I am currently looking to add code analysis to a C# project. I'm running the analysis through Jenkins/C#/Visual Studio plugins and am not getting any issues reported on the dashboard. My issue JSON report has lots of the following issues:
{
"ruleId":"CS7035",
"level":"warning",
"message":"The specified version string does not conform to the recommended format - major.minor.build.revision",
"locations":[
{
"resultFile":{
"uri":"my file",
"region":{
"startLine":123,
"startColumn":22,
"endLine":123,
"endColumn":33
}
}
}
],
"properties":{
"warningLevel":4
}
},
...
Clearly the analysis is working and generating the issues. However when I view the project on the dashboard, it shows no bugs/vulnerabilities/etc. Interestingly, it does show the lines of code and duplication statistics.
The analysis does work for our JS code, so it seems to just be a C# thing.
You are using version 5.3 of the C# plugin that does not support the new version of the SARIF JSON format.
This was fixed in version 5.3.1 - see SONARCS-602.
Updating to this last version of the plugin should fix your issue.