问题
We set a lot of false-positive violations using SonarQube UI. Can you advise how to keep those false-positive violations during upgrade? We are trying to upgrade Sonar from 3.5.1 to 4.0 and it seems that the those false-positive violations were removed.
回答1:
One thing you can do is export the list of false positives so that you will at least know what they are and which files/issues they are attached to. I'm not sure how to then import the list, but in the worst case you can just mark violations as false-positive again, after first checking against the exported list.
The Sonar Rest API query to obtain the list of false positives is as follows. It worked in Sonar 3.2, but I'm not sure if it works in your particular version. It does not work in SonarQube 4.5.4 and possibly other versions, but I don't know.
http://sonar.your-server.com/api/reviews?resource=com.yourpackage.yourcomponent:yourtag&review_type=FALSE-POSITIVE&format=json
来源:https://stackoverflow.com/questions/20514450/sonarqube-4-how-to-keep-the-false-positive-violations-during-upgrade