Whether your issue is about a potential security problem, considered to be a bad coding practice, or a more serious logic error, fixing issues usually involve changes to the code. SonarLint’s issue messages contain useful information about how to fix the potential problem and include a rule description so that you can learn more about why the issue is reported.
SonarLint for Visual Studio offers multiple ways to Investigate issues and fix problems in your code.
When a file is open and there are issues with quick fixes then a lightbulb will appear on the line of the issue.
If lightbulb is clicked a menu with possible quick fixes will be opened.
If one of the quick fixes are selected, the fix will be applied automatically to your code.
- Quick fixes for the whole line are always shown #2878. To be explicit, the user is always shown quick fixes for all issues on the current line, rather than just for the current issue.
- When an edit elsewhere invalidates an issue, quick fixes are visible on the invalidated issue until a new analysis is run. When a new analysis is triggered, and the issue (with its subsequent quick fix) no longer exists, there is no quick fix to offer.
Please see the documentation about Taint vulnerabilities for more information about working with these particular security issues.
© 2015-2023, SonarSource S.A, Switzerland. Except where otherwise noted, content in this space is licensed under the GNU Lesser General Public License, Version 3.0. SONARLINT is a trademark of SonarSource SA. All other trademarks and copyrights are the property of their respective owners. See SonarSource.com for everything you need to know about the Sonar Solution.