BitBucket PR not updated after marking hotspots as safe

ebergemann · December 13, 2023, 7:07pm

We use SonarQube and have it set up to append the analysis information onto our BitBucket PRs. The scans are finding some hotspots, and upon review they are safe.

After marking the hotspots as safe, the PR is still showing the failures.

Upon rerunning the scan with the hope that the safe hotspots won’t show up, the hotspots are showing up as having an issue again. We then have to re-mark the hotspots as safe.

Any idea how we can resolve this? Ideally, once marked safe, the next scan should still see it marked as safe.

Colin · December 14, 2023, 3:17pm

Hey there.

What version of SonarQube are you using?

ebergemann · December 19, 2023, 5:22pm

We just upgraded to 10.3 (build 82913) today, but the issue was happening with version 9.9.

We’ll try this out again with 10.3 when a hotspot pops up with another PR.

ebergemann · December 22, 2023, 2:02pm

The issue still happens with version 10.3. After marking a hotspot as safe, the next scan still shows the hotspot as an issue. Additionally, marking the hotspot as safe does not update the PR in Bitbucket, so the PR blocking functionality does not work as expected.

Colin · January 4, 2024, 1:30pm

Hey @ebergemann

Sorry for the delay on this one. I have one missing piece to try and reproduce this and I hope I’m unblocked soon.

ebergemann · February 6, 2024, 1:57pm

Has there been any progress on this? Were you able to reproduce the issue?