How to get rid of "Copyright and license headers should be defined"? Even after providing the header Sonar 5.4 gives error? Can someone give a sample header which is working for Sonar 5.4 ?
This is a configurable rule, so look closely at the header you have configured. You don't say which language this pertains to, so I'll mention that in some languages it's possible to have the configured header evaluated as a regex while in others it can only be evaluated as an exact string match. Either way, this is a question of matching a pattern, and something as simple as a missing or additional space character could be what's throwing it off.
An online regex tester may be helpful to you in properly configuring the value for the rule.
Related
My company has an app that currently only validates by looking for the '#' in the email address. The app is being upgraded to support other cultures and written language use-cases. I suggested using regex code from Microsoft that validates the addresses using regex. They don't see the need to use the regex version if checking for '#' works. My question here is... What pitfalls exist if the validation isn't good enough. Meaning the email server will not be able to send the emails if they have the '#' but fail other checks. What can go wrong?
The list can be quite long:
1#2
do#home
why#home¬#boooom
iAm#...
#where
#homeIsaid
NoYouAreNot#home
....#......
and so on.
All of these are mistakenly valid email addresses if you only check for #
That said, it's worth mentioning coming up with an email address regex that works can be quite difficult. See this
I know that in Java, we can ignore the a Sonarqube rule for specific method with annotations. For example...
#SuppressWarnings("squid:S2078")
With php, I have not narrowed down how to do this yet. Is there an equivalent example that ignores one rule for a specific piece of code (not necessarily for a class/function, but it would be a start :) )
The current version of php analyser (SonarPhp 2.14 in SonarQube 7.3) does not have a feature (annotation based or not) for ignoring a specific rule.
The php analyser only support one issue filtering, the NoSonarFilter that disable all rules at a specific line by using a comment containing NOSONAR.
If a rule generate some false positives, or if you are facing a real life example where such filter is require, you can provide some feedback at community.sonarsource.com
I'm running OpenBD CFML isValid('email','something#whatever.education') and my result is 'NO'.
.education is a valid domain - why does this fail?
It turns out to be an issue with the regex used behind the scenes to match valid domains.
The regex in place didn't account for domains as long as "education".
I fixed it and it's been merged, should be in the nightly by now, grab the latest update and you should be able to use isValid("email", "AwesomeEmail#School.education") just fine. Viva la open source.
I'm using DotNetKit 1.2.6.5 and SagePayIntegration.Validation() is rejecting a customer email that uses the new .online domain (eg: foo#bar.online) with
CustomerEMail is invalid.
Is this fixed in 1.2.6.7 or is the source code for SagePay.IntegrationKit.DotNet.dll available somewhere so I can fix it?
Despite access to the source code (many thanks to #DavidG) SagePay Support have confirmed that the actual Gateway does not support all these new domains - so even if I modified the DotNetKit it would still be rejected by the Gateway.
SagePay support were very helpful but ultimately the
"... email domain foo#bar.online is not yet supported on our gateway.
We run development sprints continuously and although there are some
domains we may not yet support, we look to in future, dependent on
impact and demand..."
The SagePay Integration Kit uses this regex to validate email addresses:
[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+)*#(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\.)+(?:[a-zA-Z]{2,4})\b
Which does unfortunately not allow extra long TLDs. Fortunately I have the source code for the kit and I've added it to my GitHub account (along with a bug fix which is why I had to get it in the first place as SagePay are not updating it). You can find it here:
https://github.com/WiredUK/SagePay.IntegrationKit
And the Regex you need to edit is this file:
https://github.com/WiredUK/SagePay.IntegrationKit/blob/801f61cf965c391a98a025aa632949719084cef0/ApiRegex.cs
For info, you need to edit the very last part of the expression from 2,4 (which matches 2 to 4 characters in the TLD) to allow more, for example 2,30.
Edit: And just because I can, I opened an issue and fixed it.
Our organization is using SonarQube for managing code quality as well as Docco for handling production of documentation from code comments.
We're running into a conflict between including things like method names in comments for Docco and the 'Sections of Code should not be "commented out"' rule in SonarQube.
Are there any known best practices to get SonarQube to ignore code in comments that are for documentation (even better if for Docco in particular) while still catching old code that has been commented out instead of being removed?
The rule "Sections of code should not be commented out" could be simply disabled in the quality profile related to your project.
sharing this as it could help if anyone having similar issue.
one way is to comment the code along with additional lines or single quote to ignore that line which worked for me
example
# print("sample")
you can write this as
# ' print("sample")