SonarQube Java false positive with IP addresses not be hardcoded
473 views
Skip to first unread message
Gavin Line
May 28, 2018, 10:45:43 AM5/28/18
to SonarQube
In our projects we use version strings with 4 numbers, i.e. 1.2.5.4. When running SonarQube on these projects it complains and thinks they are IP addresses. Normally this wouldn't be an issue as we could just mark the ticket as a false positive and move on, however anytime we update the version string it complains about the problem again. Would it be possible to add an exception to the rule when the string matches with the version string passed in to SonarQube?
Michael Gumowski
Jun 7, 2018, 5:50:13 AM6/7/18
to Gavin Line, SonarQube
Hello,
Unfortunately, this won't be possible, as analyzers are pretty independent from the metadata of a project. I'm afraid you will need to flag the issue as FP systematically.
You may also want to suppress manually the issue on that specific assignment. Using the @SuppressWarnings annotation may help you in order to not be bored again. See documentation here: https://docs.sonarqube.org/display/PLUG/Java+FAQ#JavaFAQ-SuppressWarnings
Regards,
Michael
On Mon, 28 May 2018 at 16:45 'Gavin Line' via SonarQube <sona...@googlegroups.com> wrote:
In our projects we use version strings with 4 numbers, i.e. 1.2.5.4. When running SonarQube on these projects it complains and thinks they are IP addresses. Normally this wouldn't be an issue as we could just mark the ticket as a false positive and move on, however anytime we update the version string it complains about the problem again. Would it be possible to add an exception to the rule when the string matches with the version string passed in to SonarQube?
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/e260f3bc-645e-4304-a244-be3c943dd0b6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Michael Gumowski | SonarSource
Reply all
Reply to author
Forward
0 new messages