sonarqube

问题 We want to upgrade our SonarQube Server from the 5.0 version to the current 5.4. We imported our Quality Profiles, and had to set the Quality Gates manually (we found no way to do that automatically). Now I have the problem, that i cant use the Value Δ since previous analysis , only "Value" and "Leak". We have to use this property, because our company have large projects with legacy Code. Does anyone know, what happened with this Property? 回答1: Since SonarQube 5.4 the only Differential Period

问题 I am using sonar-maven3-plugin 3.5.1 and i don't know how to configure PDF report for this plugin. Is sonar-maven3-plugin uses any internal plugin for report. I don't know how and where to configure the reporting plugin. 回答1: In Sonar 4.0+ the plugin is included with the base install. The PDF is generated automatically when you run mvn sonar:sonar , but the dashboard doesn't contain the PDF widget by default. Add it by going to Dashboards > Configure Widgets. Search for and add the PDF widget

问题 I am using SonarQube 5.1 in order to collect all Java and Lint errors for Android apps. Almost every important issue is already caught by Sonar using Lint plugin, but I have found at least one issue not included: <issue id="GradleOverrides" severity="Warning" message="This `minSdkVersion` value (`14`) is not used; it is always overridden by the value specified in the Gradle build script (`15`)" category="Correctness" priority="4" summary="Value overridden by Gradle build script" explanation=

问题 Just stood up a brand new SonarQube 6.7.1 server and configured it to authenticate users via the LDAP plugin ( 2.2 build 608 ). So far so good. However, when users trying to run a command line scan using maven with a token: mvn sonar:sonar -Dsonar.login=438fd33be6d6e5c9146c674717fea4675f0eb ...they get the following error: Not authorized. Please check the properties sonar.login and sonar.password. The Sonar logs are showing: 2018.01.19 18:20:14 DEBUG web[AWELLmgpg7dbJTF2AALW][o.s.p.l

问题 In sonar i see a major violation warning for code public Long getValue(FieldType fieldType) { Long value = paramLevelMap.get(fieldType); // ok returns Long not long return value == null ? UNSPECIFIED_PARAMETER_KEY : value; // complaints here } Where 'UNSPECIFIED_PARAMETER_KEY' is pvt static long , and 'value' is also long. Boxed value is unboxed and then immediately reboxed Its complaining on the 2nd line. I didn't quite understand it , when & how is primitive long being converted to

问题 When I am installing sonarqube using postgresql, I got stuck with connecting it to jdbc of Postgresql. In /opt/sonarqube/conf , I uncommented JDBC as sonar.jdbc.username=username sonar.jdbc.password=password. 2.sonar.jdbc.url=jdbc:postgresql://localhost/username Additionally, below is my sonar scanner conf that I uncommented Default SonarQube server sonar.host.url=http://localhost:9000 PostgreSQL sonar.jdbc.url=jdbc:postgresql://localhost/username This is what I followed for configuring

问题 In my team, we have switched from using Checkstyle and FindBugs to SonarQube, for many reasons, and particularly because of the dashboards, as they make it easier to have a global view of where we stand. However, in the process, we have lost a few useful checks that I am trying to convert / reimplement with SonarQube. In particular, our Java code (legacy and newer) is plagued by a use of several logging platforms/libraries: slf4j+logback, Commons Logging, Java Util Logging, etc. My use case

问题 I have a project with an aggregator POM and several submodules: com.example:root |- com.example:module-a |- com.example:module-b |- com.example:module-c It was decided that module-b needs to be a separate project, so the directory module-b was split off into a separate git repository. Now we have 2 projects: com.example:root |- com.example:module-a |- com.example:module-c com.example:module-b com.example:root was analyzed for a long time with SonarQube. I use the maven goal sonar:sonar . Now

问题 I use SonarQube for a Java project but the complexity calculation is not clear for me. The complexity value is 3 for the following example: public boolean even(int i) { if (i % 2 == 0) { return true; } return false; } According to the User Guide the complexity is calculated as follows: “It is the cyclomatic complexity, also known as McCabe metric. Whenever the control flow of a function splits, the complexity counter gets incremented by one. Each function has a minimum complexity of 1.” In

问题 I'm running SonarQube 5.6.1 and am trying to save a view that I created. To do that, I want to take a peek at H2 DB that Sonar (according to it's own readme) uses for internal embedded DB. I've ran the H2 jar file and in console was able to log in to dummy DB. If SonarQUbe is running, I can't connect. So, what are default credentials for that DB? Tried my user credentials and admin/admin, none work. Admin/admin is default for SonarQube administrator user. 回答1: The default values are sonar