Closed isaguimiot closed 1 week ago
gtoison
commented
2 months ago As far as I know this was never a feature of the findbugs plugin, because it analyses the compiled .class files where there's no NOSONAR comment.
I suppose that SonarQube was silencing the issues raised by plugin when there was a NOSONAR comment on the line
gtoison
commented
2 months ago Hello @isaguimiot
I got an answer from Colin at Sonarsource (here) and this is indeed supposed to work, even if the plugin does not check for NOSONAR
Since the problem is not reproduced in his testing, Colin is asking if you could provide a sample project reproducing the problem
gtoison
commented
1 week ago I'll close this since there was no feedback; the plugin (or SpotBugs) do not process the NOSONAR comment. Possibly SonarQube itself processes it to suppress issues?
Issue Description
Some issues raised by findbugs have a //NOSONAR tag in the source code, but now they appear in the issues, instead of being ignored. (see screenshot attached)
Environment
We updated Sonarqube to 10.6 and use findbugs 4.2.7 (had to rollback after a bug was introduced in 4.2.8 : "missing bug code for keySECXXEVAL")
There's a topic on sonarqube community about this bug : https://community.sonarsource.com/t/nosonar-does-not-work/97763/4 They say it's a findbugs problem.
Could you investigate ?