Sonar shows lots of false positives. We cannot add //NOSONAR to all of them -- it is a tremendous job. But constantly red checks lead to ignoring of all checks. Simply nobody pay attention to them. It is not acceptable and contradicts to the idea of running these checks.
чт, 28 сент. 2023 г. в 13:43, Anton Vinogradov <a...@apache.org>: > Removing a quality tool it not a good idea. > AFAIU, we have two issues here: > > 1) Sonar always failed at PR because ot token issues > Error: Failed to execute goal > org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184:sonar > (default-cli) on project apache-ignite: Project not found. Please check the > 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' > environment variable, or contact the project administrator -> [Help 1] > > 2) Sonar shows *correct* hints for a *bad* code we have. > > Both issues should be solved properly, not by removing the quality tool. > > My huge -1 here > > On Thu, Sep 28, 2023 at 1:36 PM Ivan Daschinsky <ivanda...@gmail.com> > wrote: > > > Hi! It seems that these checks simply don't work, at least for PRs. > > Yep, they work ok for master, but some of warnings from these tools seem > to > > be just rubbish, like > > this one -- [1]. > > We should either do a tremendous job to fix these issues or simply > disable > > these checks. > > > > Simply ignoring is not an option, I suppose. I think we should at least > > remove PR checks. > > What do you think? > > > > --- > > [1] --- > > > > > https://sonarcloud.io/project/issues?resolved=false&sinceLeakPeriod=true&types=CODE_SMELL&id=apache_ignite&open=AYi0-_4zULfXwSrNiDt_ > > > > > > > > -- > > Sincerely yours, Ivan Daschinskiy > > > -- Sincerely yours, Ivan Daschinskiy
