Is historical MR scan detail accessible after new commit is push to the same MR?

zacktzeng · June 24, 2022, 8:12pm

Hello. I am using SonarQube with GitLab and wondering if it’s possible to retrieve the scan result of an MR for previous commits. Let’s say developer found a vulnerability in the MR after sonar-check pipeline fails and push another commit for the MR to fix the error, which means the sonar check pipeline got run again, Can I access the scan result of the previous commit, the one with vulnerable code?

Colin · June 27, 2022, 10:41am

Hey there.

The point-in-time results of that scan will not continue to be available (nor will the history of measures), but you will see the vulnerability marked as “fixed” when browsing the Issues tab.