From afbdb4e6b227695aa8859ad7d4bb8d7146629174 Mon Sep 17 00:00:00 2001 From: Bronek Kozicki Date: Tue, 30 Jun 2026 15:05:53 +0000 Subject: [PATCH] Suppress SonarCloud cpp:S5145 (examples) and cpp:S3659 (not-token) false positives Assisted-by: Claude:claude-opus-4-8 --- sonar-project.properties | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/sonar-project.properties b/sonar-project.properties index 8eab24b2..dc98961d 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -18,3 +18,16 @@ sonar.exclusions=.build*/**,**/_deps/** # CPD produces mostly false positives for this codebase. Since `sonar.cpd.skip=true` # does not work for C++ code, we use `sonar.cpd.exclusions=**/*` to effectively disable it. sonar.cpd.exclusions=**/* + +# Suppress selected SonarCloud issues (scope + rationale per entry): +sonar.issue.ignore.multicriteria=e1,e2 + +# e1 — cpp:S5145 (tainted input reaching an output sink), examples only: the demos read +# input and print it back, which is the point of a demo, not an injection surface. +sonar.issue.ignore.multicriteria.e1.ruleKey=cpp:S5145 +sonar.issue.ignore.multicriteria.e1.resourceKey=examples/**/* + +# e2 — cpp:S3659 (alternative operator tokens such as `not`), project-wide: deliberate +# readability choice — `not ` (with the trailing space) is harder to overlook than `!`. +sonar.issue.ignore.multicriteria.e2.ruleKey=cpp:S3659 +sonar.issue.ignore.multicriteria.e2.resourceKey=**/*