Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

Was Violations and Reviews prior to Sonar 3.6


Since Sonar 3.6, the Violations and Reviews concept is replaced by the Issues concept.

While running an analysis, Sonar raises an issue every time a piece of code does not comply to a coding rule. The set of coding rules is defined through the quality profile associated to the project. Developers can also manually raise issues that cannot be detected by Sonar (examples: the implementation of the method does not comply to the functional requirements, the javadoc of the method does not match its implementation, etc.).

The ideal objective would be for the whole team not to introduce any new violations (any new technical debt). Plugins like Issues Report or Sonar in Eclipse can help them as they provide the ability to perform local analyses to check their code before pushing it back to the SCM.

But in real life, it is not always possible or sometimes not worth it. In order to keep the technical debt under control, issues can be reviewed. Then, your requirement should become something like: any new issue should be reviewed and according to its severity should be either:

  • Fixed immediately
  • Put in an action plan to be fixed during the next development sprint(s)
  • Kept it in mind as a piece of technical debt that does not require a corrective action for now as the return on investment is too low

Browsing Issues

At Project Level

At project level, issues can be browsed through the Issues Drilldown:

Issues Service

At global level, an Issues Service is available to search issues by project, status, assignee, etc:

Reviewing Issues

To review an issue, you must be logged in and have the 'User' role on the project where the issue stands.

<TODO> Capture à refaire pour False-Positive > False-positive

The main available actions are:

  • Starting a thread of discussion
  • Starting a workflow of resolution
  • Marking an issue as false-positive
  • Assigning an issue to a developer
  • Associating an issue to an action plan
  • Changing the severity of an issue

Starting a thread of discussion

Starting a workflow of resolution

To make sure that an issue will be reviewed and eventually fixed, you can start a workflow of resolution.

Possible Status: Closed, Confirmed, Open, Reopened, Resolved
Possible Resolution: False-positive, Fixed, Removed

Manual workflow (through the web interface)


Automated workflow (during Sonar analysis)

Sonar automatically closes an issue (status: Closed) when:

  • the issue (that could be of any status) has been properly fixed => Resolution: Fixed
  • the issue does no longer exist because the related coding rule has been deactived or is no longer available (ie: plugin has been removed) => Resolution: Removed

Sonar automatically reopens an issue (status: Reopened) when:

  • the issue that is Resolved (but Resolution is not False-positive) is not properly fixed

Making an issue as false-positive

To mark an issue as false-positive, click on the False-positive link.

Note that false-positive issues are not displayed by default on the code viewer. To display them, select False-positives in the dropdown list:

<TODO : capture à refaire pour false positive

If you tend to mark a lot of issues as false-positives, it means that some coding rules are not adapted to your context. So, you can either completely deactivate them in the quality profile or use the Switch Off Violations plugin to not check them on specific parts (or types of object) of your application.

Changing the Severity of a Violation

TODO : capture

Creating Manual Issue

Whenever a quality defect is detected “manually”, the person who detected it has the ability to create a new violation (with its associated review) directly into Sonar.

The related violation is then displayed within the source code and will be accounted for in metrics after the next analysis of the project.

Purging Closed Issues



Linking a Review to an Action Plan

Each review can be linked to an action plan:


Linking an Issue to an External Task Manager

It is possible to link an issue to an external task manager. To link reviews to JIRA for example, you can install the Sonar JIRA plugin.

TODO capture

Creating an Action Plan

Action plans can be created to group reviews together. Action plans are buckets of reviews that you want to group as they are going to have similar timeframe for resolution:


Sonar comes with several widgets that are specialized to display reviews information in dashboards. Those widgets are grouped in their own category in the dashboard configuration:

Here is the type of dashboard you can create to manage reviews:



Issues are fully integrated within the Notification service. Notifications can be received when <TODO>.

For more details, browse the   Notification documentation page.

  • No labels