How does SonarQube decide when to enforce a 'Clean as you Code' rule on edited old code?

SonarQube version: 10.3

Hey All. SonarQube rookie and first time poster here. I hope this finds you well.

I have a question on how SonarQube enforces rules for “Overall Code” in the context of “Clean as you Code”. I have been experimenting by editing files that SonarQube has previously detected issues on. These issues are part of the “overall code” metrics and not the ‘New Code’ metrics. I was expecting to see SonarQube give a recommendation to address these existing code issues after I added a new change to the same file close to the old existing issue. However, this was not the observed case and SonarQube would only leave feedback for the new code issue. My question is, is this expected behaviour?
If it is expected behaviour then when does SonarQube decide that it’s time for you to “Clean as you Code”. Do different rules trigger this process differently? Does SonarQube enforce “Clean as you Code” when changes are made in the execution path rather than proximity to code?

If anyone can share any insights to this it would be massively appreciated. Please let me know if you need me to add any further details to make my question more clear.

1 Like

Hello Paul,

Thank you for sharing the question.

With Clean as You Code, SonarQube recommends fixing all issues in the new code.
New code includes all added and changed lines of code.

To help you understand how the changed code is identified by SonarQube, I will quote the documentation:

  1. All lines of code in all files under analysis that are not in the reference branch or have changed since the start date of the new code period are marked (and displayed in yellow in the SonarQube interface).
  2. All issues with one or more of the marked lines as primary or secondary locations are categorized as new code issues.

Issues in proximity are not reported because that line is not considered new.

Can you share your expectations on how new code should be detected? If you are working on an old file, would you prefer to fix all issues on the file or at least in proximity?

1 Like

Hi Vivek,

Thank you for the reply.

My expectation was that SonarQube would be more ‘aggressive’ (for want of a better word) with prompting users to address ‘Old Code’ issues.

The behaviour you mentioned does aligns with what I’m observing with my recent testing. This is ok.

Thank you for giving clarity on this.


1 Like

Sure, Paul.

We will continue to monitor the need and consider the benefits of a more aggressive approach with Clean as You Code.

1 Like