Why are by default not all Rules activated in the "Sonar Way" Quality Profile?
2,619 views
Skip to first unread message
cou...@gmail.com
Jun 24, 2016, 5:28:16 AM6/24/16
to SonarQube
Hi,
On a fresh new install, not all rules are activated in the standard "Sonar Way" Quality Gate. eg for C# only +-100 are active by default, where +-280 are inactive. For Java 250 active, 100 inactive.
Why is that? I don't understand the logic behind in: I would assume that one would like to have a maximum of potential rules checked for?
Or is there a problem when all rules are activated?
Thanks a lot and regards,
Pieter
Scott B.
Jun 24, 2016, 7:38:05 AM6/24/16
to SonarQube, cou...@gmail.com
Hi.
It is very simple: SonarSource enabled the most valuable and useful rules in their opinion. More rules != more quality, most of time more rules means more false positives and useless issues.
Most people don't like SonarQube nitpicking every single line of code.
cou...@gmail.com
Jun 24, 2016, 8:24:19 AM6/24/16
to SonarQube, cou...@gmail.com
Hi Scott,
Thanks for your reaction! That definitely makes sense. But isn't the priority of rules there for that reason? I don't care when it gives me many minor or info issues. But I want to make sure I have the blocker and critical issues.
Hence I don't understand why the "sonar way" Quality Profile leaves out issues that are categories as Blocker or Critical. For me it's simple:
- or the rule works, so it should be included in the "sonar way" profile
- or the rule does not work as expected, than it shouldn't be in there at all
Isn't there like some kind of guidance on this? A list out there makes sure you get the right rules?
Regards,
Pieter
G. Ann Campbell
Jun 28, 2016, 9:51:41 AM6/28/16
to SonarQube, cou...@gmail.com
Hi Pieter,
We feel that all the rules we implement are valuable in some situation but to give you the best out-of-the-box experience it is our policy to enable by default only rules that are completely non-controversial. As a trivial example, consider the rules about which line to put your opening curly braces on. If those were on by default, people in shops where a different convention had been agreed on would immediately reject those issues and potentially throw the baby out with the bathwater.
Okay, there's a strong convention on that in C#, but you get my point.
But if there are specific off-by-default Blocker/Critical rules that you feel should be on by default, please do bring them to this group. In general, we're very responsive to feedback.
Ann
Pieter Coucke
Jun 30, 2016, 3:27:39 PM6/30/16
to G. Ann Campbell, SonarQube
Hi Ann,
Thanks for the input, I’ll go through them and signal it if I see something weird.
Actually, the initial ‘problem’ I had is the fact that recently I found out that if you upgrade a plugin, it does not update the “sonar way” quality profile. Hence: a completely new installation has more rules in the “sonar way” quality profile than an updated one.
I understand the reasoning behind that, but somehow I think it should be much clearer that this is happening during an update, and the administrator doing the upgrade should be presented with the question to have the default “sonar way” profile updated with the new recommended rules.
Or: An easy way to see whether there are some rules out there that are not in the installation’s “sonar way” quality profile but are recommended to be. Or is that possibility there somehow?
Thanks a lot and regards,
Pieter
G. Ann Campbell
Jun 30, 2016, 3:53:49 PM6/30/16
to Pieter Coucke, SonarQube
Wow Pieter, what a coincidence. We've been having similar thoughts in the last couple months, and in fact that very thing is one of the themes in SonarQube 6.0. :-D
We're tweaking what/how to show now, so hopefully you'll try out the RC when it's available and let us know what you think.
:-)
Ann
Pieter Coucke
Jun 30, 2016, 4:40:23 PM6/30/16
to G. Ann Campbell, SonarQube
Great! You are heroes! J
cou...@gmail.com
Oct 6, 2016, 10:01:35 AM10/6/16
to SonarQube, ann.ca...@sonarsource.com, cou...@gmail.com
Hi,
Op donderdag 30 juni 2016 22:40:23 UTC+2 schreef Pieter Coucke:
I'm currently going through this on SonarQube 6.0. Indeed, it mentions me which rules are in my QualityProfile and which are depreciated.
But what I am missing: It doesn't tell me which rules are in the latest/newest/official "Sonar way" quality profile, but not in my "Sonar way" quality profile that hasn't been changed since more than a year. How can I compare these 2?
Thanks a lot,
Pieter
Op donderdag 30 juni 2016 22:40:23 UTC+2 schreef Pieter Coucke:
Freddy Mallet
Oct 7, 2016, 6:14:16 AM10/7/16
to cou...@gmail.com, SonarQube, ann.ca...@sonarsource.com
Hi Pieter,
The only way to perfectly cover your need is by doing the following thing :
- Make a copy of the "Sonar way" quality profile to create for instance "My Sonar way" quality profile
- Make this "Make Sonar way" quality profile the default one
- Each time you're updating a language plugin, force the update the the "Sonar way" quality profile by clicking on "Restore the built-in profiles"
- Then you can easily use the "Compare" feature to compare the contents of your "My Sonar way" and "Sonar way" quality profiles.
Freddy
PS: Most of the time it's better to start a new thread instead of reopening an old one.
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/9714c213-e418-421b-83ca-5f79c29b0440%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Freddy MALLET | SonarSource
Product Director & Co-Founder
http://sonarsource.com
http://sonarsource.com
Pieter Coucke
Oct 7, 2016, 8:33:07 AM10/7/16
to Freddy Mallet, SonarQube, ann.ca...@sonarsource.com
Super! Works as a charm!
Reply all
Reply to author
Forward
0 new messages