3

I am using sonarQube 6.3 and when adding new custom rules for Php or Javascript, they are by default declared as Code smell. I would like to declare them as Vulnerability or bug.

Here is an example of a rule declaration

@Rule(key = "Rule1", priority = Priority.MAJOR, name = "Rule 1 sould be used.", tags = {"suspicious" })

Is there a way to do it?

Samorix
  • 307
  • 4
  • 17

1 Answers1

2

There is a way to set the rule type using some special tags.

  • Tag "bug" means type "bug"
  • Tag "security" means type "vulnerability"

So try for example:

tags = {"suspicious", "bug"}

NB: This is documented in API Javadoc (but hard to find I admit)

Julien H. - SonarSource Team
  • 5,212
  • 1
  • 19
  • 25