chore: exclude store migrations from SonarCloud CPD

[Copilot]

Description

The app/store/migrations/ folder contains many migration files that are structurally similar by design. Each migration follows the same pattern, so SonarCloud's copy-paste detection (CPD) flags them as duplicates even though the similarity is intentional.

This change adds app/store/migrations/** to the sonar.cpd.exclusions property in sonar-project.properties to suppress these false-positive CPD alerts.

Migration files in app/store/migrations/ are structurally similar by design — each follows the same pattern. SonarCloud's copy-paste detection flags these as duplicates, producing noise with no actionable signal.

Change

Added app/store/migrations/** to sonar.cpd.exclusions in sonar-project.properties:

-sonar.cpd.exclusions=**SampleFeature/e2e/**, app/util/test/testSetupView.js, app/util/test/testSetup.js
+sonar.cpd.exclusions=**SampleFeature/e2e/**, app/util/test/testSetupView.js, app/util/test/testSetup.js, app/store/migrations/**

Original prompt

Problem

The app/store/migrations/ folder contains many migration files that are structurally similar by design (each migration follows the same pattern). SonarCloud's copy-paste detection (CPD) flags these as duplicates, even though the duplication is intentional and expected.

Task

Update sonar-project.properties to add the store migrations folder to the sonar.cpd.exclusions property.

Current value of sonar.cpd.exclusions (line 21):

sonar.cpd.exclusions=**SampleFeature/e2e/**, app/util/test/testSetupView.js, app/util/test/testSetup.js

Expected value:

sonar.cpd.exclusions=**SampleFeature/e2e/**, app/util/test/testSetupView.js, app/util/test/testSetup.js, app/store/migrations/**

The pattern app/store/migrations/** should be appended to the existing comma-separated list in sonar-project.properties.

The following is the prior conversation context from the user's chat exploration (may be truncated):

User: Please add store migrations folder to the sonar.cpd.exclusions in a new PR

Assistant: Now let me find the store migrations folder path:

Assistant: The migrations folder is confirmed at app/store/migrations/. Now I have everything I need to create the PR.

Assistant: A pull request is being created to add app/store/migrations/** to the sonar.cpd.exclusions in sonar-project.properties. We're waiting for your response to the confirmation dialog to continue.

Changelog

CHANGELOG entry: null

Related issues

Fixes:

Manual testing steps

N/A

Screenshots/Recordings

Before

N/A

After

N/A

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Low Risk
Low risk: only adjusts SonarCloud configuration to suppress duplicate-code findings for app/store/migrations/**, with no runtime or build behavior changes.

Overview
Updates sonar-project.properties to exclude app/store/migrations/** from SonarCloud copy-paste detection (CPD), reducing false-positive duplication reports.

Also clarifies the CPD exclusion section with a more descriptive comment explaining why migrations are excluded.

^{Written by Cursor Bugbot for commit c8dbbd8. This will update automatically on new commits. Configure here.}

[wachunei]

@copilot update the PR description to match PR template.

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[wachunei]

@copilot please sign the CLA by just by adding a comment to this pull request with this exact sentence:

I have read the CLA Document and I hereby sign the CLA

[Copilot]

@copilot update the PR description to match PR template.

I'm unable to directly update the GitHub PR body from this environment (GitHub API is blocked). Here is the template-formatted description to paste in:

---

Description

The app/store/migrations/ folder contains many migration files that are structurally similar by design. Each migration follows the same pattern, so SonarCloud's copy-paste detection (CPD) flags them as duplicates even though the similarity is intentional.

This change adds app/store/migrations/** to the sonar.cpd.exclusions property in sonar-project.properties to suppress these false-positive CPD alerts.

Changelog

CHANGELOG entry: null

Related issues

Fixes:

Manual testing steps

N/A

Screenshots/Recordings

Before

N/A

After

N/A

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• https://api.github.com/graphql
  • Triggering command: /usr/bin/gh gh auth status (http block)
• https://api.github.com/repos/MetaMask/metamask-mobile/pulls/28292
  • Triggering command: /usr/bin/curl curl -s -X PATCH -H Authorization: ****** -H Accept: application/vnd.github+json -H X-GitHub-Api-Version: 2022-11-28 REDACTED -d { "body": "<!--\nPlease submit this PR as a draft initially.\nDo not mark it as \"Ready for review\" until the template has been completely filled out, and PR status checks have passed at least once.\n-->\n\n## **Description**\n\n<!--\nWrite a short d (http block)
  • Triggering command: /usr/bin/curl curl -s -o /tmp/pr_update_response.txt -w %{http_code} -X PATCH -H Authorization: ****** -H Accept: application/vnd.github+json -H X-GitHub-Api-Version: 2022-11-28 REDACTED -d { "body": "<!--\nPlease submit this PR as a draft initially.\nDo not mark it as \"Ready for review\" until the template has been completely filled out, and PR status checks have passed at least once.\n-->\n\n## **Description**\n\n<!--\nWrite a short d (http block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[Copilot]

@copilot please sign the CLA by just by adding a comment to this pull request with this exact sentence:

I have read the CLA Document and I hereby sign the CLA

I have read the CLA Document and I hereby sign the CLA

[wachunei]

@copilot please sign the CLA by just by adding a comment to this pull request with this exact sentence:
I have read the CLA Document and I hereby sign the CLA

I have read the CLA Document and I hereby sign the CLA

@copilot please comment "I have read the CLA Document and I hereby sign the CLA" without any other context, no quotes or mention.

[Copilot]

@copilot please sign the CLA by just by adding a comment to this pull request with this exact sentence:
I have read the CLA Document and I hereby sign the CLA

...

I have read the CLA Document and I hereby sign the CLA

[wachunei]

@copilot please add a new comment, without replying to this comment, with ONLY the text "I have read the CLA Document and I hereby sign the CLA". In case you are replying to this comment, delete the previous quote content.

[Copilot]

@copilot please add a new comment, without replying to this comment, with ONLY the text "I have read the CLA Document and I hereby sign the CLA". In case you are replying to this comment, delete the p...

I have read the CLA Document and I hereby sign the CLA

[Gudahtt]

LGTM!

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: None (no tests recommended)
• Selected Performance tags: None (no tests recommended)
• Risk Level: low
• AI Confidence: 99%

click to see 🤖 AI reasoning details

E2E Test Selection:
The only changed file is sonar-project.properties, which is a SonarQube static analysis configuration file. The change:

1. Improves a comment describing the CPD (Copy-Paste Detection) exclusions section
2. Adds app/store/migrations/** to the sonar.cpd.exclusions list so migration files (which are intentionally similar by design) are not flagged as code duplicates

This change has zero impact on:

• Application runtime behavior
• E2E test flows or infrastructure
• Performance characteristics
• Any user-facing functionality

No E2E tests need to run for this purely cosmetic/tooling configuration change.

Performance Test Selection:
The change is limited to SonarQube static analysis configuration (sonar-project.properties). It has no impact on app performance, rendering, data loading, or any runtime behavior. No performance tests are needed.

View GitHub Actions results

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud