Found some issues today - SonarLint only analyses the file you are editing not all files that depends on it. As an example
class Test {
public Result method();
}
users somewhere else does
Test a;
if (a.method() == null) do;
then Test is changed to
class Test { @Nonnull public Result static method();
}
Code still compiles and links, but the user should have been changed to
if (Test.method() == null) do;
but wait it can no longer return null, so code should be removed…
SonarLint only trigger analysis of the currently edited file. Analyzing all dependent/depending code can be a bit expensive, not talking about how to compute this dependency graph.
You can manually trigger a full analysis of your project, if you want to check such cross-file issue.
The PR analysis is theoretically able to detect such issue, but we are not reporting them, since we only report issues on files added/changed in the PR. That’s something we are considering to change.