comment measures | time=120ms 2016.05.09 11:14:14 INFO [o.s.s.c.s.ComputationStepExecutor] Copy custom

问题 I have updated Sonar to the 4.5.1 LTS version, and now in my gradle task i have got the following error and can't fix it: Fail to download libraries from server build.gradle with sonar runner sonarRunner { sonarProperties { property "sonar.host.url", "http://sonar:9000" property "sonar.login", "" property "sonar.password", "" property "sonar.jdbc.url", "jdbc:mysql://sonar" property "sonar.jdbc.driverClassName", "com.mysql.jdbc.Driver" property "sonar.jdbc.username", "sonar" property "sonar

问题 I even refered : Sonar Violation: Security - Array is stored directly My code is as ---> public final void setSelectedObjectsList(final ScheduleDTO[] selectedObjectsList) // Security - Array is stored directly //The user-supplied array 'selectedObjectsList' is stored directly. { if (selectedObjectsList != null) { this.selectedObjectsList = selectedObjectsList.clone(); } else { this.selectedObjectsList = null; } } This is already taking care of defensive copy wonder why sonar is yelling at me

问题 In our organization, we are using SonarQube 5.6 with C# plugin 5.3.1 and every issue we mark as Won't Fix gets reopened next time analysis runs. Sometimes, when the analysis runs again the issues get marked as Won't Fix (as manually marked before). We are trapped in a circle. Any ideas? 来源： https://stackoverflow.com/questions/38794909/why-does-sonarqube-reopen-issues-marked-as-wont-fix

问题 I'm a SonarQube newbie. I'm running analysis in eclipse via sonar-eclipse-plugin. But on remote server, it displays: No analysis has been performed since creation. The only available section is the configuration How can I see the results of the analysis on the server? 回答1: This means that you have provisioned your project to be able to make a local analysis in Eclipse. Local analyses (like what happens in Eclipse) don't push data to the server - they are used to "preview" the quality of your

问题 I'm a SonarQube newbie. I'm running analysis in eclipse via sonar-eclipse-plugin. But on remote server, it displays: No analysis has been performed since creation. The only available section is the configuration How can I see the results of the analysis on the server? 回答1: This means that you have provisioned your project to be able to make a local analysis in Eclipse. Local analyses (like what happens in Eclipse) don't push data to the server - they are used to "preview" the quality of your

问题 I am struggling with the following problem. Log of the executed when sonar-runner in Jenkins. SonarQube Runner 2.4 Java 1.7.0_67 Oracle Corporation (64-bit) Windows 7 6.1 amd64 SONAR_RUNNER_OPTS=-Xms256m -Xmx512m INFO: Runner configuration file: D:\CI_BUILD\sonar-runner-2.4\conf\sonar-runner.properties INFO: Project configuration file: NONE INFO: Default locale: "ko_KR", source code encoding: "UTF-8" INFO: Work directory: D:\CI_BUILD\jenkins_home\jobs\CAFE-CLIENT\workspace\.sonar INFO:

问题 I've got a project I'm working on and some of the files violate some of the rules, but in ways that are not real issues, and are thus distracting noise. However, I don't want to disable these rules globally, and I would prefer not to have to mark 'em as false positives one by one. Is there a way to disable Sonar rules for specific files, and if so, how? 回答1: Since SonarQube 4.0, you can define issue exclusion patterns based on rule key and file path pattern. On previous versions, you can rely

问题 Current My company is currently using checkstyle and findbugs scripts to measure their code quality. I am the one to imigrate those settings into a new SonarQube driven environment. I came to a point when I started wondering, if it was possible, to look the remote config settings of the running SonarQube server up and update the local settings accordingly. Right now, with checkstyle and findbugs it is like this: 1) someone changes the config xml file and uploads it to the server 2) the same

问题 I am trying to exclude some auto generated code (Service References) from Sonars static code and unit test coverage analysis. The project is C# .Net and Sonar is running via Jenkins on a Windows server. Within my sonar-project.properties file I am able to exclude various other files and directories by using the sonar.exclusions property, but this is not working for files that have a space in the path. sonar.exclusions=**/Global.asax.cs, **/MyProject/Service References/* Given the above