Compare new rules and old rules

  • which versions are you using (SonarQube=8.9 LTS, Scanner=4.7)
    We are planning to upgrade the SonarQube version from 8.9 to 9.7.
    How can we compare the old to new Languages Rules?
    We need to compare this because the last time when we upgraded to 8.9 the legacy code showed new bugs and variabilities.


What kind of comparison are you looking to make?

It’s inevitable that some of the rules you’re using have gotten smarter in the interim. And the issue dating algorithm should backdate new issues raised on old code in the first analysis after an upgrade.

Similarly, issues raised by brand new rules should also be backdated.


Hi @ganncamp,

I am looking for a Java rules comparison currently we have 633 Java rules in 8.9 LTS, When I update to the latest version of SonarQube they add more rules in it. Like on this page there are 649 rules for Java Java static code analysis: Credentials should not be hard-coded
This rule differences I have to compare with all other languages.
Hope you understand my question.
Please let me know if you need more explanation.


If you’re looking for a comprehensive list of rules added between the versions, I don’t have a good external resource to point you to. However, on the Rules page in your SonarQube instance, there’s an “Available Since” filter. Once you upgrade, you can use it to find the rules that the upgrade brought by filtering on your upgrade date.