As mentioned in my report, I’m using SonarQube 220.127.116.11138.
The particular issue that brought this to my attention states “September 4, 2018 10:14am Created”.
However, I can see in source control that there have been no changesets for this file since May (when the branch was created).
In terms of a baseline build, my expectations were as you described. The first build in the leak period would identify all issues as existing with none being new. My first build in for this project was on September 3, 2018 (see below, taken from the Activity tab of the project).
September 4, 2018 10:14 am Quality Gate Red (was Green)
September 3, 2018 4:13 pm (no mention of quality gate analysis)
August 31, 2018 1:40 pm Quality Gate Green (was Red)
So, what this reveals is that:
- The code file in question didn’t cause the quality gate to fail on August 31 (before the leak period date).
- The September 3rd analysis doesn’t have a quality gate result, which I assume is because it’s the baseline.
- The September 4th analysis has picked up an issue that existed in the previous builds analysed as the code file has been unchanged for months, but has indicated it is new.
Additionally, I’ve not enabled/disabled any rules over this period of the above analysis.
With regard to reviewing other issues, it’s a pretty consistent problem. I have many files that should have been analysed on both the 31st August (before the leak period) and 3rd September (within the leak period) and many analysed builds before that, that haven’t changed since the branch was created, which are now reporting new issues in the 4th September analysis.
If you need any more information, please let me know.