-
-
Notifications
You must be signed in to change notification settings - Fork 757
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configurable severity per rule #3274
Comments
Thanks for submitting the proposal and willing to contribute this feature.
|
It sounds like there is no concern, so we are already at a consensus. I think the weakest point is probably |
I'm fine with adding a config option here. detekt/detekt-core/src/main/resources/default-detekt-config.yml Lines 10 to 14 in fc5c993
|
To support configurable severity per rule:
To implement #533, yes we can add a config option as well as a cli argument detekt/detekt-core/src/main/resources/default-detekt-config.yml Lines 10 to 14 in fc5c993
|
I would start small with just the first idea leaving out more advanced and complex options. |
I agree about adding a config for each rule. But, what should be the default severity? I think that all of them should be consider errors and then give the users the option to low the severity if they want. About the severity I think that 4 levels are enough: error, warning, info, ignore (I don't care that much of the names them selfs, but the idea) And what do we do if we have an active rule with ignore severity? Should we treat severity ignore as active false? |
There's already a default severity configured for each rule. At the moment it's hardcoded into the rule implementation. For the first version using the default value for each severity is fine. |
In my opinion,
|
I generally agree on the feature. Thanks @chao2zhang for tackling this.
I would like to challenge this statement. We currently support a When So ideally we should have those 4 levels:
Moreover, we also have a detekt/detekt-core/src/main/resources/default-detekt-config.yml Lines 10 to 12 in 2e89bd4
That is used only for config file validation. If we introduce configurable severity, I suppose users will be confused by this warningAsErrors here.
|
I guess |
In general, this feature can be implemented as:
I will probably publish a PR soon for backward-incompatible change, and we can later evaluate whether it will be worth breaking the compatibility. |
Agree. I'll be for having this as backward incompatible for Detekt 2.x I think we should also consider behavioral compatibility. Detekt users expect to work with the |
As @cortinico rightly pointed out I think I was inspired by sonarqube when choosing the current severity values. Other tools which @chao2zhang mentioned above use a much simpler "severity scale". We might want to deprecate our severity scale in favor of a simpler one in a future major release. MagicNumber:
severity: 'info' We can use this new field for the output reports. A I will test my implementation idea update this comment later. Edit: |
I really like the idea of a String to give maximum flexibility. This the users can add a post-processor and change them to their will. I'm thinking: can a rule raise two issues with different severities? Does it have sense? I think that the api should allow that. |
I like the string configuration example from above.
Can you name some current rules in the detekt rule set, where this would actually make sense? |
This topic was previously discussed in #3129 and #533, but I would like to make a proposal with new information.
Some well-known static analysis tools allow the users to configure severity on rule or ruleset:
This configurable severity level allows the tool itself to control the output and the exit code of the process. In addition, it also cooperates with other tools:
Now to support all the usecases, we need to be able to configure the severity per rule in the XML output as well as SARIF output. So far, the only configurable option I can see is
config.warningsAsErrors
, which is all or nothing. And the severity mapping for XmlOutputReport and SarifOutputReport are not flexible enough.In my opinion, this feature should be implemented before we close #533 and #3045
The text was updated successfully, but these errors were encountered: