Kotlin Warning Classes Corresponding to detekt Rules

• Introduction
• detekt-derived Warning Classes
• Built-In Kotlin Warning Classes
• Enabling and Disabling

Introduction

This page describes the CodeSonar warning classes that are assigned to Kotlin warnings imported from a SARIF file produced by detekt.

For information on setting up your CodeSonar project to incorporate Kotlin source code and the corresponding detekt results, see Including Kotlin Components in a CodeSonar Project.

Kotlin Warning Classes from detekt rules

When CodeSonar imports a SARIF file, it determines a corresponding CodeSonar warning class for each rule object in the SARIF rules. If a given warning class does not already exist, the SARIF importer creates it.

There is special handling for SARIF files produced by detekt.

• CodeSonar ships with a large number of built-in Kotlin warning classes corresponding to messages from detekt version v1.23.8. Each of these classes has the following properties.
  • The Name is generated using a detekt-specific mechanism.
  • The Categories include a mnemonic (in the KOTLIN.* branch of the CodeSonar mnemonic hierarchy) and a detekt:<setname>.<rulename> category.
• In cases where there is no existing warning class corresponding to a particular rule object in the SARIF rules, the SARIF importer creates a new warning class.
  • The Name is generated using the same detekt-specific mechanism used for the built-in language warning classes.
  • The Categories include a detekt:<setname>.<rulename> category, but no mnemonic.

detekt-specific handling for warning class names and categories

Example

Suppose the imported SARIF file includes a rule object like the following.

# ...
    "rules":[
        # ...
      {
        "id": "detekt.style.MagicNumber",
        "name": "MagicNumber",
        # ...
      },
      # ...
    ], 
# ...

(This corresponds to the detekt MagicNumber rule.)

1. CodeSonar computes the corresponding warning class name: "Magic Number (detekt)".
2. If there is not already a warning class with this name, CodeSonar creates the warning class. The class categories will be
   • KOTLIN.STYLE.MN (the mnemonic)
   • detekt:style.MagicNumber
3. CodeSonar creates a "Magic Number (detekt)" warning instance for each result entry in the SARIF that has "ruleId": "detekt.style.MagicNumber".

CodeSonar will consider a SARIF file to be produced by detekt in the following cases.

SARIF files produced by detekt

CodeSonar will consider a SARIF file to be produced by detekt in the following cases.

• The SARIF file was produced and imported via a codesonar kotlin_scan.py invocation.
• The file is imported with a codesonar import_sarif.py invocation that specifies -analyzer detekt.
• The file is imported with a codesonar import_sarif.py invocation that does not specify -analyzer, and the SARIF importer can determine from the file contents that it was produced by detekt.

Built-In Kotlin Warning Classes

These warning classes correspond to rules from detekt version v1.23.8.

Enabling and Disabling

You have multiple degrees of control over reporting for the warnings issued by detekt.

• To enable checking for a specific detekt rule (and thus for the corresponding CodeSonar warning class), specify and configure that rule in your detekt configuration file.
  Similarly, you can disable detection for a given rule by removing that rule from the configuration file.

  See the detekt Configuration File documentation for details.

• To selectively disable submission to the hub for a warning or set of warnings, define a WARNING_FILTER discard rule in a suitable CodeSonar configuration file.

  You can also specify a combination of WARNING_FILTER discard and WARNING_FILTER allow rules, if that is the most convenient way to characterize a specific set. When you specify warning class names (or parts of names) in your WARNING_FILTER rules, make sure you are using the generated CodeSonar warning class name as described above.