Hi @rajnish.sharma ,
It’s a very good idea to upgrade your version to use the 8.6 (or even 8.7 when it’s released) of SonarQube you will benefit from much more than “only” new rules, but also new languages covered, new features, new project homepage to focus more on the New Code, and apply the CAYC (Clean As You Code) philosophy behind our products.
In SonarQube, you can choose the rules set that you apply to your project, by defining your Quality Profiles. So you can activate here and deactivate the rules that are relevant for your organisation.
That being said, you should not be worried about adding new rules to your server and your analysis, and discover new “issues” :
- these issues already are in your code, it’s only that the previous analysis in 6.0 missed them, because the rules didn’t exist at that time (which is a long time ago…)
- you should focus on the New Code → If you set up your New Code period correctly, even if your technical debt increases because you find new issues, the New Code should still be clean and safe, and your developers should focus on this part.
- it’s always good to know when a security vulnerability is hidden in your code, even if a 6.0 SQ version didn’t catch it before → it’s always time to fix it now
And to add on top of this, languages analysers versions are now bound to SonarQube version (since 8.5).