How does SonarQube decide when to enforce a 'Clean as you Code' rule on edited old code?

Paul_Doherty · January 26, 2024, 11:23pm

SonarQube version: 10.3

Hey All. SonarQube rookie and first time poster here. I hope this finds you well.

I have a question on how SonarQube enforces rules for “Overall Code” in the context of “Clean as you Code”. I have been experimenting by editing files that SonarQube has previously detected issues on. These issues are part of the “overall code” metrics and not the ‘New Code’ metrics. I was expecting to see SonarQube give a recommendation to address these existing code issues after I added a new change to the same file close to the old existing issue. However, this was not the observed case and SonarQube would only leave feedback for the new code issue. My question is, is this expected behaviour?
If it is expected behaviour then when does SonarQube decide that it’s time for you to “Clean as you Code”. Do different rules trigger this process differently? Does SonarQube enforce “Clean as you Code” when changes are made in the execution path rather than proximity to code?

If anyone can share any insights to this it would be massively appreciated. Please let me know if you need me to add any further details to make my question more clear.

vivek.reghunath · January 29, 2024, 2:37pm

Hello Paul,

Thank you for sharing the question.

With Clean as You Code, SonarQube recommends fixing all issues in the new code.
New code includes all added and changed lines of code.

To help you understand how the changed code is identified by SonarQube, I will quote the documentation:

All lines of code in all files under analysis that are not in the reference branch or have changed since the start date of the new code period are marked (and displayed in yellow in the SonarQube interface).

All issues with one or more of the marked lines as primary or secondary locations are categorized as new code issues.

Issues in proximity are not reported because that line is not considered new.

Can you share your expectations on how new code should be detected? If you are working on an old file, would you prefer to fix all issues on the file or at least in proximity?

Paul_Doherty · January 29, 2024, 9:33pm

Hi Vivek,

Thank you for the reply.

My expectation was that SonarQube would be more ‘aggressive’ (for want of a better word) with prompting users to address ‘Old Code’ issues.

The behaviour you mentioned does aligns with what I’m observing with my recent testing. This is ok.

Thank you for giving clarity on this.

Paul

vivek.reghunath · January 30, 2024, 8:04am

Sure, Paul.

We will continue to monitor the need and consider the benefits of a more aggressive approach with Clean as You Code.

Topic		Replies	Views
Why Clean as You Code Reports Methods Not Touched SonarQube Server / Community Build	1	295	October 25, 2023
Setting a Baseline for Code Quality SonarQube Server / Community Build sonarqube , coverage , sonarqube-ide	6	1365	July 10, 2023
How to disable clean as you code in sonarqube 9.9 version SonarQube Server / Community Build sonarqube	1	162	April 2, 2024
New Code Detection Issue – Unchanged Files Being Flagged as New Code SonarQube Server / Community Build sonarqube	5	74	November 7, 2024
Is there a way to report issues only on new code? SonarQube Server / Community Build	4	1084	May 18, 2021

How does SonarQube decide when to enforce a 'Clean as you Code' rule on edited old code?

Related topics