#sonarcloud — Public Fediverse posts

Is it a trend that cloud services have less features than their on-premise counterparts? Today I am struggling with the #Azure container registry cache, which does not support pulling new tags automatically, which makes it unusable for #Renovate. #Bitbucket cloud does not have the feature to delete PRs. Same was when #SonarQube became #SonarCloud - so many useful features where suddenly missing.

#DevOps #cloud #dev

Ah crap, #SonarCloud is down. So much for getting shit done today 😞

"🔥 pfSense Security Alert: Critical Vulnerabilities Uncovered by SonarCloud 🛡️"

SonarCloud's vigilant scanning reveals two critical vulnerabilities in pfSense, a widely used open-source firewall: XSS (CVE-2023-42325) and Command Injection (CVE-2023-42326). These vulnerabilities, if exploited, could allow attackers to execute arbitrary commands on pfSense appliances, highlighting the importance of continuous security vigilance even within trusted network perimeters. Thanks to swift action by Netgate, patches are now available. A reminder to always keep your systems updated!

📚 Source: Oskar Zeino-Mahmalat's article on SonarSource SonarSource Blog

Tags: #pfSense #Cybersecurity #Vulnerabilities #XSS #CommandInjection #Netgate #SonarCloud #SecurityPatch 🚨🔒💻

ugh, trying for days now to find out why my phpunit tests do not provide coverage for #sonarcloud
Slowly getting the feeling I managed to create a special case of phpunit config, which makes matching the code for the coverage not working in special circumstances.

but running it local with identic versions does work 🙄
#php

Oooh! JetBrains Qodana looks like a nice alternative to #SonarCloud for code metrics/scanning: https://www.jetbrains.com/qodana/

Most Occurred SonarQube Issues in Java

#java #sonarcloud #sonarqube

https://iampravo.medium.com/common-occurred-sonarqube-issues-in-java-52c32545b108?utm_medium=erik.in&utm_source=mastodon

I've tried #sonarcloud for my pyp-boy repository. It's a nicely simplified #sonarqube interface but the added value is still present with the hints and how-to fix helps.

Fixed all issues in a couple of minutes, yeay \o/

The very question that we've been asking for:

#pipeline #devops #books #deployment #cicd #sonarcloud #bitbucket

git commit -m "Not happy about this but I'm excluding some more code from coverage analysis."

#ItsFridayAfternoonForPetesSake #git #coverage #codeCoverage #sonarCloud

git commit -m "Not happy about this but I'm excluding some more code from coverage analysis."

#ItsFridayAfternoonForPetesSake #git #coverage #codeCoverage #sonarCloud

git commit -m "Not happy about this but I'm excluding some more code from coverage analysis."

#ItsFridayAfternoonForPetesSake #git #coverage #codeCoverage #sonarCloud

git commit -m "Not happy about this but I'm excluding some more code from coverage analysis."

#ItsFridayAfternoonForPetesSake #git #coverage #codeCoverage #sonarCloud

git commit -m "Not happy about this but I'm excluding some more code from coverage analysis."

#ItsFridayAfternoonForPetesSake #git #coverage #codeCoverage #sonarCloud

aha! Maybe it's because we have a different workflow configured for our main branch vs development branches! #CircleCI #Sonarcloud #ItsFridayAfternoonAfterFiveWhyAmIStillBangingMyHeadAgainstThis #BecauseItBugsMeWhenThingsAreBroken

Spent *way* longer than planned setting up a #github action for #SonarCloud. Oh well, time to get some much needed #caffeine.

Implemented #SonarCloud in one of my #npm projects and it gave me such a hard time failing the scans.

Finally managed to get 94.4% code coverage with 0 issues.

It's a really great tool to detect bugs and the minor code smells you might have easily overlooked and improves the quality of your code drastically.

#npm #nodejs #javascript #sonar #SonarCloud #codeQuality #codeCoverage #cicd #devops