The project is legacy and sonar scanning was added some time ago. The above changes are the only ones in the PR and still I get a lot of sonar warnings from files I haven’t changed. Since we have a policy that all sonar warnings need to be closed I cannot complete this PR without a massive effort to fix code I haven’t touched.
I tried setting the below settings, but I think those are autodetected anyway,
I think your upgrade picked up this change in the underlying scanner, which adds analysis of files that weren’t previously analyzed. Thus this PR analysis is seeing those files for the first time.
It’s nonetheless odd that they’re analyzed, since PR analysis should be working off of what the SCM metadata indicates is changed in the PR.
Can you try settingsonar.scanner.scanAll to false to see if that fixes it?
Thanks for the suggestion, but still experiencing the same problem. The PR only contains the yaml file and still I get all kinds of warnings from c# files.
In the SonarCloudPrepare@3 task I have this
sonar.inclusions = **/*.cs
I tried to change it to
sonar.exclusions=**/.cshtml
# sonar.inclusions = **/.cs
sonar.scanner.scanAll = false
But now I get errors like below. I saw these earlier also:
I think that’s actually progress: it indicates that analysis omitted files that were analyzed previously.
This may be about the SCM metadata that’s available to analysis. Can you share your analysis log?
The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.