SonarQube Project showing an issue from a Java findbugs rule which is not there in the selected Quality Profile
HAZ1BAN opened this issue · 7 comments
Issue Description
Hi Team,
Good Day!
So this is the rule which lies in the mentioned image in one of the quality profiles:
And here is the list of quality profiles having this rule:
But if I try to search this rule in the Quality Profile selected for my project, it shows none:
Then why is this rule showing as an issue in my code?:
See the quality profile selected in the project, it does not contain the mentioned rule, still it is showing in the project as an issue.
This rule is automatically being picked from findbugs.
Also, I checked, the Quality profiles donot have any inheritance from any/each other.
Please let me know if you need anything else.
Environment
| Component | Version |
|---|---|
| SonarQube | Enterprise Edition - Version 9.9.1 |
| Sonar-FindBugs | 4.2.3 |
| Maven | ????? |
| Gradle | ????? |
| Java | ????? |
Hello, this is most likely due to the way SonarQube handles languages and default profiles, you also need to set a Java profile for your Kotlin project.
More details here: #727
Hi @gtoison,
Thank you for the reference.
I understand that apart from a specified/selected quality profile, Sonarqube also picks rules from the default profile of the selected Language.
But, in our case, we already have a default quality profile for the Language Kotlin, & that rule is not present in the default quality profile of the Kotlin Language.
Also, this rule should be implemented only on .java files, right? But why is it scanning .kt files too?
Sonarqube also picks rules from the default profile of the selected Language.
Not quite: Sonarqube picks rules from the default profile for every language installed on the server. So it will use the default profiles for XML, Java, HTML, ... etc. unless you've set a language profile for the project
So in particular your default Java profile is selected, and it most likely contains that rule.
Also, this rule should be implemented only on .java files, right? But why is it scanning .kt files too?
Spotbugs analyses the compiled .class files and reports the issues on the corresponding sources. Since the Sonarqube server tells the plugin that the rule is active, the issue is reported.
Oh, ok,
But I already have a Quality Profile selected which is based on Kotlin Language & Not Java:
See the project:
Is this quality profile different from language profile you mentioned here:
unless you've set a language profile for the project
If yes, where can I change that?
Under "Project Settings" you need to set a Java profile for the project.
A project might have one quality profile per language and yours only has one for the Kotlin language (so it uses the default profile for all other languages installed on your server).
Awesome!
It's working!
Thanks a lot for the support, we can close this request. :)
Kind regards,
Zeeshan
Great to hear that it worked, cheers!