which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
9.0.1.46107
what are you trying to achieve
Let’s say I create a /release1 branch from /master. When the developer is working on a User Story, say story 12345, they will create a branch /st_12345 from /release1.
When the developer is ready, they submit a Pull Request to merge /st_12345 into /release1.
What is the New Code setting I need to use so that SonarQube will only scan the code changed in /st_12345 when compared to the code in /release1?
Currently, when the scan runs and the Pull Request is decorated with comments, I am getting issues raised for code that is not in the Pull Request for /st_12345.
Thanks for the example. I’m out of my depth now, but I’ve flagged this thread for more expert attention. Hopefully they’ll have what they need now to get started.
I have a couple of questions to try to clarify your use case.
From the image you shared with us, it seems that you’re using TFS as a code repository, am I correct?
Do know what source code manager is used under the hood? Git? TFVC?
Can you confirm that unexpected issues reported in the PR are also reported in the PR page on the SonarQube side? You can browse the code tab of your Project in SonarQube. If those files are present it means they are considered as new code.
Question #1: We are using Azure Repos in Azure DevOps Server 2020
Question #2: Git
Question #3: Yes, the same comment is present in the PR page in SonarQube
I’m not sure which New Code configuration I am supposed to use to prevent this from happening.
I have another example where there are 18 code smells raised against the PR but none of the code smells were for the file in the PR.
I suspect this is the root cause of your issue. Scanner PR analysis highly relies on Git and its history. The first thing you need to do is to fix those warnings.
Please come back to us to let us know if it solves your issue.
