DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Refcards
Trend Reports

Events

View Events Video Library

Related

  • How To REST With Rails and ActiveResource: Part Three
  • Build and Deploy a Node.js Application into Azure Web Apps Using Azure DevOps (CI/CD)
  • Mastering AI Agents: How Agentic Design Patterns Make Agents Smarter
  • Enhancing Testing Efficiency: Transitioning From Traditional Code Coverage to Code Change Coverage

Trending

  • Why Leaders Believe the Product Operating Model Will Succeed Where Agile Initiatives Failed
  • Why React Router 7 Is a Game-Changer for React Developers
  • How to Efficiently Manage Inactive Oracle Sessions
  • Introducing Stalactite ORM
  1. DZone
  2. Software Design and Architecture
  3. Performance
  4. Exclude Third-Party Sources From Sonar

Exclude Third-Party Sources From Sonar

This tutorial shows two quick ways to exclude third-party sources from Sonar scanning in SonarQube.

By 
Sameera Nelson user avatar
Sameera Nelson
·
Jun. 10, 18 · Tutorial
Likes (1)
Comment
Save
Tweet
Share
18.3K Views

Join the DZone community and get the full member experience.

Join For Free

Project Level Configuration

The easiest and cleanest way to make an exclusion of source files from Sonar scanning is from the sonar-project.properties file.

Example

sonar.exclusions=**/com/devdummy/thirdparty/**/*

Key

** -  Any Folder

*   -  Any File

Sonar Level Configuration

You also can set up this exclusion from SonarQube.

Administration -> Analysis Scope -> Code Coverage

However this will impact through out the SonarQube scope affecting to all the projects configured.

Conclusion

  • Setting up project-level configuration is always safe, as it impacts only the specified project.
  • If you want to apply this to all projects, SonarQube configuration is the best option.
  • This should be an administrator task; use with care, as this can be used to skip the scanner-able code purposely.

It is always arguable what code should be excluded, may it be third-party gendered code (such as web service stubs), referring or developing on top of legacy code, or even using third-party client code as the base. However, ideally, third-party stubs above mentioned should be generated separately in a place such as target folder and refered in the compile time for bundling.

Web Service Code coverage Task (computing) Stub (distributed computing)

Published at DZone with permission of Sameera Nelson. See the original article here.

Opinions expressed by DZone contributors are their own.

Related

  • How To REST With Rails and ActiveResource: Part Three
  • Build and Deploy a Node.js Application into Azure Web Apps Using Azure DevOps (CI/CD)
  • Mastering AI Agents: How Agentic Design Patterns Make Agents Smarter
  • Enhancing Testing Efficiency: Transitioning From Traditional Code Coverage to Code Change Coverage

Partner Resources

Comments

The likes didn't load as expected. Please refresh the page and try again.

ABOUT US

  • About DZone
  • Support and feedback
  • Community research
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends: