Relative paths with double dot at the beginning (..\) fail in reports #2741
Comments
|
Hello @cmorve-te, thanks for your feedback! Our Wiki page describing how to use paths in report files is here: https://github.com/SonarOpenCommunity/sonar-cxx/wiki/Troubleshooting-Reports
Working: Question is if you are using double dot how should the sensor resolve the absolute path and map it to an indexed file? Fail: Regards, |
One possibility could be to add @cmorve-te But still the question why you are using relative path with double dot, and what do you expect is the root path the relative path should be resolved to? |
guwirth
changed the title
guwirth
changed the title
Actually, I'm not! I still have to find out what's going on exactly, but this happens during the linking step when using LTO when you have some dependencies built under build_dir1, and the main program under build_dir2. What's worse, the path is not even correct, it mixes up the build directory with the source directory. For the gcc warnings I'm looking at, I would just want them to be ignored instead of added with no location (i.e. file). |
@cmorve-te Have to verify this. Think it's possible to forward issues to SQ without file and/or line. But in this case I agree it's not a "global issue" it should be handled like "unkown file".
I'm not familiar with GCC but on the fly I found this: https://gcc.gnu.org/onlinedocs/gcc/Directory-Options.html |
- Up to know we were stating in our [Wiki](https://github.com/SonarOpenCommunity/sonar-cxx/wiki/Troubleshooting-Reports): Relative paths in report files are always relative to the project base directory. Start relative paths always with .\ on Windows or ./ on Linux. - relative paths starting with '..' were resolved to null in the past. "No file" results in adding an issue on project level (project issue). We replace now '..' with '.' (current directory=project base directory). This leads at least to an error message an that and the issue is not added to the project because typically no indexed file exists. - The real problem is that tools generate reports with relative paths without defining which base directory is referred to. This problem remains and must be solved via the CI/CD and tool configuration. - close SonarOpenCommunity#2741
- Up to know we were stating in our [Wiki](https://github.com/SonarOpenCommunity/sonar-cxx/wiki/Troubleshooting-Reports): Relative paths in report files are always relative to the project base directory. Start relative paths always with .\ on Windows or ./ on Linux. - relative paths starting with '..' were resolved to null in the past. "No file" results in adding an issue on project level (project issue). We replace now '..' with '.' (current directory=project base directory). This leads at least to an error message an that and the issue is not added to the project because typically no indexed file exists. - The real problem is that tools generate reports with relative paths without defining which base directory is referred to. This problem remains and must be solved via the CI/CD and tool configuration. - close SonarOpenCommunity#2741
- Up to know we were stating in our [Wiki](https://github.com/SonarOpenCommunity/sonar-cxx/wiki/Troubleshooting-Reports): Relative paths in report files are always relative to the project base directory. Start relative paths always with .\ on Windows or ./ on Linux. - relative paths starting with '..' were resolved to null in the past. "No file" results in adding an issue on project level (project issue). We replace now '..' with '.' (current directory=project base directory). This leads at least to an error message an that and the issue is not added to the project because typically no indexed file exists. - The real problem is that tools generate reports with relative paths without defining which base directory is referred to. This problem remains and must be solved via the CI/CD and tool configuration. - close SonarOpenCommunity#2741
|
Hi @cmorve-te, you can test with #2747 if this is improving your result. You can download the JAR files from here: Regards, |
|
FWIW my case comes from the dependency being built with |
PathUtils::sanitize in sonar-plugin-api is described as "Normalize path and replace file separators by forward slash", but the only thing it does is call
return FilenameUtils.normalize(path, true);(https://github.com/SonarSource/sonar-plugin-api/blob/master/plugin-api/src/main/java/org/sonar/api/utils/PathUtils.java#L42). https://commons.apache.org/proper/commons-io/apidocs/org/apache/commons/io/FilenameUtils.html#normalize(java.lang.String,boolean) explains thatSo the CxxReportLocation constructor may return something with a line and a column, but a "null" file, if the "file" it's given is something like "../dir/file.c".
In https://github.com/SonarOpenCommunity/sonar-cxx/blob/master/cxx-sensors/src/main/java/org/sonar/cxx/sensors/utils/CxxIssuesReportSensor.java#L164 only the file is checked. So, probably I should not have those
../paths in my build log to start with, but if somebody happens to have them he ends up with issues being listed in SonarQube with no location. Usually, when a file is not "known", the issue is simply ignored (https://github.com/SonarOpenCommunity/sonar-cxx/blob/master/cxx-sensors/src/main/java/org/sonar/cxx/sensors/utils/CxxReportSensor.java#L84), so there is a strange discrepancy here.The issue can be reproduced with sonar-cxx 2.1.2 making
-Dsonar.cxx.gcc.reportPaths=point to a file with something like../file.c:1:1: warning: message [-Wdiv-by-zero](supposing-Wdiv-by-zerois in the quality profile).The text was updated successfully, but these errors were encountered: