FilesExpand file tree

 master

/

sonar-project.properties

Copy path

Blame

More file actions

Blame

More file actions

Latest commit

 

History

History

History

59 lines (47 loc) · 2.38 KB

 master

/

sonar-project.properties

Top

File metadata and controls

• Code
• Blame

59 lines (47 loc) · 2.38 KB

Raw

Copy raw file

Download raw file

Open symbols panel

Edit and raw actions

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

# ====================

# Base Configuration

# ====================

sonar.projectKey=revisium_revisium

sonar.organization=revisium

# ====================

# Standard Exclusions

# ====================

sonar.exclusions=e2e/**/*

sonar.coverage.exclusions=**/*

# ====================

# Issue Ignore Rules

# ====================

sonar.issue.ignore.multicriteria=e1,tech1,tech2,fp1,fp2,fp3,fp4,fp5,fp6

# Exclude TODO comments from e2e folder (S1135: Track uses of "TODO" tags)

sonar.issue.ignore.multicriteria.e1.ruleKey=typescript:S1135

sonar.issue.ignore.multicriteria.e1.resourceKey=e2e/**/*

# FP: package-lock.json contains dependency names with "password" keyword

sonar.issue.ignore.multicriteria.fp1.ruleKey=json:S2068

sonar.issue.ignore.multicriteria.fp1.resourceKey=package-lock.json

# FP: NODE_ENV=development in Dockerfile builder stage is intentional (production stage uses NODE_ENV=production)

sonar.issue.ignore.multicriteria.fp2.ruleKey=docker:S4507

sonar.issue.ignore.multicriteria.fp2.resourceKey=Dockerfile

# FP: npm ci without --ignore-scripts is required for postinstall hooks (prisma generate, etc.)

sonar.issue.ignore.multicriteria.fp3.ruleKey=docker:S6505

sonar.issue.ignore.multicriteria.fp3.resourceKey=Dockerfile

# FP: npm ci without --ignore-scripts in GitHub Actions is required for build

sonar.issue.ignore.multicriteria.fp4.ruleKey=githubactions:S6505

sonar.issue.ignore.multicriteria.fp4.resourceKey=.github/workflows/*

# ====================

# Technical Debt Exclusions

# ====================

# TODO: Fix bootstrap configuration (S7785: top-level await not possible with CommonJS module)

sonar.issue.ignore.multicriteria.tech1.ruleKey=typescript:S7785

sonar.issue.ignore.multicriteria.tech1.resourceKey=src/main.ts

sonar.issue.ignore.multicriteria.tech2.ruleKey=typescript:S7785

sonar.issue.ignore.multicriteria.tech2.resourceKey=src/standalone.ts

# FP: standalone.ts uses hardcoded credentials for local-only embedded-postgres (not production)

sonar.issue.ignore.multicriteria.fp5.ruleKey=typescript:S2068

sonar.issue.ignore.multicriteria.fp5.resourceKey=src/standalone.ts

# FP: standalone.ts enables CORS without restrictions — intended for local development tool

sonar.issue.ignore.multicriteria.fp6.ruleKey=typescript:S5122

sonar.issue.ignore.multicriteria.fp6.resourceKey=src/standalone.ts

# ====================

# Duplicate Code Exclusions

# ====================

sonar.cpd.exclusions=**/e2e/**