X-Git-Url: http://info.iut-bm.univ-fcomte.fr/pub/gitweb/simgrid.git/blobdiff_plain/026c6da29fdc775bb6bbc9492dbd37ccf342bd01..83d62d72a9468f9f8e97b677dd40d5a2bd60ba86:/sonar-project.properties diff --git a/sonar-project.properties b/sonar-project.properties index 2875b0b2b4..54b6f87e62 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,19 +1,19 @@ # This file is used to scan the project for issues automatically -# Browse the result here: https://sonarqube.com/dashboard?id=simgrid +# Browse the result here: https://sonarcloud.io/dashboard/?id=simgrid sonar.projectKey=simgrid sonar.projectName=SimGrid -sonar.projectVersion=3.16 +sonar.projectVersion=3.22.90 -sonar.links.homepage=http://simgrid.org -sonar.links.issue=https://github.com/simgrid/simgrid/issues -sonar.links.scm=https://github.com/simgrid/simgrid.git +sonar.links.homepage=https://simgrid.org +sonar.links.issue=https://framagit.org/simgrid/simgrid/issues +sonar.links.scm=https://framagit.org/simgrid/simgrid/ # Comma-separated paths to directories with sources (required) sonar.sources=src,examples,include,teshsuite # Disable some rules on some files -sonar.issue.ignore.multicriteria=j1,j2,jni1,jni2,c1,c2a,c2b,c3,c4a,c4b,c5a,c5b,c6a,c6b,f1 +sonar.issue.ignore.multicriteria=j1,j2,j3,jni1,jni2,c1,c2a,c2b,c3,c4a,c4b,c5a,c5b,c6a,c6b,c7,c8,c9,c10,f1,p1 # The Object.finalize() method should not be overriden # But we need to clean the native memory with JNI @@ -25,6 +25,11 @@ sonar.issue.ignore.multicriteria.j1.resourceKey=**/*.java sonar.issue.ignore.multicriteria.j2.ruleKey=squid:S1148 sonar.issue.ignore.multicriteria.j2.resourceKey=**/*.java +# Using command line arguments is security-sensitive +# But the authors of the applications using our library will be their only users, so there is no security concern +sonar.issue.ignore.multicriteria.j3.ruleKey=squid:S4823 +sonar.issue.ignore.multicriteria.j3.resourceKey=**/*.java + # "reinterpret_cast" should not be used # But this is exactly intended to store a pointer into a long -- what we do here sonar.issue.ignore.multicriteria.jni1.ruleKey=cpp:S3630 @@ -43,10 +48,11 @@ sonar.issue.ignore.multicriteria.c1.resourceKey=**/*.cpp # Preprocessor operators "#" and "##" should not be used # This poses portability issues, but we test on a large panel of architectures on purpose -sonar.issue.ignore.multicriteria.c2a.ruleKey=cpp:PPStringifyAndPastingUsage -sonar.issue.ignore.multicriteria.c2a.resourceKey=**/*.cpp +# Until after Augustin goes to rehab, we cannot remove them all +sonar.issue.ignore.multicriteria.c2a.ruleKey=c:PPStringifyAndPastingUsage +sonar.issue.ignore.multicriteria.c2a.resourceKey=**/* sonar.issue.ignore.multicriteria.c2b.ruleKey=cpp:PPStringifyAndPastingUsage -sonar.issue.ignore.multicriteria.c2b.resourceKey=**/*.hpp +sonar.issue.ignore.multicriteria.c2b.resourceKey=**/* # Macro names should comply with a naming convention # But the macros in this file are named after the MPI standard @@ -72,23 +78,48 @@ sonar.issue.ignore.multicriteria.c5b.resourceKey=**/*.hpp # This is not disabled in example/ because our code should be nice looking sonar.issue.ignore.multicriteria.c6a.ruleKey=cpp:S3584 sonar.issue.ignore.multicriteria.c6a.resourceKey=src/**/*.cpp -sonar.issue.ignore.multicriteria.c6a.ruleKey=cpp:S3584 -sonar.issue.ignore.multicriteria.c6a.resourceKey=teshsuite/**/*.cpp +sonar.issue.ignore.multicriteria.c6b.ruleKey=cpp:S3584 +sonar.issue.ignore.multicriteria.c6b.resourceKey=teshsuite/**/*.cpp + +# Macros should not be used to define constants +# *.h includes are meant to be usable in C +sonar.issue.ignore.multicriteria.c7.ruleKey=cpp:S5028 +sonar.issue.ignore.multicriteria.c7.resourceKey=**/*.h + +# Deprecated code should be removed +# We do have a process to remove deprecated code +sonar.issue.ignore.multicriteria.c8.ruleKey=cpp:S1133 +sonar.issue.ignore.multicriteria.c8.resourceKey=**/* + +# Lambda return types should be implicit +# I don't see the point in general, plus we mostly use them when forced, to disambiguate +sonar.issue.ignore.multicriteria.c9.ruleKey=cpp:S3574 +sonar.issue.ignore.multicriteria.c9.resourceKey=**/* + +# Standard outputs should not be used directly to log anything +# Irrelevant for parsing examples in teshsuite/simdag +sonar.issue.ignore.multicriteria.c10.ruleKey=cpp:S106 +sonar.issue.ignore.multicriteria.c10.resourceKey=teshsuite/simdag/**/*.cpp # "reinterpret_cast" should not be used # But we need this to interface C and Fortran sonar.issue.ignore.multicriteria.f1.ruleKey=cpp:S3630 sonar.issue.ignore.multicriteria.f1.resourceKey=src/smpi/bindings/smpi_f77*.cpp +# In Python, Using command line arguments is security-sensitive +# But we are cautionous with it +sonar.issue.ignore.multicriteria.p1.ruleKey=python:S4823 +sonar.issue.ignore.multicriteria.p1.resourceKey=**/*.py # Exclude some files from the analysis: -# - our unit tests +# - our unit tests # - the tests that we borrowed elsewhere (MPICH and ISP) # - Flex-generated files # - Collectives that we borrowed elsewhere (mpich, openMPI and other implems) # - the NAS, that are included in our examples +# - The Catch2 library, that is included in our unit tests # - RngStream, that is included in SimGrid -sonar.exclusions=src/*_unit.c*,teshsuite/smpi/mpich3-test/**,teshsuite/smpi/isp/**,**/*_dtd.c,**/*_dtd.h,**/*yy.c,src/xbt/automaton/parserPromela.tab.*,src/smpi/colls/**/*,examples/smpi/NAS/*,src/xbt/RngStream.c,include/xbt/RngStream.h +sonar.exclusions=src/include/catch.hpp,src/*_unit.c*,teshsuite/smpi/mpich3-test/**,teshsuite/smpi/isp/**,**/*_dtd.c,**/*_dtd.h,**/*yy.c,src/xbt/automaton/parserPromela.tab.*,src/smpi/colls/**/*,examples/smpi/NAS/*,src/xbt/RngStream.c,include/xbt/RngStream.h # Exclude our examples from the duplication detection. # Examples are expected to be somehow repetitive @@ -97,22 +128,33 @@ sonar.cpd.exclusions=examples/**,teshsuite/** # The build-wrapper output dir sonar.cfamily.build-wrapper-output=bw-outputs +# Allow multithreaded execution +sonar.cfamily.threads=4 + # Where the coverage files are located # See https://docs.sonarqube.org/pages/viewpage.action?pageId=5312222 sonar.cfamily.gcov.reportsPath=Testing/CoverageInfo # Files to ignore from coverage analysis: # - foreign test suites -# - platform files (I fail to get sonar ignore *.xml files) -sonar.coverage.exclusions=teshsuite/smpi/isp/**,teshsuite/smpi/mpich3-test/**,examples/platforms/** +# - XML files +# - Python files used to generate either simcalls or deployment files +sonar.coverage.exclusions=teshsuite/smpi/isp/**,teshsuite/smpi/mpich3-test/**,**/*.xml,src/simix/simcalls.py,**/generate.py # Encoding of the source files sonar.sourceEncoding=UTF-8 # Version of the used prog languages sonar.java.source=7 -sonar.java.binaries=CMakeFiles/simgrid-java_jar.dir,examples/java -sonar.c.std=gnu11 -sonar.cpp.std=gnu++11 +sonar.java.binaries=CMakeFiles/simgrid-java_jar.dir,examples/deprecated/java # Don't talk to me: travis don't like your verbosity # sonar.verbose=true + +### NOTE: the following properties are overridden by Jenkins configuration +### +#sonar.java.binaries +#sonar.cfamily.build-wrapper-output +#sonar.cfamily.gcov.reportsPath +#sonar.python.coverage.reportPath +#sonar.coverage.jacoco.xmlReportPaths +#sonar.cfamily.threads