Comments (8)
h3xstream
commented on June 3, 2024
The configuration to scan test files is an open issue #18.
Change required
The change although quite simple would require some unit tests and more integration testing. The proper enhancement will be include in the next version.
Behavior to add:
- If no source file are found it should skip the project, their is already a warning regarding the missing classes file.
- And obviously the analyzer should configurable to scan the tests.
Workaround
For the moment, I would suggest you to create a empty Java class in src/main/java/.
from sonar-findbugs.
amandel
commented on June 3, 2024
Thanks for picking this up. And I'm sure you saw that this is a regression coming from 3.3.
As a different workaround you can also skip the module in SonarQube altogether using maven means by adding -pl !xxx-test (xxx-test being the module name) to your mvn sonar:sonar call. This helps if you can not modify the project under analysis but you will obviously get no results at all for the excluded module.
I'm not sure if it is feasible through the Sonarqube API. Generally I would prefer to get a (blocker) issue reported sth like "Could not execute Findbugs cause of generic issue...", rather than a completely broken analysis in case of such a fatal analyzer issue. Might be I should ask for this on the other side of the API.
from sonar-findbugs.
h3xstream
commented on June 3, 2024
Currently, I was doing logging with WARN marker for non-critical observation.
Such as having JSPs that are not precompiled or compiled classes that do not have java file associated.
You could grep for those specific messages on your CI build task.
from sonar-findbugs.
amandel
commented on June 3, 2024
IMHO it would be nice to see these as issues in SonarQube: "Java file was not analyzed by FindBugs because no corresponding class file was found." or "..source could not be parsed", "...encoding issues in the source file." ...
from sonar-findbugs.
h3xstream
commented on June 3, 2024
@amandel Good point. I could not found anything like it in the API. It would be a good feature request.
from sonar-findbugs.
h3xstream
commented on June 3, 2024
I reconsider this issue as a blocker for the 3.4 release.
You can find the latest package here (sonar-findbugs-3.4.3.jar) : https://github.com/SonarQubeCommunity/sonar-findbugs/releases/tag/3.4
It is a minor code change (2 ifs conditions added only) but it should save a couple of headaches for users.
from sonar-findbugs.
amandel
commented on June 3, 2024
Cool! I can confirm that 3.4.3 fixes the above issue.
[INFO] Sensor FindBugs Sensor
[WARNING] Findbugs needs sources to be compiled. Please build project before executing sonar or check the location of compiled classes to make it possible for Findbugs to analyse your project.
[INFO] Findbugs analysis skipped for this project.
[INFO] Sensor FindBugs Sensor (done) | time=19ms
Thanks!
from sonar-findbugs.
h3xstream
commented on June 3, 2024
@amandel Thanks for the quick feedback.
from sonar-findbugs.
Related Issues (20)
- Findbugs is reporting false positive bugs in test code HOT 10
- Is sonar-findbugs compatible with Sonarqube 10.x HOT 9
- sonarqube displays errors from a profile that is not assigned to the project HOT 2
- Crowd username changes - impact on sonar-findbbugs plugin HOT 2
- FindBug Rules are triggered for Quality PRofile Kotlin and XML HOT 2
- SonarQube Project showing an issue from a Java findbugs rule which is not there in the selected Quality Profile HOT 7
- SonarQube fails with Java 17 HOT 8
- Spike in SonarQube Findings HOT 2
- Support Java 21 (Unsupported class file major version 65) HOT 3
- Dependency Dashboard
- Findbugs timeout issue HOT 6
- new option to analyze tests HOT 2
- Update PAT_TO_FORK HOT 6
- Findbugs is reporting false positive bugs SA_LOCAL_SELF_COMPARISON when using instanceof pattern matching HOT 13
- Integration tests occassionally fail due to errors accessing the jfrog repo HOT 1
- Make "sonar-findbugs" compatible with SonarQube 10.4 "DownloadOnlyWhenRequired" feature HOT 2
- Encountering several errors related to the FindBugs plugin while running a build on Bamboo. HOT 15
- v4.2.8 is missing a release artifact HOT 1
- java.lang.IllegalArgumentException: Error: missing bug code for keySECXXEVAL HOT 4
- Getting "Hard coded password found here" exception where (IMHO) it shouldn't HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sonar-findbugs.