How do we know the date when an issue was first found by an analysis?
- We use SonarQube Community Edition 8.7.1.
- We need to know the date when an issue was first found by an analysis. At our company, our software developers must follow internal security policies and compliance requirements. One of the requirements is to not exceed the grace period of an issue. The grace period is calculated using the date when an analysis first found the issue, and the severity of the issue, for example 30 days for blocker issues, and 90 days for minor issues. The problem is we do not know when an issue was first found.
- We tried to use the field
creationDatereturned by GET api/issues/search . But according to the Issues documentation, it seems that is the date when the source code was added to the repository, not when the issue was found.