Change issue type of old issues

Hi,

we have the problem that the type of an issue was changing (from Vulnerability => Bug). We like to adapt the type also in already existing issues now (in new/changed code it is working). I know that it is a feature to keep the type and severity in already existing issues.

Is there a way to adapt the type? I like to use the new settings of my current quality profile also in old code.

Regards,
Günter

Hi Guenter,

You can manually bulk change the type of those issues. Unfortunately there’s nothing automated to catch old issues up to this type of change.

 
Ann

Hi Ann,

thanks for your answer.

It’s very cumbersome to use the UI because there is this limitation of 250 issues per bulk change. Think for such cases there should be some kind of “reset” possible. I tried to assign a new quality profile, but also with a new quality profile it keeps the old values from the old profile. Hard to say if this is a bug or a feature? For SCM there is this sonar.scm.forceReloadAll, think there should be something similar here?

Regards,
Günter

Hi,

We consider it a feature not to churn your issues when we update our thinking on a rule. The idea is that if you have a Quality Gate condition on Bugs > 0, and we change a rule type from Code Smell to bug, we don’t what to fail your QG for you just because you upgraded your analyzer.

 
Ann

Hi,

totally agree if someone is using same Quality Profile. In case you are assigning a new Quality Profile I would expect that new values of new Quality Profile for the whole code base is used?

In your sample “Code Smell => Bug” it also depends. In case the team agrees that this issue is a bug (maybe critical) it has to be fixed also in legacy code.

See several solutions:

  • assignment of new Quality Profile reset values
  • explicit setting to reset values
  • better UI support (> 250)

Regards,
Günter

Hi Guenter,

FYI, a profile is just a collection of rules. At the point where issues are being raised, the analyzer doesn’t know which collection a rule came from, only that it’s on. So it’s not feasible to detect that the issue came from a different profile.

 
Ann