Hi all,
I’ve implemented a simple GitHub Action (following all the default configurations) to scan a repo on PR and merge.
The scanning completes, and I see results appearing in the sonarcloud console. In the console it is reporting 10 bugs, 2 vulnerabilities, 18 Security hotspots, 62 code smells on the master branch.
In the GitHub pull request it is reporting scan results: 0 Bugs, 0 Vulnerabilities, 0 Security Hotspots, 0 Code Smells.
When I browse the links on the issues in GitHub, they are pointing to the PR
https://sonarcloud.io/project/issues?id=michaelshire_vulnado&pullRequest=2&resolved=false&types=CODE_SMELL
That link does resolve, and shows the same information, zero across the board.
Is it the fact that it is finding zero NEW issues? Is there a way I can configure it so that the report in the PR in GitHub reports the CURRENT issues instead?
Thanks!
Mike
Template for a good new topic, formatted with Markdown:
- ALM used (GitHub, Bitbucket Cloud, Azure DevOps)
- CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI
- Scanner command used when applicable (private details masked)
- Languages of the repository
- Only if the SonarCloud project is public, the URL
- And if you need help with pull request decoration, then the URL to the PR too
- Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
- Steps to reproduce
- Potential workaround