# Troubleshooting

Knowing where to begin looking for information is the first step to reaching out for help. Many answers to commonly found problems can be found on the [SonarQube for IDE channel of the Sonar Community Forum](https://community.sonarsource.com/c/sl/11). See below for the basic steps to access the SonarQube for IDE logs when the analysis results are not what you expected.

Before posting to the Community, make sure that you have your logs ready by following the instructions below.

## How to get the SonarQube for Visual Studio logs <a href="#how-to-get-sonarqube-for-vs-logs" id="how-to-get-sonarqube-for-vs-logs"></a>

* Select **Show Logs** from the SonarQube help menu: **Extensions** > **SonarQube** > **Help** > **Show Logs**

To dig deeper, enable the **Verbose** output in the SonarQube Options, then repeat the action that caused the problem:

* Navigate to **Extensions** > **SonarQube** > **Options…** > **General** and set your **Logging level** to **Verbose**.

## Troubleshooting connected mode setup <a href="#troubleshooting-connected-mode-setup" id="troubleshooting-connected-mode-setup"></a>

### **No matching project found**

No matching project is found because:

* It’s best if you already have the project open in your IDE, otherwise SonarQube for Visual Studio might not be able to find a matching file.
* The current bound project or solution does not match the SonarQube Server or SonarQube Cloud project or solution. Please check your binding configuration.

If these solutions don’t help, follow the instructions about [#project-binding](https://docs.sonarsource.com/sonarqube-for-visual-studio/connect-your-ide/setup#project-binding "mention") to manually configure your project binding.

### **No matching issue found**

SonarQube for Visual Studio can’t find your issue because:

* You might not be on the same branch.
* The issue was fixed, or the source code may be different from the analyzed version.

### **Updating your credentials**

Unfortunately, you cannot update your SonarQube Server or SonarQube Cloud credentials in SonarQube for Visual Studio. Please see the [#updating-your-credentials](https://docs.sonarsource.com/sonarqube-for-visual-studio/connect-your-ide/setup#updating-your-credentials "mention") article on the *Connection setup* page.

## SSL/TLS errors

If you’re having trouble connecting to the server due to SSL/TLS errors, it might be because SonarQube for Visual Studio can’t verify the server certificate chain due to the fact that it can’t check the Certificate Revocation List. To troubleshoot and find out why, begin with making sure you’re using the latest version of SonarQube for Visual Studio, then check your logs:

1. Enable verbose logs. See [#how-to-get-sonarqube-for-vs-logs](#how-to-get-sonarqube-for-vs-logs "mention") above for details.
2. Make sure that your analyzers have had a chance to load and run (run Ctrl+S to be certain) and search for \[CertificateChainValidator] in the logs. Next, you’ll work to fix the issue that prevents the chain validation.
3. Manually add the certificate to the SonarLint trust store:
4. The documentation described in the [#server-ssl-certificates](https://docs.sonarsource.com/sonarqube-for-visual-studio/connect-your-ide/advanced-configuration#server-ssl-certificates "mention") article will explain how to do this.

SonarQube for Visual Studio expects the truststore.p12 to exist under \~/.sonarlint/ssl, where \~sonarlint refers to the C:\Users\username\\\~sonarlint folder; if the folder doesn’t exist, it can be added manually.

If all else fails, ask for help on [#the-sonar-community](https://docs.sonarsource.com/sonarqube-for-visual-studio/help#the-sonar-community "mention").

## Troubleshooting unexpected analysis results <a href="#troubleshooting-unexpected-analysis-results" id="troubleshooting-unexpected-analysis-results"></a>

Sometimes, issues found on the server differ from those found locally by SonarQube for IDE. Usually, the server-side rule configuration (your quality profile) is to blame; however, it could be something more than that. Maybe your local build configuration and system dependencies don’t align with your DevOps pipeline, or it could simply be that the issue, due to its complexity, is only detectable by SonarQube Server or SonarQube Cloud.

The collapsible below lists some of the most commonly encountered reasons, along with some details that will help you troubleshoot discrepancies.

<details>

<summary>Why your local analysis might be different than found on the server</summary>

**Some issues might be detected by third-party analyzers**

SonarQube for IDE will only run rules from Sonar analyzers including [custom rules extending Sonar analyzers](https://docs.sonarsource.com/sonarqube-server/extension-guide/adding-coding-rules). Third-party analyzers usually have their own IDE integration, and there is no plan to run them inside of SonarQube for IDE.

**Your test files might be mistaken as source files**

Test files can be defined in SonarQube (Server, Cloud) or SonarQube Community Build at either the project or global levels. In addition, test files can be defined in the IDE however, each IDE handles test files a bit differently:

* For example, SonarQube for Visual Studio does not distinguish between project and test code, and SonarQube for IntelliJ relies on the IDE to detect if a file is a test file. In the case where the IntelliJ IDE detects the test file for SonarQube for IntelliJ:
  * *The file is under a test sources root*. Those roots can be manually created by users or automatically populated by the IDE by relying on the build system such as Maven or Gradle, for example.
  * *The file is flagged as a test file by any plugin that you have installed*. The IDE bundles some internal plugins like the "JavaScript and TypeScript" plugin; these internal plugins can infer if a file should be considered as a test file. Third-party plugins can also infer test files, and SonarQube for IDE will recognize these as such.

Please review your IDE's page about [file-exclusions](https://docs.sonarsource.com/sonarqube-for-visual-studio/using/file-exclusions "mention") and check these pages to define your analysis scope on the server:

* [Setting analysis scope](https://app.gitbook.com/s/LWhbesChsC4Yd1BbhHhS/project-administration/adjusting-analysis/setting-analysis-scope "mention") at the project level in SonarQube Server
* Setting your [Analysis scope](https://app.gitbook.com/s/B4UT2GNiZKjtxFtcFAL7/managing-your-projects/project-analysis/setting-analysis-scope "mention") at the project level in SonarQube Cloud
* [Setting analysis scope](https://app.gitbook.com/s/bqrfLGeD0Y9vE5l9Le42/project-administration/adjusting-analysis/setting-analysis-scope "mention") at the project level in SonarQube Community Build

**Some rules are too complex to run locally**

Some rules can report issues at the project level or require extensive resources to analyze, such as injection vulnerabilities and some advanced bug detection rules; such issues are not displayed in SonarQube for IDE, only in SonarQube (Server, Cloud). See the article on [#unsupported-rules](https://docs.sonarsource.com/sonarqube-for-visual-studio/using/rules#unsupported-rules "mention") for more detail.

Please check the [SonarQube for IDE roadmap](https://www.sonarsource.com/products/sonarlint/roadmap/) for a list of features on the horizon.

**File or language types are not supported**

Check your IDE’s **Rules and languages** page for a list of supported languages and file types.

**The analyzer version may be different**

Improvements are constantly being made to the Sonar analyzers during the CI/CD development cycle. Depending on the product version you are running, you may have a different analyzer therefore, the results might be different.

* SonarQube Cloud is always running the latest analyzers.
* SonarQube Server and SonarQube Community Build run the latest available analyzer at the time of its release.
* SonarQube for IDE runs the latest available analyzer at the time of its release.
* Sometimes SonarQube for IDE downloads and uses the same SonarQube Server or SonarQube Cloud analyzer when running in connected mode.

**Your project configuration may be different**

Discrepancies in C and C++ analysis may result from different project builds and system dependencies. For example, you might have one set up in your local build configuration and another set up for your CI build configuration (or the configuration created by Autoscan).

</details>

## Language-specific examples <a href="#language-specific-examples" id="language-specific-examples"></a>

<details>

<summary>C or C++ Analysis</summary>

**Troubleshooting C or C++ Analysis**

If you’re using SonarQube for Visual Studio version 8.20 or older, troubleshooting CFamily analysis works a bit differently. Please see information inside the[#define-c-c-css-js-ts-or-secrets-detection-rules-for-local-analysis](https://docs.sonarsource.com/sonarqube-for-visual-studio/using/rules#define-c-c-css-js-ts-or-secrets-detection-rules-for-local-analysis "mention") exapandable for more information.

You can create a reproducer file for C and C++ analysis that contains diagnostic information to help the developers at Sonar investigate problems that occur in your analyses. Beginning in SonarQube for Visual Studio 8.10, the reproducer file may contain sensitive data about your machine’s environment variables. *\*Please take this into account when sharing your files.*

If you encounter a problem with C or C++ analysis, please contact us in the [Sonar Community forum](https://community.sonarsource.com/c/sl/visual-studio/35) and include the reproducer file. Follow the instructions below for complete instructions on how to do this.In case the analysis is not working or obvious false positives are raised, here are the recommended actions in order:

**1. Investigate the logs**:

* If there is no obvious sign in the logs, enable the **Verbose** output and check again.

**2. Enable Rule \`S2260\`**:

* In case of obvious false positives in the raised issues, enable the cpp:S2260 or c:S2260 rule and check if it raises issues in the culprit file. This rule indicates that the analyzer failed to parse part of the code and might give hints or indicate a configuration problem.
* Note that if you are using connected mode, you must enable it in your quality profile on SonarQube Server or Cloud to activate the rule locally. If not using connected mode, see [#define-c-c-css-js-ts-or-secrets-detection-rules-for-local-analysis](https://docs.sonarsource.com/sonarqube-for-visual-studio/using/rules#define-c-c-css-js-ts-or-secrets-detection-rules-for-local-analysis "mention") for instructions.
* If it raises issues, follow the rule description to fix your code; if not, move to the step in troubleshooting.

**3. Generate a CFamily reproducer file and report the issue**:

* When none of the previous suggestions work, please report the problem you encountered in the [Sonar Community forum](https://community.sonarsource.com/c/sl/visual-studio/35).
* In case of a false positive or an analysis failure, we need the CFamily reproducer file to investigate the issue. To generate the reproducer file, add the following analyzer option to the settings.json:
  * Navigate to **Extensions** > **SonarQube** > **Solution Settings** > **Analysis Properties**, select **Add** and add `sonar.cfamily.reproducer` as the property name and `<YOUR_FILE_PATH>.cpp` as the value.
* The `sonar.cfamily.reproducer` should point to the source or header file on which you face the issue. After setting that option, trigger the analysis on the culprit file. You should see in the logs that a file name `sonar-cfamily.reproducer` is generated in a temporary directory.
  * Because your reproducer file may contain sensitive information, ask us how to share it privately when you post on the Community.

**4. Finally, after you’re finished generating your reproducer file, delete the** **`sonar.cfamily.reproducer`** **property**:

* Navigate to **Extensions** > **SonarQube** > **Solution Settings** > **Analysis Properties** and select **Delete**.

</details>

<details>

<summary>JavaScript and TypeScript analysis</summary>

**Performance issues**

When analyzing JavaScript/TypeScript files that don't belong to a `tsconfig.json` file (referred to as 'orphan' files), you might encounter performance issues such as the analyzer stalling or consuming excessive memory. This might occur because SonarQube is creating a large number of TypeScript Programs for these orphan files, a situation indicated by log messages like "No tsconfig found for files, using default options …"

To resolve this, try setting the `sonar.javascript.createTSProgramForOrphanFiles` flag to `false` (the default setting is `true`) to create these programs. Changing it to `false` is recommended when performance issues are observed.

This new, more targeted solution replaces the older property, `sonar.javascript.sonarlint.typechecking.maxfiles`, which has been removed.

</details>