Comments (9)
h3xstream
commented on June 13, 2024
I am not using manual configuration myself (with SonarRunner).
Here is the official documentation : https://docs.sonarqube.org/display/PLUG/Java+Plugin+and+Bytecode
from sonar-findbugs.
kinjal-codes
commented on June 13, 2024
Appreciate your reply. Forgot to reply here that issue I had was resolved. However with Findbugs Ant Task I get following for every single class in the files list, just in case you had any input.
[sonar:sonar] The class 'crm.Event' could not be matched to its original source file. It might be a dynamically generated class.
from sonar-findbugs.
h3xstream
commented on June 13, 2024
With the latest version of SQ API, the property sonar.sources is no longer expose to plugin. At the moment, the source folder are "brute force" base on standard project structure (src/, src/main/java , etc.). It is very limited approach. As an example /source is not cover.. 😲
The fix will come at some point #51.
from sonar-findbugs.
kinjal-codes
commented on June 13, 2024
Great ! One last question ,
When I have "Sonar Way" as default profile my bug report is populated with 4,000 bugs and 800 vulnerabilities. When setting Findbugs as default it shows as 0 bugs and vulnerabilities. Also it looks like it never used security rules from findbugs. I also see about 30,000 lines of findbug-results.xml. Does this mean findbugs results were just not updated in portal ?
findbugs-default.txt
sonar-default.txt
from sonar-findbugs.
kinjal-codes
commented on June 13, 2024
Just to provide more information , looks like there is issue with latest installation of sonarqube + findbugs plugin , after completion of the scan I see the result but it doesnt get uploaded to portal. I am checking though to see if I can somehow get the report manually to portal.
from sonar-findbugs.
kinjal-codes
commented on June 13, 2024
Once I changed structure has to be /src/.java and bin/.class report came through fine. So looks like a fix mentioned on another post should fix issue.
from sonar-findbugs.
h3xstream
commented on June 13, 2024
@Soneshdabhi A cleaner fix will be coming in #51 for the source folder discovery.
If you still have an issue, please add a comment otherwise I will close the current.
from sonar-findbugs.
kinjal-codes
commented on June 13, 2024
Thanks for update , any ETA ?
from sonar-findbugs.
h3xstream
commented on June 13, 2024
@Soneshdabhi Soon for the fix regarding custom source directory.
from sonar-findbugs.
Related Issues (20)
- Findbugs is reporting false positive bugs in test code HOT 10
- Is sonar-findbugs compatible with Sonarqube 10.x HOT 9
- sonarqube displays errors from a profile that is not assigned to the project HOT 2
- Crowd username changes - impact on sonar-findbbugs plugin HOT 2
- FindBug Rules are triggered for Quality PRofile Kotlin and XML HOT 2
- SonarQube Project showing an issue from a Java findbugs rule which is not there in the selected Quality Profile HOT 7
- SonarQube fails with Java 17 HOT 8
- Spike in SonarQube Findings HOT 2
- Support Java 21 (Unsupported class file major version 65) HOT 3
- Dependency Dashboard
- Findbugs timeout issue HOT 6
- new option to analyze tests HOT 2
- Update PAT_TO_FORK HOT 6
- Findbugs is reporting false positive bugs SA_LOCAL_SELF_COMPARISON when using instanceof pattern matching HOT 13
- Integration tests occassionally fail due to errors accessing the jfrog repo HOT 1
- Make "sonar-findbugs" compatible with SonarQube 10.4 "DownloadOnlyWhenRequired" feature HOT 2
- Encountering several errors related to the FindBugs plugin while running a build on Bamboo. HOT 15
- v4.2.8 is missing a release artifact HOT 1
- java.lang.IllegalArgumentException: Error: missing bug code for keySECXXEVAL HOT 4
- Getting "Hard coded password found here" exception where (IMHO) it shouldn't HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sonar-findbugs.