[
https://issues.apache.org/jira/browse/CASSANDRA-18239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17704649#comment-17704649
]
Maxim Muzafarov commented on CASSANDRA-18239:
---------------------------------------------
[~jlewandowski], [~mck]
Hello,
As we already have Cassandra's project configured for the sonarcloud.io
INFRA-24196, I wonder if we will be able to release branches, trunk, and pull
requests to get analyzed by the SonarAnalyzer tool.
I have prepared changes to run the sonar analyzer with GA:
https://github.com/apache/cassandra/compare/trunk...Mmuzaf:cassandra:sonar
I have tested it locally (the ant tool part) with my SonarQube deployed locally
on http://localhost:9000 instance and it seems it works and analyses classes
correctly. However, I can't test in a real environment. At least we need to set
the right {{sonar.projectKey}} (the infra team should provide it), and the
{{SONARCLOUD_TOKEN}} is available for the project.
Can you take a look and help? :-)
> Replace eclipse warnings based static code analysis with something better
> (Sonar)
> ---------------------------------------------------------------------------------
>
> Key: CASSANDRA-18239
> URL: https://issues.apache.org/jira/browse/CASSANDRA-18239
> Project: Cassandra
> Issue Type: Task
> Components: Build
> Reporter: Jacek Lewandowski
> Priority: Normal
>
> Eclipse warnings is used for static code analysis. However, it does not fit
> well into Cassandra code and practically we end up explicitly adding
> suppressions in many places just to satisfy that tool rather than fix the
> real issues.
> This is an incomplete list of reasons to remove it:
> - not closed resources are detected incorrectly
> - does not recognize custom utility methods used to close the resources,
> which use use heavily in the code, like {{Throwables.close}},
> {{FileUtils.close}}, {{closeQuietly}}...
> - because of the above, we cannot make important things like {{Ref}} to
> implement {{Closeable}} as it would make the tool to explode with tons of
> warnings
> - it complains about correct generics - something like "method X is not
> applicable for ..." when the code compiles successfully is not acceptable
> - it is old and not maintained
> There are better tools like IntelliJ inspections for example, which can also
> be run in headless mode
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
