We use SonarQube and have it set up to append the analysis information onto our BitBucket PRs. The scans are finding some hotspots, and upon review they are safe.
After marking the hotspots as safe, the PR is still showing the failures.
Upon rerunning the scan with the hope that the safe hotspots won’t show up, the hotspots are showing up as having an issue again. We then have to re-mark the hotspots as safe.
Any idea how we can resolve this? Ideally, once marked safe, the next scan should still see it marked as safe.
What version of SonarQube are you using?
We just upgraded to 10.3 (build 82913) today, but the issue was happening with version 9.9.
We’ll try this out again with 10.3 when a hotspot pops up with another PR.
The issue still happens with version 10.3. After marking a hotspot as safe, the next scan still shows the hotspot as an issue. Additionally, marking the hotspot as safe does not update the PR in Bitbucket, so the PR blocking functionality does not work as expected.
Sorry for the delay on this one. I have one missing piece to try and reproduce this and I hope I’m unblocked soon.
Has there been any progress on this? Were you able to reproduce the issue?