使用Sonar-cxx社区插件v1.3.3的SonarQube 7.9.5中没有报告Cppcheck错误

我有SonarQube社区版(v7.9.5)服务器运行sonar-cxx社区插件v1.3.3

现在对于一个测试c++项目，我已经生成了cppcheck (v2.3)分析报告，并运行了sonar-scanner (https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.5.0.2216-linux.zip)，如下所示。

$ pwd
/testproj
$ ls
file1.cc
$ cat file1.cc 
int main()
{
char a[10];
a[10] = 0;
return 0;
}
$ cppcheck --enable=all --xml . 2> cppcheck_issues.xml
$ cat cppcheck_issues.xml 
<?xml version="1.0" encoding="UTF-8"?>
<results version="2">
<cppcheck version="2.3"/>
<errors>
<error id="arrayIndexOutOfBounds" severity="error" msg="Array &apos;a[10]&apos; accessed at index 10, which is out of bounds." verbose="Array &apos;a[10]&apos; accessed at index 10, which is out of bounds." cwe="788" hash="11923574308940205340">
<location file="file1.cc" line="4" column="2" info="Array index out of bounds"/>
</error>
<error id="unreadVariable" severity="style" msg="Variable &apos;a[10]&apos; is assigned a value that is never used." verbose="Variable &apos;a[10]&apos; is assigned a value that is never used." cwe="563" hash="9507758794529763218">
<location file="file1.cc" line="4" column="7"/>
<symbol>a[10]</symbol>
</error>
</errors>
</results>
$ sonar-scanner 
-Dsonar.host.url=<sonar-host-url>
-Dsonar.login=<sonar-token>
-Dsonar.projectName=testproj
-Dsonar.projectKey=testproj
-Dsonar.projectVersion=0.1
-Dsonar.cxx.cppcheck.reportPath=cppcheck_issues.xml
-Dsonar.exclusions=cppcheck_issues.xml
INFO: Scanner configuration file: /code/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarScanner 4.5.0.2216
INFO: Java 11.0.3 AdoptOpenJDK (64-bit)
INFO: Linux 4.1.12-124.43.4.el7uek.x86_64 amd64
INFO: User cache: /root/.sonar/cache
INFO: Scanner configuration file: /code/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: Analyzing on SonarQube server 7.9.5
INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent)
INFO: Load global settings
INFO: Load global settings (done) | time=142ms
INFO: Server id: 22633092-AXeMotAnTu7ckErSxqZC
INFO: User cache: /root/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=73ms
INFO: Load/download plugins (done) | time=141ms
INFO: Process project properties
INFO: Execute project builders
INFO: Execute project builders (done) | time=9ms
INFO: Project key: testproj
INFO: Base dir: /testproj
INFO: Working dir: /testproj/.scannerwork
INFO: Load project settings for component key: 'testproj'
INFO: Load project settings for component key: 'testproj' (done) | time=74ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=99ms
INFO: Load active rules
INFO: Load active rules (done) | time=1167ms
WARN: SCM provider autodetection failed. Please use "sonar.scm.provider" to define SCM of your project, or disable the SCM Sensor in the project settings.
INFO: Indexing files...
INFO: Project configuration:
INFO:   Excluded sources: cppcheck_issues.xml
INFO: 1 file indexed
INFO: 0 files ignored because of inclusion/exclusion patterns
INFO: Quality profile for c++: Sonar way
INFO: ------------- Run sensors on module testproj
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=41ms
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by net.sf.cglib.core.ReflectUtils$1 (file:/root/.sonar/cache/866bb1adbf016ea515620f1aaa15ec53/sonar-javascript-plugin.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
WARNING: Please consider reporting this to the maintainers of net.sf.cglib.core.ReflectUtils$1
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
INFO: Sensor C++ (Community) SquidSensor [cxx]
INFO: Load project repositories
INFO: Load project repositories (done) | time=31ms
INFO: Sensor C++ (Community) SquidSensor [cxx] (done) | time=312ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=9ms
INFO: Sensor JavaXmlSensor [java]
INFO: Sensor JavaXmlSensor [java] (done) | time=3ms
INFO: Sensor HTML [web]
INFO: Sensor HTML [web] (done) | time=23ms
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=27ms
INFO: No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it.
INFO: 1 file had no CPD blocks
INFO: Calculating CPD for 0 files
INFO: CPD calculation finished
INFO: Analysis report generated in 157ms, dir size=79 KB
INFO: Analysis report compressed in 22ms, zip size=12 KB
INFO: Analysis report uploaded in 58ms
INFO: ANALYSIS SUCCESSFUL, you can browse <sonar-host-url>/dashboard?id=testproj
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at <sonar-host-url>/api/ce/task?id=AXeQLS1KTu7ckErSxt5M
INFO: Executing post-job 'Final report'
INFO: Turn debug info on to get more details (sonar-scanner -X -Dsonar.verbose=true ...).
INFO: Analysis total time: 5.510 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 7.283s
INFO: Final Memory: 12M/44M
INFO: ------------------------------------------------------------------------

现在项目已经在SonarQube中成功创建/更新;但是，这些问题没有在SonarQube报告。有人能告诉我原因是什么吗?请参考SonarQube中的项目快照

注意-1:sonar.cxx.suffix .sources配置为"SonarQube服务器配置中c++ (Community)插件的值。并且，没有其他插件使用相同的配置键。

注意2:在ce.log

中没有看到错误/警告