Dart
Supported versions
The level of support for a language is defined as follows:
- Fully supported: Analysis will complete. All the language features are understood and examined.
- Supported: Most language features are understood and examined but the version includes unsupported features. Analysis might break or provide incomplete results.
Version 2 is supported.
Versions 3 to 3.7 are fully supported.
Language-specific properties
You can discover and update Dart-specific properties in the project Administration > General Settings > Languages > Dart.
Preparing the analysis
Before performing the analysis, we highly recommend:
- retrieving all project dependencies declared in
pubspec.yaml
, for example, by runningflutter pub get
for Flutter projects,dart pub get
for Dart projects, etc. - performing a full and successful build of your Flutter or Dart project
Otherwise, you might get incomplete and potentially incorrect analysis results. Running flutter pub get
or dart pub get
alone may not be enough to produce a correct analysis, for example, when you analyze generated code.
Analyzing generated code
When code generation is done via automated source code generation, the analysis of generated code can only happen after the execution of source_gen
, which requires a full build of the Flutter or Dart project containing the builders.
When code generation is done via lower-level packages such as build, the analysis should only happen once the source has been generated and persisted on disk.
When a Generated
comment is present in the file, SonarQube ignores the entire file, even if only parts of it were generated. It's possible to enable or disable analysis of files containing generated code at the project level in Your project > Administration > General Settings > Languages > Your language > Analyze generated code.
Sonar provides the sonarcloud-github-action
action and the sonarqube-scan-action
action to ease the configuration of the analysis in GitHub.
However, up to v3
, the two GitHub Actions run the analysis in a Docker container, which has only access to the directory where the project is checked out.
That means that the action doesn't have access to the directory where dependencies have been retrieved, after running flutter pub get
, dart pub get
, or a similar command, which may result in an incomplete and potentially incorrect analysis.
Therefore, we suggest:
- either using
sonarqube-scan-action@v4
or above, which sincev4.1.0
is the unique entrypoint for both SonarQube Server and Cloud and is based on a composite action - or invoking the SonarScanner CLI directly (see the "Running SonarScanner CLI from the zip file" section).
Related pages
Was this page helpful?