Hi all,
We’re using SonarQube 9.4, scanning C#, javascript and .css files. We have sonar.scm.disabled. We use a specific master scan as a reference scan to identify new code on branch scans.
I’m trying to manage a project with a large legacy codebase, which has many SonarQube issues flagged, which we’re addressing over time via a prioritised backlog while new functionality is developed. Often, the same files which contain legacy issues are modified, and we don’t want any new issues created, and thus we have a process to break a build, and any new issues must be fixed before a branch can be merged to master.
However, every so often, legacy issues become flagged as new code, when the file has been modified, but no code within a hundred lines has been changed. For instance, we recently modified a file which contains 26 known legacy SQ issues. Just one of those legacy issues was flagged as new when the merge to master occurred (and again, no code nearby was modified):
However, on the branch scan, this legacy issue was clearly marked as being 1 year old:
Is there any explanation as to why this can happen, any way we can prevent it from happening? The scanner logs show absolutely no issues when scanning these files. Could it ever be possible to leave the issue as flagged, but change the date on it so it is not seen as new?
Any help appreciated.