Full documentation for SonarQube has moved to a new location: http://docs.sonarqube.org/display/SONAR

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 40 Next »

 

The ideal objective would be not to introduce any technical debt on new developments. But in real life, it is not always possible or worth it.

So, in order to keep control of your technical debt on your current developments, Sonar offers the Reviews feature.

It allows your team to review all new violations and treat them according to their criticity:

  • Fix immediately
  • Plan for next sprint(s)
  • Keep in mind that you have this piece of technical debt but don't take corrective action yet as the return on investment is low

 

 

Icon

Manual Reviews are available since Sonar 2.8

Action Plans are available since Sonar 2.13

Adding a violation on any piece of code is available since Sonar 2.13

The objective of the Manual Review feature is to be able to assign a violation to a user and start a discussion thread which should possibly lead to the correction of the violation.

Table of Contents

Review lifecycle

A review has four possible status : Open, Resolved, Reopened and Closed. Sonar automatically takes care of closing a review as soon as its underlying violation gets resolved, which means that no one can close an issue manually.

The first status of review is Open. From there a review can be resolved with one the the two resolution types : Fixed or False-Positive. At any point of time a Resolved review can be reopened either by the user or by Sonar. Indeed, if a review is marked as Resolved with resolution Fixed but the violation is still there after a new Sonar analysis, Sonar automatically reopens the review.

Reviews can be managed in action plans. 

Create a review

To create a review, you must be first logged in and have the Users role on the project containing the violation to review. Then, directly in the resource viewer, a new "Review" link appears to start creating a new review when placing the mouse over the violation title :

A comment must be filled before being able to really create the review by clicking on the "Add comment" button :

 

By default, a review is assigned to the creator of the review but the assignee can be changed or simply removed.

Once a review has been created on a violation, every Sonar user can see the review below the violation :


Only the last comment on a review can be edited by the creator of this last comment.

Flag as false-positive

If a violation is a false-positive, this is pretty straight forward to switch off this violation by clicking on the "Flag as false-positive" link:


Once a violation is switched off, this violation is no more displayed by default in the resource viewer. The option "False-Positives only" must be selected to display those false-positive violations:


Moreover, all measures on the project like the number of violations will be updated the next time a Sonar analysis will run. 

Reopen a review

Once a review has been fixed or flagged as false positive, it's stil possible to reopen it at any point of time :


Search for reviews

The Reviews page allows to search for any review with optional filter parameters like the project, the author of the review, the severity of the violations, the status of the review,... :


By default, all reviews assigned to the current user are displayed.

Clicking on the title of a review allows to display the detail of this review :

Since Sonar 2.9, it's also possible to track false-positive reviews from this search engine :

 

Create a manual violation

Whenever a quality defect is detected “manually”, the person who detected it has the ability to create a new violation (with its associated review) directly into Sonar.


The related violation is then displayed within the source code and will be accounted for in metrics after the next analysis of the project.


Change the severity of a violation

Create an action plan

Action plans can be created to group reviews together. Action plans are buckets of reviews that you want to group as they are going to have similar timeframe for resolution


Link a review to an action plan

Each review can be linked to an action plan.



Widgets

Sonar comes with several widgets that are specialized to display reviews information in dashboards. Those widgets are grouped in their own category in the dashboard configuration:

Here is the type of dashboard you can create to manage reviews:

 

Notification

Since Sonar 2.10, it is possible to get notified by email on:

  • Changes in review assigned to me or created by me
  • New violations on my favourite projects introduced during the first differential view period

See Notification for more information.

  • No labels