I'm running SonarQube scanner on a java project. In the properties file there's a property sonar.java.binaries=**/classes to specify classes location for the projects.
The scan failed showing this error:
ERROR: Error during SonarQube Scanner execution
ERROR: Please provide compiled classes of your project with sonar.java.binaries property
when:
sonar.java.binaries propertysonar.java.binaries property to nullsonar.java.binaries=**/classes but in the project directories there was no classes dir or there were empty onesThe scan was completed successfully when:
sonar.java.binaries=**/classes and I created a classes folder putting into it a bogus file blabla.classSo my question is: why are the classes required if the scanner is working also without them?
Copied from the official documentation:
Java bytecode is required
Analyzing a Java project without providing the Java bytecode produced by
javac(Android users: Jack doesn't provide the required.classfiles) and all project dependencies (jar files) is possible, but will result in an increased number of false negatives, i.e. legitimate issues will be missed by the analyzer.From SonarJava version 4.12 binary files are required for java projects with more than one java file. If not provided properly, analysis will fail with the message
Please provide compiled classes of your project with sonar.java.binaries propertySee Java Plugin and Bytecode for how to provide the Java bytecode if you are not using Maven to run your analysis.
As you see, the bytecode is required. If you don't feed the analyzer with the bytecode then built syntax/dependecy tree will miss some data, and you get more false negatives (issues which should be reported, but weren't).