I asked this question on github: https://github.com/SonarSource/sonar-scanner-msbuild/issues/839
Im still unclear on what version does and why i should set it
For java I dont set it at all and it picks it up from the pom
For windows I generate a timestamp and have the scanner use that as the version
Am I doing this right? What if I didnt set the version on windows or java scans? I’m really confused about how this works and how it works with branches.
I just assumed every time I scan the scanner ships that analysis to the server and it sees that as a new scan. If I dont set the version does sonar server clobber the current scan? What would that do just prevent me from getting historical metrics for scans over time?
should i set the version to a timestamp for ALL scans of all platforms?
I think i might understand this more. Is the whole idea of new code period irrelevant if im using trunk based development with feature branches? because right now every feature branch is already compared to the “main” branch- seems like thats all I need. Not sure how new code period fits into this
As far as I know, the scanner picks up the version from the
AssemblyInfo file. So it seems to me you don’t need to specify a version manually with an explicit timestamp.
The purpose of the version is to track issues introduced in the “leak period”, typically since the previous release. The idea is to focus on keeping the new issues since the last release under control, to ensure good quality of new development.
I think i finally understand
For my purposes the release version makes sense but that means I need to manually configure the project version to only use to base version. Maven plugin sets the scan version automatically but it includes snapshots. I never got windows scanner to pick up the assembly version for project version though
@janos so im confused about this again. If I’m not setting the leak period is new code period useless? Where is the leak period graphs?
Im looking at the activity graph, my expectation was to see a point on the graph for each period but thats not what I see- I see a point for EVERY scan. How is that useful? I thought I would be able to see quality metrics in a time series between versions I set
The New Code Period setting defines the leak period. The terms “new code period” and “leak period” are basically synonyms. The idea is to identify issues that were introduced since the last release, and make sure they get cleaned up by the next release.
I’m not sure what graphs you’re referring to. The project’s Overview tab is a good place to look at the overall quality. The right-hand side is highlighted with yellowish background, and shows metrics about the leak period (== new code period), such as “New Bugs”, “New Vulnerabilities”, and so on.
I’m not sure I understand what you mean. I can try to explain a bit about the Activity page, as you might be confused about how it works. A new analysis will always produce a new point on this graph. On top of that, when an analysis bumps the project version, it will mark an event, and will be displayed differently (events can also be created manually). Over time, older activities get cleaned up, keeping only events (version bumps or manually created), and maximum one activity per week. I hope this helps.
thanks i think i undertand