I'm trying to analyse a huge Java EE 6 project. Due to the given ruleset with some older rules we're bound to Sonarqube 4.5.6 with some special plug-ins at the moment (analysis runs with Sonar Scanner 2.5.1).
The analysis of the project finishes without failing, but there are many warnings in the log about classes which weren't found like
WARN - Class not found: javax.servlet.http.HttpServletRequest Similar warnings from other plugins are also reported. So I looked around and found a workaround by adding the path to the Java EE 6 .jars to the sonar.java.libraries config in the sonar-project.properties file. Now, I got rid of the warings (except few classes in org.apache.commons.io and org.apache.commons.fileupload - whereever the corresponding .jar may be).
This will work on my local machine, but the real sonar server is somewhere else, where no Java EE 6 is present. So, I'd thought of copying the relevant .jars in some directory there and reference the directory in the sonar.java.libraries.
My problem: how to find out which .jars are actually used by the sonar analysis? I don't want to copy thousands of files when actually just maybe ten are needed.
Is there some hidden log file written by sonarqube or something similar? Any other idea?
