sonarqube

问题 Sonar is giving an error that this FileOutputStream should be closed. I need to modify the following code to use try-with-resources . How do I do this? public void archivingTheFile(String zipFile){ byte[] buffer = new byte[1024]; try{ FileOutputStream fos = new FileOutputStream(zipFile); ZipOutputStream zos = new ZipOutputStream(fos); for(String file : this.fileList){ ZipEntry ze= new ZipEntry(file); zos.putNextEntry(ze); FileInputStream in = new FileInputStream(SOURCE_FOLDER + File.separator

问题 I use SonarLint with Eclipse , and I'm codding an application using AngularJS . I had a problem with a controller so I was trying to clean it a bit to see clearer, and then SonarLint popped me up an issue : Function has a complexity of 11 which is greater than 10 authorized. And here's the code of my controller : app.controller('LauncherCtrl', function ($scope, $http) { $scope.genStatus = "stopped"; $scope.startgenerator = function() { $http.get('/start').success(function () { $scope

问题 I'm analyzing Java SE 7 project by SonarQube version 5.1. Then, I faced squid:S1948 on below code. Fields in a "Serializable" class should either be transient or serializable Fields in a Serializable class must themselves be either Serializable or transient even if the class is never explicitly serialized or deserialized. That's because under load, most J2EE application frameworks flush objects to disk, and an allegedly Serializable object with non-transient, non-serializable data members

问题 When injecting any services, I have two choices : (Field injection) @Inject private MyService myService; or ( Constructor injection ) private MyService myService; @Inject public ClassWhereIWantToInject(MyService mySerivce){ this.myService = myService; } Why Constructor injection is better than Filed injection ? 回答1: Do something like (I assume you are using spring-boot or something comparable for your CDI) public class ClassWhereIWantToInject{ private MyService myService; @Inject public

问题 We utilize the pipeline and after the build completes successfully we are running the following: bat "mvn sonar:sonar -B -s ${buildSettings} -Dsonar.analysis.mode=preview -Dsonar.skipDesign=true -Dsonar.report.export.path=sonar-report.json" sonarToGerrit(severity: 'Major', postScore: true, category: 'Code-Review', newIssuesOnly: true, issuesScore: '0', noIssuesScore: '0', changedLinesOnly: true) The below build log shows that it found a good number of issues but yet the issues to be commented

问题 We utilize the pipeline and after the build completes successfully we are running the following: bat "mvn sonar:sonar -B -s ${buildSettings} -Dsonar.analysis.mode=preview -Dsonar.skipDesign=true -Dsonar.report.export.path=sonar-report.json" sonarToGerrit(severity: 'Major', postScore: true, category: 'Code-Review', newIssuesOnly: true, issuesScore: '0', noIssuesScore: '0', changedLinesOnly: true) The below build log shows that it found a good number of issues but yet the issues to be commented

问题 I am using sonar qube for analysing C files. I am not able to see the complete smells listed for C/C++ after analysis. For example Divide by Zero error is not listed in the code smell. My sonar scanner settings is reconfigured for C language using the option sonar.language=c and used C language specific tags like, sonar.c.include directories . I am getting Lexer errors for the C files. Can anyone help me to solve this. 回答1: You can do analysis for free with SonarOpenCommunity/sonar-cxx.

问题 When I run TFS 2013 with sonar I get the following error: No ProjectInfo.xml files were found. Check that the analysis targets are referenced by the MSBuild projects being built. Message: TF270015: 'SonarQube.MSBuild.Runner.exe' returned an unexpected exit code. Expected '0'; actual '1'. I use : sonarqube-5.1.zip sonar-csharp-plugin-4.0.jar SonarQube.MSBuild.Runner-0.9.zip sonar-runner-dist-2.4.zip I've followed instructions found in "SonarQube Installation Guide for Existing TFS Environment

问题 Why do I get this error: Class not found: org.joda.convert.ToString None of my code uses this class (maven-based sonar analysis), and it doesn't seem to affect the analysis. However, I get worried whenever there are "[ERROR]" logs in the output. My exact command is: mvn org.codehaus.mojo:sonar-maven-plugin:2.6:sonar I switched to this because someone in another related answer suggested this... 回答1: This error message is logged by the analyzer whenever it tries to complete a symbol during

问题 I have write multiple JUnit test classes for my project.The code covergae is 80% when I see it in Eclipse using cobertura plugin.But when I try to see my code coverage in Sonar it show only 35%.The reason behind this is that multiple classes have 0% coverage and some classes shows coverage.What is the main reason I don't know.Is it problem of sonar or there is some problem im my code beacuse somewhere I am using PowerMockito somewhere EasyMock and somewhere Mockito. I am attaching the