Hello,
we recently switched to the dotnet-sonarscanner in our project, because we want to analyse solutions containing c# and c++ code. At the same time, we also made the switch from Jenkins to gitlab ci/cd to run our analysis.
We noticed, that the pull request analysis now detects problems for lines which are not changed in the current branch.
Example to reproduce:
- branches: main (, branch1, branch2)
- create analysis on “main”
- create branch 1 from main => changes => analysis on pull request works
- create branch 2 from main => changes => analysis on pull request works
- merge branch 1 into main, but do not start new analysis on main branch, delete branch 1
- more changes on branch 2 => run analysis on branch2 pull request=> analysis contains changes from branch1 and branch2. Issues for branch2 pull request not only on changes made in this branch.
Is there an obvious fix for this? I read that scanners automatically detect pull request parameters when running GitLab CI and we are also seeing that its a pull request analysis on the sonarqube page as there is a link to the pull request (see picture below) and the url contains “…&pullRequest=XXXX”.
- Enterprise Edition, Version 9.5 (build 56709)
- dotnet-sonarscanner 5.8