SonarQube将所有问题添加为代码气味 [英] SonarQube adds all issues as Code Smell

问题描述

升级到5.5版本后，现在最新的(5.6)SonarQube始终将我通过插件创建的问题显示为代码气味".我想了解更多有关分类的信息，以及如何将它们添加为其他类型(漏洞"和错误").我在其中创建问题的代码如下:

After upgrading to 5.5 version and now the latest (5.6) SonarQube always shows the issues I create through my plugin as "Code Smell". I would like to know more about the categorization and how can I add them as other types ("Vulnerability" and "Bug"). The code where I create the issues is as follows:

Issuable issuable = this.resourcePerspectives.as(Issuable.class,  inputFile);
    if (issuable != null) {
        Issue issue = issuable.newIssueBuilder()
            .ruleKey(activeRule.ruleKey())
            .line(vulnerability.getLine())
            .message(someMessage)
            .severity(severity)
            .build();

            issuable.addIssue(issue))
    } //...

推荐答案

当前对错误和漏洞的支持是基于标记的创造性实现"(请参阅​​"hack").因此，将"bug"标记添加到您的规则中，它的问题将作为bug出现.将安全"标记添加到规则中，其问题将作为漏洞出现.

Current support for bugs and vulnerabilities is a "creative implementation" (read "hack") based on tags. So, add the "bug" tag to your rule and its issues will be raised as bugs. Add the "security" tag to a rule and its issues will be raised as vulnerabilities.

同时带有错误"和安全"标签的规则将被视为错误规则.

Rules with both "bug" and "security" tags will be treated as bug rules.

为将来参考，预计该机制将在不久的将来"发生变化，但目前尚无时间表.

For future reference, this mechanism is expected to change in the "near" future, but there's currently no schedule for it.

修改

API的当前(6.1)版本提供了简单声明规则类型的功能.

The current (6.1) version of the API provides the ability to simply declare rule type.

这篇关于SonarQube将所有问题添加为代码气味的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！