Skip to content

Reduce Sonar Bugs from 37 to 0 (Quality Gate Recovery) #216

Open
Bug
Open
Reduce Sonar Bugs from 37 to 0 (Quality Gate Recovery)#216
Bug
Assignees
jlouvel
Labels
bugSomething isn't working
@jlouvel

Description

@jlouvel
jlouvel
opened on Apr 1, 2026

Component

Other

Description

User Story
As a platform maintainer, I want to fix all current Sonar-reported bugs so that the framework passes the quality gate and remains stable for capability authors.

Business Value
Restores release confidence, lowers production risk, and prevents quality debt from growing across core engine and adapters.

Scope
Fix the currently reported 37 bugs in code covered by the quality gate, including required regression tests for each bug family.

Out of Scope
New features, refactors not tied to a bug fix, CI workflow redesign, and non-bug code smells unless directly required for bug resolution.

Acceptance Criteria

  1. Sonar Bugs metric is 0 for the main branch quality gate run.
  2. All fixed bugs are linked to tracked issue tickets.
  3. Each bug family includes at least one unit test and one integration/non-regression test.
  4. Full test suite passes in CI and locally (mvn clean test --no-transfer-progress).
  5. No increase in vulnerabilities; no breaking changes in public behavior.

Implementation Tasks

  1. Export and triage all 37 bugs by severity and root-cause family.
  2. Create bug tickets and map each Sonar issue to a ticket.
  3. Implement fixes in small PR batches by bug family (critical/high first).
  4. Add and run unit + integration tests per bug family.
  5. Re-run quality gate after each merge and track remaining bug count daily.
  6. Close tickets only after quality gate confirms resolution.

Definition of Done

  1. Quality gate passes with 0 bugs.
  2. All related tickets are resolved with linked PRs.
  3. Test coverage for changed paths is maintained or improved.
  4. Sprint demo includes before/after metrics (37 to 0) and regression evidence.

Estimate
8 story points (or 5-6 engineering days, depending on bug complexity and CI cycle time).

Risks

  1. Hidden coupling in engine modules may cause regression during fixes.
  2. Some Sonar findings may require broader architectural adjustments.
  3. CI cycle time can slow down iterative merge batches.

Risk Mitigation

  1. Fix by family in small PRs.
  2. Add regression tests before each fix.
  3. Run quality gate incrementally after each merged batch.

If you want, I can also produce this in a Jira-ready format with fields for Epic Link, Story Points, Labels, Components, and a pre-filled task checklist.Sprint Story Draft

Story Title
Reduce Sonar Bugs from 37 to 0 (Quality Gate Recovery)

User Story
As a platform maintainer, I want to fix all current Sonar-reported bugs so that the framework passes the quality gate and remains stable for capability authors.

Business Value
Restores release confidence, lowers production risk, and prevents quality debt from growing across core engine and adapters.

Scope
Fix the currently reported 37 bugs in code covered by the quality gate, including required regression tests for each bug family.

Out of Scope
New features, refactors not tied to a bug fix, CI workflow redesign, and non-bug code smells unless directly required for bug resolution.

Acceptance Criteria

  1. Sonar Bugs metric is 0 for the main branch quality gate run.
  2. All fixed bugs are linked to tracked issue tickets.
  3. Each bug family includes at least one unit test and one integration/non-regression test.
  4. Full test suite passes in CI and locally (mvn clean test --no-transfer-progress).
  5. No increase in vulnerabilities; no breaking changes in public behavior.

Implementation Tasks

  1. Export and triage all 37 bugs by severity and root-cause family.
  2. Create bug tickets and map each Sonar issue to a ticket.
  3. Implement fixes in small PR batches by bug family (critical/high first).
  4. Add and run unit + integration tests per bug family.
  5. Re-run quality gate after each merge and track remaining bug count daily.
  6. Close tickets only after quality gate confirms resolution.

Definition of Done

  1. Quality gate passes with 0 bugs.
  2. All related tickets are resolved with linked PRs.
  3. Test coverage for changed paths is maintained or improved.
  4. Sprint demo includes before/after metrics (37 to 0) and regression evidence.

Estimate
8 story points (or 5-6 engineering days, depending on bug complexity and CI cycle time).

Risks

  1. Hidden coupling in engine modules may cause regression during fixes.
  2. Some Sonar findings may require broader architectural adjustments.
  3. CI cycle time can slow down iterative merge batches.

Risk Mitigation

  1. Fix by family in small PRs.
  2. Add regression tests before each fix.
  3. Run quality gate incrementally after each merged batch.

If you want, I can also produce this in a Jira-ready format with fields for Epic Link, Story Points, Labels, Components, and a pre-filled task checklist.

Steps to Reproduce

Review the Sonar Bugs from the Quality Gate Recovery

Capability File (if relevant)



Logs & Stacktrace






Version


v1.0.0-alpha1


Runtime


JVM


Agent Context (optional)


Metadata
Metadata
Assignees
Labels
bugSomething isn't working
Type
Bug
Projects
No projects
Milestone
No milestone
Relationships
None yet
Development
No branches or pull requests
Issue actions