Frequently asked questions
This page contains questions and answers about SonarQube Cloud that you might be asking yourself.
Does SonarQube Cloud require single sign on - SSO?
SonarQube Cloud does not require single sign-on (SSO), as authentication is performed on the DevOps platform side.
Which identity providers does SonarQube Cloud support?
The following code repository platforms are supported as identity providers:
GitHub
Bitbucket Cloud
Azure DevOps Services
GitLab
You must have an account on one of these code repository platforms to log in to SonarQube Cloud.
How do I get rid of issues that are false-positives?
False Positive and Accept
You can mark individual issues as false positive or *accepted *through the issues interface. If you’re using short-lived branch and pull request analysis, issues marked as false positive or accepted will retain that status after merge. This is the preferred approach.
Help us improve our detection of security issues
When you mark a vulnerability as false positive or accepted, explain why in the comment box. This feedback and the vulnerability context (current file content, issue and rule details) are reviewed by our teams to make SonarQube Cloud better.
//NOSONAR
Most language analyzers support the use of the generic mechanism:
//NOSONAR
at the end of the line of the issue. This will suppress all issues - now and in the future - that might be raised on the line.
How do I find and remove projects that haven’t been analyzed in a while?
In your organization: Administration > Projects Management you can search for Last analysis before to filter projects not analyzed since a specific date, and then use bulk Delete to remove the projects that match your filter.
This can be automated using the corresponding Web API:
api/projects/bulk_delete?organization=ORG-KEY&analyzedBefore=YYYY-MM-DD
.
What are the browsers supported by SonarQube Cloud?
SonarQube Cloud supports the following browsers:
the last 3 Chrome versions
the last 3 Firefox versions
the last 3 Safari versions
the last 3 Edge versions
What Java versions are supported by SonarQube Cloud?
Java Version of Scanner Environment
If you are performing analysis in your local build environment through an installed scanner tool, then the Java runtime environment of the scanner (that is, the Java installed on your build machine) should be at least Java 17.
Similarly, if you are analyzing in a CI service, you should configure the Java environment to at least Java 17.
If you are exclusively using automatic analysis, that is, where the SonarQube Cloud service itself does the analysis, you do not have to do anything.
Java Version of Targeted Code
Pre-Java-17 code (for example, Java 11 code) will continue to be analyzable. The version bump applies only to the environment within which the scanner is running, not the code that is being analyzed. See the General requirements page for more details.
Last updated
Was this helpful?