We have recently encountered an issue with our SonarQube setup that we need assistance with.
Upon setting up a Sonar project, we performed a baseline run where we identified and marked all existing errors in the old codebase as “resolved as won’t fix”. However, despite this action, we have noticed that these baseline issues are reopening again when changes are made to the files containing the old code.
Could you please provide clarification on whether this behavior is expected in SonarQube? Shouldn’t the baseline run prevent these previously marked issues from being reported again until they are actually fixed?
Generally the issues should not be re-reported unless the code on the line, or perhaps the code around the line changes enough that the issue isn’t recognized by analysis as being the same one that was previously marked Won’t Fix.
Can you check for Closed/Fixed issues?
Can you check the change log of one of these previously-Won’t Fix issues to see if it does actually reflect the issue having previously been marked Won’t Fix and then re-opened by analysis?
Would you mind explaining why simply focusing on New Issues wasn’t sufficient? To be honest, this is the first time I’ve seen this workflow, and I’d like to understand why you felt the need to fully hide these old issues.