Sonar code quality rules in Adobe cloud manager
Showing posts with label Sonar. Show all posts
Showing posts with label Sonar. Show all posts
How to exclude or skip some line of code from Sonar violations
Exclude and skip any line of code from Sonar, so sonar will not run the violation check on that line of code. This could be done by adding a comment "//NOSONAR" at the end of line of code or block of code.
For example, in this code Sonar is raising Critical vulnerability, but this needs to be present in the code and something which cannot be changed. So, in this situation, to run the sonar successfully, this line of code should get excluded from Sonar violation check, and to do so, there will be a comment //NOSONAR needs to get added at the end of this line of code.
AlgorithmParameterSpec paramSpec = new IvParameterSpec(IVAes); //NOSONAR
Reference
https://www.baeldung.com/sonar-exclude-violations
Unused assignments should be removed | Sonar
Sonar code smell "Unused assignments should be removed" means,
a dead store happens when a local variable is assigned a value that is not read by any subsequent instruction. Calculating or retrieving a value only to then overwrite it or throw it away, could indicate a serious error in the code. Even if it’s not an error, it is at best a waste of resources. Therefore all calculated values should be used.Noncompliant Code
i = a + b; // Noncompliant; calculation result not used before value is overwritteni = compute();
Compliant Solution
i = a + b;i += compute();
Subscribe to:
Posts (Atom)