[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules
[ https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17836157#comment-17836157 ] Oliver Lietz commented on SLING-10506: -- [~kwin], Makes totally sense to add (I've suppressed the warnings myself in the past, example: [ClamEventsServlet|https://github.com/apache/sling-org-apache-sling-clam/blob/master/src/main/java/org/apache/sling/clam/http/internal/ClamEventsServlet.java]) and *communicate* as developers are already "fixing" the issue. No chance to follow up on this topic currently as all spare time goes into Pax Exam. > Document inappropriate Sonar rules > -- > > Key: SLING-10506 > URL: https://issues.apache.org/jira/browse/SLING-10506 > Project: Sling > Issue Type: Task > Components: Build and Source Control, CI >Reporter: Oliver Lietz >Assignee: Oliver Lietz >Priority: Major > > * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100) > * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112) > * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117) > * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149) > * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989) > * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226) > * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077) > * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules
[ https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17835176#comment-17835176 ] Konrad Windszus commented on SLING-10506: - I would like to add https://rules.sonarsource.com/java/RSPEC-1948/ to the list because AFAIK none of the OSGi runtimes ever serialize something to disk (except if explicitly forced via API call). This particularly affects HttpServletRequest derived classes... [~olli] Any chance of following up on this? > Document inappropriate Sonar rules > -- > > Key: SLING-10506 > URL: https://issues.apache.org/jira/browse/SLING-10506 > Project: Sling > Issue Type: Task > Components: Build and Source Control, CI >Reporter: Oliver Lietz >Assignee: Oliver Lietz >Priority: Major > > * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100) > * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112) > * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117) > * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149) > * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989) > * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226) > * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077) > * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules
[ https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17772352#comment-17772352 ] Oliver Lietz commented on SLING-10506: -- [~bellingard], [~rombert], I will try to complete and document the list next week. > Document inappropriate Sonar rules > -- > > Key: SLING-10506 > URL: https://issues.apache.org/jira/browse/SLING-10506 > Project: Sling > Issue Type: Task > Components: Build and Source Control, CI >Reporter: Oliver Lietz >Assignee: Oliver Lietz >Priority: Major > > * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100) > * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112) > * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117) > * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149) > * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989) > * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226) > * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077) > * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules
[ https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17772155#comment-17772155 ] Robert Munteanu commented on SLING-10506: - [~olli] - you created the initial rule exclusion list, can you answer [~bellingard]'s question? > Document inappropriate Sonar rules > -- > > Key: SLING-10506 > URL: https://issues.apache.org/jira/browse/SLING-10506 > Project: Sling > Issue Type: Task > Components: Build and Source Control, CI >Reporter: Oliver Lietz >Assignee: Oliver Lietz >Priority: Major > > * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100) > * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112) > * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117) > * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149) > * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989) > * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226) > * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077) > * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules
[ https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17771017#comment-17771017 ] Fabrice Bellingard commented on SLING-10506: Hello [~rombert], I can help on this. I can create a specific QP that suits your needs and bulk activate it on all of the sling projects (that will be easy because the projects are very well named). Tell me when you want me to do it. In return, may I ask you a favor? I am sure that our Java Ecosystem Product Manager (at SonarSource) would be very interested to understand why those rules are inappropriate for your context. Would that be possible to update the description of this JIRA ticket with a quick description of why each rule does not make sense for you? > Document inappropriate Sonar rules > -- > > Key: SLING-10506 > URL: https://issues.apache.org/jira/browse/SLING-10506 > Project: Sling > Issue Type: Task > Components: Build and Source Control, CI >Reporter: Oliver Lietz >Assignee: Oliver Lietz >Priority: Major > > * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100) > * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112) > * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117) > * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149) > * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989) > * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226) > * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077) > * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules
[ https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17770400#comment-17770400 ] Robert Munteanu commented on SLING-10506: - [~bellingard] - we had one question regarding SonarCloud and custom quality profiles. We have started documenting the rules which do not apply for our projects, for various reasons. We would like to create a custom quality profile that extends the default 'Sonar Way' for Java. The challege is that we have > 300 projects that this should apply to. Is there a way to associate bulk associate existing 'sling' project to a new profile, once created? I guess when we create a new one it would not be a big issue to associate it to a custom profile. > Document inappropriate Sonar rules > -- > > Key: SLING-10506 > URL: https://issues.apache.org/jira/browse/SLING-10506 > Project: Sling > Issue Type: Task > Components: Build and Source Control, CI >Reporter: Oliver Lietz >Assignee: Oliver Lietz >Priority: Major > > * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100) > * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112) > * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117) > * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149) > * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989) > * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226) > * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077) > * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules
[ https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17368811#comment-17368811 ] Robert Munteanu commented on SLING-10506: - Yes, as far as I am aware we have no proper API access. I think we should formulate a list of things we need and then ask Fabrice Bellingard is they're possible. > Document inappropriate Sonar rules > -- > > Key: SLING-10506 > URL: https://issues.apache.org/jira/browse/SLING-10506 > Project: Sling > Issue Type: Task > Components: Build and Source Control, CI >Reporter: Oliver Lietz >Assignee: Oliver Lietz >Priority: Major > > * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100) > * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112) > * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117) > * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149) > * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989) > * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226) > * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077) > * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules
[ https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17368290#comment-17368290 ] Konrad Windszus commented on SLING-10506: - IMHO new quality profiles need to be created by Administrators (i.e. through INFRA). However I see this has been done for other projects e.g. https://sonarcloud.io/organizations/apache/quality_profiles/show?language=java&name=incubator-daffodil. Once we have a custom profile we need to somehow connect this for all Sling projects, which is not that easy, as IMHO there is no API access provided for that, am I right [~rombert]? > Document inappropriate Sonar rules > -- > > Key: SLING-10506 > URL: https://issues.apache.org/jira/browse/SLING-10506 > Project: Sling > Issue Type: Task > Components: Build and Source Control, CI >Reporter: Oliver Lietz >Assignee: Oliver Lietz >Priority: Major > > * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100) > * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112) > * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117) > * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149) > * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989) > * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226) > * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077) > * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212) -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules
[ https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17367128#comment-17367128 ] Oliver Lietz commented on SLING-10506: -- [~kwin], I'm not yet aware how to quickly look up rules without a running SonarQube instance. The rules (e.g. [java-checks|https://github.com/SonarSource/sonar-java/tree/master/java-checks/src/main/resources/org/sonar/l10n/java/rules/java]) are generated from Jira [RSPEC|https://jira.sonarsource.com/browse/RSPEC]. > Document inappropriate Sonar rules > -- > > Key: SLING-10506 > URL: https://issues.apache.org/jira/browse/SLING-10506 > Project: Sling > Issue Type: Task > Components: Build and Source Control, CI >Reporter: Oliver Lietz >Assignee: Oliver Lietz >Priority: Major > > * {{java:S100}} > * {{java:S112}} > * {{java:S1117}} > * {{java:S1149}} > * {{java:S1989}} > * {{java:S2226}} > * {{java:S3077}} > * {{java:S6212}} -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules
[ https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17367063#comment-17367063 ] Konrad Windszus commented on SLING-10506: - [~olli] Do you know a way how to look up the rule by rule ID in https://rules.sonarsource.com/? They seem to be sorted by JIRA ID from https://jira.sonarsource.com/projects/RSPEC > Document inappropriate Sonar rules > -- > > Key: SLING-10506 > URL: https://issues.apache.org/jira/browse/SLING-10506 > Project: Sling > Issue Type: Task > Components: Build and Source Control, CI >Reporter: Oliver Lietz >Assignee: Oliver Lietz >Priority: Major > > * {{java:S100}} > * {{java:S112}} > * {{java:S1117}} > * {{java:S1149}} > * {{java:S1989}} > * {{java:S2226}} > * {{java:S3077}} > * {{java:S6212}} -- This message was sent by Atlassian Jira (v8.3.4#803005)