The problem I have is the quality gate on a branch. For the branch, it is showing on the “Overview” page that “Security Hotspots Reviewed on New Code is Less than 100%” if I click on this, it shows me 9 files.
However, if I click on the “Measures” page and I filter by “Size > New Lines” I see something different. None of the 9 files which are causing the quality gate failure actually show up in “Size > New Lines”.
Regarding your question you should see the lines considered new highlighted in yellow in the interface. Is it possible your Security Hotspots are on new Lines that aren’t Lines of Code?
Is it possible your Security Hotspots are on new Lines that aren’t Lines of Code?
No, it’s not possible. The files identified as needed Security Hotspot review did not change at all.
After more research, I found this is actually related to this other question I posted Is it possible for SonarQube to miss things during a scan? - Get help / SonarQube - SonarSource Community. What seems like what’s happening is that during the 1st scan, SonarQube doesn’t identify all of the issues because after the 2nd scan the files - which have not changed - have more issues found on them and this is triggering a quality gate failure without the files showing up under measures as “new code”.