File exclusions
All versions of SonarLint will fetch file exclusions from the SonarQube or SonarCloud server when you bind a project or update a binding while running in Connected Mode. Check the SonarQube and SonarCloud documentation for information about defining your Analysis scope.
File exclusions in the IDE
When running in Connected Mode with SonarQube or SonarCloud, SonarLint will ignore local exclusions and fetch file exclusions from the SonarQube or SonarCloud server.
Defining file exclusions locally in SonarLint for VS Code is possible in versions 3.22 and newer.
Defining file exclusions
The sonarlint.analysisExcludesStandalone property is a simple way to locally exclude files from your analysis and can be used to configure wildcard patterns for files that only SonarLint will exclude. For example:
- The glob pattern
**/file[1-3].py - will exclude
file1.py,file2.pyandfile3.py
Go to VS Code Manage > Settings > Workspace and search sonarlint.analysisExcludesStandalone to add your exclusion patterns.
A second exclusion method configures VS Code to exclude files from your workspace; however, this may have unintended consequences such as files disappearing from the VS Code Explorer view.
To use VS Code’s file exclusions, go to VS Code Manage > Settings > Workspace, search File: Exclude and select Add Pattern. The Workspace setting has information about how VS Code uses wildcard patterns to manage exclusions in the editor.
Wildcard patterns
The recognized path-matching patterns are case-sensitive and defined using the following wildcards:
*Match zero or more characters (not including the directory delimiter,/).**Match zero or more directory segments or files within the path.?Match a single character (not including the directory delimiter,/).
Wildcard examples
- The pattern
**/*.css- matches
anyDirectory/anyFile.css - doesn't match
org/sonar.api/MyBean.java
- matches
- The pattern
**/*Bean.java- matches
org/sonar.api/MyBean.java - doesn't match
org/sonar.api/mybean.javaororg/sonar/util/MyDTO.java
- matches
- The pattern
**/*Bean?.java- matches
org/sonar/util/MyOtherBean1.java - doesn't match
org/sonar/util/MyOtherBean.java
- matches
- The pattern
org/sonar/*- matches
org/sonar/MyClass.java - doesn't match
org/sonar/util/MyClassUtil.java
- matches
- The pattern
org/sonar/**/*is equivalent toorg/sonar/**and- matches
org/sonar/anyDirectory/anyFile - matches
org/sonar/MyClass.java - doesn't match
org/radar/MyClass.java
- matches
The use of ? to match a single character is available in SonarLint for VS Code v4.0+.
Note that when running a local analysis for Security hotspots, it is possible to omit some folders from the project analysis. Because the use of Connected Mode is required to detect security hotspots in SonarLint, only the file exclusions defined in SonarQube or on SonarCloud will be respected; exclusions defined in VS Code will be ignored.
Check the documentation on Reporting security hotspots In the Whole Folder for those details.
Was this page helpful?
© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
