Was this page helpful?
On this page
Fixing issues
Whether your issue is about a potential security problem, considered to be a bad coding practice, or a more serious logic error, fixing issues usually involve changes to the code. SonarLint’s issue messages contain useful information about how to fix the potential problem and include a rule description so that you can learn more about why the issue is reported.
SonarLint for Visual Studio offers multiple ways to Investigate issues and fix problems in your code.
Quick fixes
When a file is open and there are issues with quick fixes then a lightbulb will appear on the line of the issue.
If lightbulb is clicked a menu with possible quick fixes will be opened.
If one of the quick fixes are selected, the fix will be applied automatically to your code.
Known limitations for quick fixes
- Quick fixes for the whole line are always shown #2878. To be explicit, the user is always shown quick fixes for all issues on the current line, rather than just for the current issue.
- When an edit elsewhere invalidates an issue, quick fixes are visible on the invalidated issue until a new analysis is run. When a new analysis is triggered, and the issue (with its subsequent quick fix) no longer exists, there is no quick fix to offer.
Fixing taint vulnerabilities
Please see the documentation about Taint vulnerabilities for more information about working with these particular security issues.
Marking issues
In SonarLint for Visual Studio 7.5+ running in Connected Mode with SonarQube or SonarCloud, it is possible to mark issues as Won’t Fix or False Positive from the IDE.
When running in Connected Mode with SonarQube 10.4 or newer, Won’t Fix becomes Accept.
Select a SonarLint issue in the Error window, right-click, and select Mark Issue as… from the list of actions.
Marking an issue can be applied only to known issues, issues found by SonarLint that match those found on SonarQube or SonarCloud. Marks made on known issues will be reflected on the SonarQube or SonarCloud server within a few minutes.
At this time, it is not possible to unmark, or reopen an issue in SonarLint for Visual Studio. All issues must be reopened in SonarQube or SonarCloud, and will again show in SonarLint after the next server synchronization. Please see the SonarQube and SonarCloud documentation on Issue lifecycles for more information.
Requirements for marking issues
- SonarLint for Visual Studio 7.5.
- Running in Connected Mode with SonarQube or SonarCloud.
- In SonarQube, the Administer Issues permission must be granted to the user(s).
This feature is not supported for security hotspots or taint vulnerability issues. Please see the dedicated pages for fixing each of those issue types.
C# and VB.NET issues marked in SonarLint do not show up in SonarQube or SonarCloud as marked until a new Roslyn analysis is run. When the next Roslyn analysis is triggered, SonarLint communicates with the server and removes the issue locally from the Error window.
© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
