search

SonarSource / sonarlint-visualstudio

SonarLint extension for VisualStudio
https://redirect.sonarsource.com/doc/sonar-visualstudio.html
GNU Lesser General Public License v3.0
465 stars 77 forks source link

How to run Sonarlint on new code only? #280

Closed saurabh82 closed 1 year ago

saurabh82 commented 7 years ago

Description

Ours is a legacy application with lot of technical debt that can't be cleared in one day. What we would want is to maintain the code quality going forward. For this purpose we would like to run SonarLint only on code files that a developer has worked on and is going to check into our CI server. This way we will gradually force the team to clear the technical debt by sanitizing the files that they touch. Right now the best we are able to do is to bind Sonarlint at Project level which applies the rules at the project level.

Repro steps

Please provide the steps required to reproduce the problem

  1. Create a dummy project with some technical debt and check in the changes to the build server.

  2. Make changes to any one code file, Sonarlint should run on that code file only and not the entire project.

If possible then please create a git repository with a repro sample or attach a zip to the issue.

Expected behavior

Please provide a description of the behavior you expect.

Actual behavior

Please provide a description of the actual behavior you observe.

Known workarounds

Please provide a description of any known workarounds.

Related information

valhristov commented 7 years ago

Hi @saurabh82, to my regret I must say that SonarLint cannot limit the scanned code to the modified files, yet. We will be delivering the first baby step to this feature very soon - ability to hide issues that are marked as solved on SonarQube. At later state we will be adding additional filters, such as reporting only issues created in the leak period (since the last release), but for now we don't have a workaround to achieve similar functionality.

saurabh82 commented 7 years ago

Thanks @valhristov, how soon can this be expected?

ps1everurs commented 5 years ago

Any idea when this feature will be rolled out?

biswanathc commented 4 years ago

@valhristov @duncanp-sonar @Evangelink @rita-g-sonarsource Our team is looking for exact same feature. We though PR scan as alternative but that doesn't save our time anyway. We would want live scan of visual studio to check for delta changes and execute sonar rules.

Our application is a legacy application and we might not be interested to fix all warnings in a file but also want to ensure no new leakage happening during new changes.

Please look into this problem statement.

Eli-Black-Work commented 4 years ago

We're also interested in this!

Would this work by hooking directly into the source control system that the project is using, or does Visual Studio already do the heavy lifting for this?

duncanp-sonar commented 4 years ago

@Bosch-Eli-Black VS has an filter in the Error List to show only issues in changed files, but I believe it shows all issues in those files, not just new issues. It also has filter to show only issues in the current document. It still not quite what you want, but it does generally reduce the list of issues down to something manageable.

Eli-Black-Work commented 4 years ago

Thanks, @duncanp-sonar, that's good to know 🙂 I think that for our needs, we'd probably still need something like the original request, though.

duncanp-sonar commented 1 year ago

Closing as stale. Showing issues in new code is in the product backlog for all SonarLint flavours. When we start the implementation we'll create a new ticket linking to the MMF and describing how the feature will be implemented.