Autogenerated files are started to show up in SonarCloud code since azure devops extension 4.42

  • ALM : Azure Devops
  • CI : Azure DevOps
  • Scanner command used:
- task: SonarCloudAnalyze@1
  displayName: 'Analyse SonarCloud'
  • Languages of the repository : c#


Starting today (17 october 2023), SonarCloud is asking for code coverage on files that was ignored before. These files contains classes with following attributes

    [System.CodeDom.Compiler.GeneratedCodeAttribute("xsd", "4.8.3928.0")]
    [System.Xml.Serialization.XmlRootAttribute("Bar", Namespace="", IsNullable=false)]

The only difference we spotted are the usage of azure devops extension 4.42 instead of 4.41

We do not want to take into account these files into the code coverage. The previous behavior was what we expected.

What to do ?



Welcome to the community and thanks for this report!

Can you confirm that none of your configuration for this project changed, either SonarCloud-side or on the project/build side?

Can you share your analysis logs?

The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.

This guide will help you find them.


Hi Ann,

Both run described, the one with expected behavior, and the one with unexpected behavior, are run against the exact same commit, both on dotnet repository, and pipepline repository. I can confirm there is no code change between both run. These pipelines do not interact with azure devops variable group, so no behavior can change from external values.

Here I guess the log asked, anonymized

2023-10-17T13:55:05.1884940Z ##[section]Starting: Analyse SonarCloud
2023-10-17T13:55:05.1888086Z ==============================================================================
2023-10-17T13:55:05.1888300Z Task         : Run Code Analysis
2023-10-17T13:55:05.1888413Z Description  : Run scanner and upload the results to the SonarCloud server.
2023-10-17T13:55:05.1888646Z Version      : 1.42.0
2023-10-17T13:55:05.1888733Z Author       : sonarsource
2023-10-17T13:55:05.1888837Z Help         : Version: 1.42.0. This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.

[More Information](
2023-10-17T13:55:05.1889669Z ==============================================================================
2023-10-17T13:55:05.3182649Z [command]/agent/_work/_tool/dotnet/dotnet /agent/_work/_tasks/SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255/1.39.0/dotnet-sonar-scanner-msbuild/SonarScanner.MSBuild.dll end
2023-10-17T13:55:05.3661102Z SonarScanner for MSBuild 5.14
2023-10-17T13:55:05.3663275Z Using the .NET Core version of the Scanner for MSBuild
2023-10-17T13:55:05.4136362Z Post-processing started.
2023-10-17T13:55:05.5362640Z Calling the SonarScanner CLI...
2023-10-17T13:55:05.6022769Z INFO: Scanner configuration file: /agent/_work/_tasks/SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255/1.39.0/dotnet-sonar-scanner-msbuild/sonar-scanner-
2023-10-17T13:55:05.6024939Z INFO: Project root configuration file: /agent/_work/15/.sonarqube/out/
2023-10-17T13:55:05.6702908Z INFO: SonarScanner
2023-10-17T13:55:05.6703639Z INFO: Java 17.0.7 Inc. (64-bit)
2023-10-17T13:55:05.6704109Z INFO: Linux 6.2.0-1011-azure amd64
2023-10-17T13:55:05.8586990Z INFO: User cache: /home/AzDevOps/.sonar/cache
2023-10-17T13:55:06.0926230Z INFO: Analyzing on SonarCloud
2023-10-17T13:55:06.0931821Z INFO: Default locale: "en", source code encoding: "UTF-8" (analysis is platform dependent)
2023-10-17T13:55:06.4183159Z INFO: Load global settings
2023-10-17T13:55:06.5544160Z INFO: Load global settings (done) | time=137ms
2023-10-17T13:55:06.5575642Z INFO: Server id: 1BD809FA-AWHW8ct9-T_TB3XqouNu
2023-10-17T13:55:06.5642451Z INFO: User cache: /home/AzDevOps/.sonar/cache
2023-10-17T13:55:06.5692175Z INFO: Loading required plugins
2023-10-17T13:55:06.5697727Z INFO: Load plugins index
2023-10-17T13:55:06.7491638Z INFO: Load plugins index (done) | time=179ms
2023-10-17T13:55:06.7499233Z INFO: Load/download plugins
2023-10-17T13:55:06.8419748Z INFO: Load/download plugins (done) | time=93ms
2023-10-17T13:55:07.0478811Z INFO: Loaded core extensions: developer-scanner
2023-10-17T13:55:07.3246353Z INFO: Found an active CI vendor: 'Azure DevOps'
2023-10-17T13:55:07.3335410Z INFO: Load project settings for component key: '***projectkey***'
2023-10-17T13:55:07.4664283Z INFO: Load project settings for component key: '***projectkey***' (done) | time=133ms
2023-10-17T13:55:07.4706653Z INFO: Process project properties
2023-10-17T13:55:07.5110401Z INFO: Project key: ***projectkey***
2023-10-17T13:55:07.5111277Z INFO: Base dir: /agent/_work/15/s/src
2023-10-17T13:55:07.5111729Z INFO: Working dir: /agent/_work/15/.sonarqube/out/.sonar
2023-10-17T13:55:07.5761447Z INFO: Load project branches
2023-10-17T13:55:07.7660902Z INFO: Load project branches (done) | time=190ms
2023-10-17T13:55:07.7678915Z INFO: Check ALM binding of project '***projectkey***'
2023-10-17T13:55:07.9209828Z INFO: Detected project binding: BOUND
2023-10-17T13:55:07.9211045Z INFO: Check ALM binding of project '***projectkey***' (done) | time=153ms
2023-10-17T13:55:07.9230053Z INFO: Load project pull requests
2023-10-17T13:55:08.1008281Z INFO: Load project pull requests (done) | time=178ms
2023-10-17T13:55:08.1033748Z INFO: Load branch configuration
2023-10-17T13:55:08.4937617Z INFO: Load branch configuration (done) | time=391ms
2023-10-17T13:55:08.5001143Z INFO: Load quality profiles
2023-10-17T13:55:08.6660015Z INFO: Load quality profiles (done) | time=167ms
2023-10-17T13:55:08.6710709Z INFO: Load active rules
2023-10-17T13:55:12.0867693Z INFO: Load active rules (done) | time=3416ms
2023-10-17T13:55:12.2477851Z INFO: Organization key: ***orgkey***
2023-10-17T13:55:12.2483302Z INFO: Pull request 43434 for merge into master from feature/pipeline_form
2023-10-17T13:55:12.2596177Z INFO: Load project repositories
2023-10-17T13:55:12.6119948Z INFO: Load project repositories (done) | time=352ms
2023-10-17T13:55:12.6135652Z INFO: SCM collecting changed files in the branch
2023-10-17T13:55:12.6520224Z WARN: Could not find ref: master in refs/heads, refs/remotes/upstream or refs/remotes/origin
2023-10-17T13:55:12.6570654Z INFO: SCM collecting changed files in the branch (done) | time=44ms
2023-10-17T13:55:12.6705695Z INFO: Indexing files...
1 Like


Thanks for the confirmation and the log.

Unfortunately, that doesn’t seem to be the full log. Can you post the rest?

And since this may be tied to yesterday’s ADO extension release, I’m referring this to the team.



Unfortunately, my client is very highly restrictive on security, with a wants to use code obfuscation in order to achieve security (I do not personnaly share this strategy, but I am not going into any personnal risk). I am not authorized to display much more than what is already shared. I am sorry to not be able to share the full log :frowning:


To be clear, there’s no code in an analysis log (unless there’s been a parsing error). It’s perfectly normal to redact sensitive information such as paths, project names(?) and access tokens.


Is there any way to share logs through a private way? My client is using Paid Plan of SonarCloud

Hi Sonar team,

In the context of Azure DevOps - Yaml pipeline - SonarCloud Task v 5.14 / App language : C# :

We just realized our Sonar analysis that run on Task 5.14 have now a new behaviour, compared to v5.13.

Auto-Generated code is now included in the analysis, which in our case, multiply the LOC by 4.

Could it be a regression with a recent release of the plugin ?



1 Like

Hello @olivier.thomas,

We are currently investigating the issue.

To help us, can you give us the complete log of both SonarCloudPrepare and SonarCloudAnalyze tasks in verbose mode?
If possible, can you also share your MSBuild output?

Can you also share the following information:

  • the project types you are analyzing
  • the .NET SDK versions used
  • the MSBuild version used

You can find below how to enable verbose mode in the scanner:

Share the Scanner for .NET verbose logs

  • Add /d:"sonar.verbose=true" to the…
    • SonarScanner.MSBuild.exe or dotnet sonarscanner begin command to get more detailed logs
      • For example: SonarScanner.MSBuild.exe begin /k:"MyProject" /d:"sonar.verbose=true"
    • “SonarQubePrepare” or “SonarCloudPrepare” task’s extraProperties argument if you are using Azure DevOps
      • For example:
        - task: SonarCloudPrepare@1
              SonarCloud: 'sonarcloud'
              organization: 'foo'
              scannerMode: 'MSBuild'
              projectKey: 'foo_sonar-scanning-someconsoleapp'
              projectName: 'sonar-scanning-someconsoleapp'
              extraProperties: |
  • The important logs are in the END step (i.e. SonarQubeAnalyze / SonarCloudAnalyze / “Run Code Analysis”)

Share the msbuild detailed logs

MsBuild.exe /t:Rebuild /v:d


dotnet build -v:d

Thank you very much :pray:

Hello @worming004 @olivier.thomas,

I think we have come closer to the issue, the fix will be included in the next release of the C# analyzer. The issue is coming from the analyzer not being loaded at the correct step during the analysis.

In the meantime, you can use the sonar.plugins.loadAll=true option during the SonarCloudPrepare task in your Azure pipeline. This will ensure the C# analyzer is loaded at the right step to detect the generated files and exclude them from the analysis.

Like so:

- task: SonarCloudPrepare@1
      SonarCloud: 'sonarcloud'
      organization: 'foo'
      scannerMode: 'MSBuild'
      projectKey: 'foo_sonar-scanning-someconsoleapp'
      projectName: 'sonar-scanning-someconsoleapp'
      extraProperties: |

Let me know if this workaround fixes your issue.

Have a nice weekend!


Great !
thanks a lot for the quick feedback :+1:

Thanks Sebastien

we will give a try monday morning and share if it help

Have a nice weekend


The workaround seems to work fine. Thanks !