Sonarcloud analysis is running against files that were not changed in pull request in Azure Devops and reporting code smells (72 of them).
I’ve verified that our project is set up for analysis on new code “Previous version” only. The files with code smells were merged to our main branch two weeks ago. Merging main into my local branch for the pull request seems to have triggered the relationship between ‘new code’ and the analysis?
Is this a bug?
Typically when you see issues on old code reported in a pull request, it’s because there was a problem reading the SCM data, which is how analysis determines what’s new. Either that, or the branch being targeted by the PR wasn’t available in the local repository.
Thanks for the explanation, is there a way to fix that when it happens? I ended up adding a rule temporarily to exclude the folder from analysis, but that’s not something we want to do regularly if possible.
The root of this is probably a problem with collecting SCM blame data. That’s what you need to fix.
Wanna share your analysis logs?
The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.
This guide will help you find them.