Hi Claire,
what we see is the opposite - we tracked down a PR which contained a bug (Duplicate key ‘Components’) but the bug WAS NOT detected by sonar
this PR was successfully merged into long lived release branch and eventually from that release branch - a new PR was created to main branch. now in the second PR, which contained more features, this bug was detected for this file, for the newly added code block (line 85 from above) (Don’t have a full report anymore, sorry):
this example is for a bug in .vue code, but we see that in C# code as well
So we end up with a situation when bugs/smells are not detected when features are being merged in, but when we merge full release branch (witch should contain features with NO bugs/smells (new code bug gate is 0, that cannot be the cause)) - we suddenly see issues we need to fix.
I’ve also created another topic where I tried to rephrase this around our assumption that not all rules are being applied on every scan - could that be the case? Does Sonar run all rules for new code? - Get help / SonarCloud - SonarSource Community