Sonar Community

Measures stopped working after updating to 2025.3

SonarQube Server / Community Build

Morora (Morora) June 24, 2025, 9:00am 1

Must-share information (formatted with Markdown):
2025.3

how is SonarQube deployed: zip
what are you trying to achieve
I am trying to get it to work as intedend
what have you tried so far to achieve this
Adding size to query limits.

Hi everyone, since we update to sonarqube server 2025.3, any measure page (duplication and coverage) display message saying an error has been encountered.

If I open the developer console in Chrome, I get a 400 bad request and in the list of queries a 404 on that link :
http://mysonarqubeserver/api/measures/component?additionalFields=period%2Cmetrics&component=Iterium&metricKeys=accepted_issues%2Cnew_technical_debt%2Cnew_software_quality_maintainability_remediation_effort%2Chigh_impact_accepted_issues%2Cblocker_violations%2Csoftware_quality_blocker_issues%2Cbugs%2Cclasses%2Ccode_smells%2Ccognitive_complexity%2Ccomment_lines%2Ccomment_lines_density%2Cbranch_coverage%2Cnew_branch_coverage%2Cconditions_to_cover%2Cnew_conditions_to_cover%2Cconfirmed_issues%2Ccontains_ai_code%2Csca_count_any_issue%2Cnew_sca_count_any_issue%2Ccoverage%2Cnew_coverage%2Ccritical_violations%2Ccomplexity%2Cduplicated_blocks%2Cnew_duplicated_blocks%2Cduplicated_files%2Cduplicated_lines%2Cduplicated_lines_density%2Cnew_duplicated_lines_density%2Cnew_duplicated_lines%2Ceffort_to_reach_software_quality_maintainability_rating_a%2Ceffort_to_reach_maintainability_rating_a%2Cfalse_positive_issues%2Cfiles%2Cfunctions%2Cgenerated_lines%2Cgenerated_ncloc%2Csoftware_quality_high_issues%2Cinfo_violations%2Csoftware_quality_info_issues%2Cviolations%2Cprioritized_rule_issues%2Cline_coverage%2Cnew_line_coverage%2Clines%2Cncloc%2Clines_to_cover%2Cnew_lines_to_cover%2Csoftware_quality_low_issues%2Csoftware_quality_maintainability_issues%2Csqale_rating%2Csoftware_quality_maintainability_rating%2Cnew_software_quality_maintainability_rating%2Cnew_maintainability_rating%2Cnew_software_quality_maintainability_rating_with_aica%2Cnew_maintainability_rating_with_aica%2Cnew_maintainability_rating_without_aica%2Cnew_software_quality_maintainability_rating_without_aica%2Csoftware_quality_maintainability_rating_with_aica%2Csoftware_quality_maintainability_rating_without_aica%2Cmajor_violations%2Csoftware_quality_medium_issues%2Cminor_violations%2Cncloc_with_aica%2Cncloc_without_aica%2Cnew_accepted_issues%2Cnew_blocker_violations%2Cnew_software_quality_blocker_issues%2Cnew_bugs%2Cnew_code_smells%2Cnew_critical_violations%2Cnew_software_quality_high_issues%2Cnew_info_violations%2Cnew_software_quality_info_issues%2Cnew_violations%2Cnew_lines%2Cnew_software_quality_low_issues%2Cnew_software_quality_maintainability_issues%2Cnew_major_violations%2Cnew_software_quality_medium_issues%2Cnew_minor_violations%2Cnew_software_quality_reliability_issues%2Cnew_security_hotspots%2Cnew_software_quality_security_issues%2Cnew_vulnerabilities%2Copen_issues%2Cprojects%2Calert_status%2Creleasability_rating%2Creleasability_rating_with_aica%2Creleasability_rating_without_aica%2Csoftware_quality_reliability_issues%2Csoftware_quality_reliability_rating%2Creliability_rating%2Cnew_software_quality_reliability_rating%2Cnew_reliability_rating%2Cnew_reliability_rating_with_aica%2Cnew_software_quality_reliability_rating_with_aica%2Cnew_software_quality_reliability_rating_without_aica%2Cnew_reliability_rating_without_aica%2Csoftware_quality_reliability_rating_with_aica%2Creliability_rating_with_aica%2Csoftware_quality_reliability_rating_without_aica%2Creliability_rating_without_aica%2Creliability_remediation_effort%2Csoftware_quality_reliability_remediation_effort%2Cnew_software_quality_reliability_remediation_effort%2Cnew_reliability_remediation_effort%2Creopened_issues%2Csecurity_hotspots%2Csecurity_hotspots_reviewed%2Cnew_security_hotspots_reviewed%2Csoftware_quality_security_issues%2Csecurity_rating%2Csoftware_quality_security_rating%2Cnew_software_quality_security_rating%2Cnew_security_rating%2Cnew_security_rating_with_aica%2Cnew_software_quality_security_rating_with_aica%2Cnew_security_rating_without_aica%2Cnew_software_quality_security_rating_without_aica%2Csecurity_rating_with_aica%2Csoftware_quality_security_rating_with_aica%2Csoftware_quality_security_rating_without_aica%2Csecurity_rating_without_aica%2Csoftware_quality_security_remediation_effort%2Csecurity_remediation_effort%2Cnew_security_remediation_effort%2Cnew_software_quality_security_remediation_effort%2Csecurity_review_rating%2Cnew_security_review_rating%2Cnew_security_review_rating_with_aica%2Cnew_security_review_rating_without_aica%2Csecurity_review_rating_with_aica%2Csecurity_review_rating_without_aica%2Csca_severity_any_issue%2Csca_severity_licensing%2Cnew_sca_severity_any_issue%2Cnew_sca_severity_licensing%2Cnew_sca_severity_vulnerability%2Csca_severity_vulnerability%2Cskipped_tests%2Csqale_rating_with_aica%2Csqale_rating_without_aica%2Cstatements%2Csqale_index%2Csoftware_quality_maintainability_remediation_effort%2Csoftware_quality_maintainability_debt_ratio%2Csqale_debt_ratio%2Cnew_sqale_debt_ratio%2Cnew_software_quality_maintainability_debt_ratio%2Cuncovered_conditions%2Cnew_uncovered_conditions%2Cuncovered_lines%2Cnew_uncovered_lines%2Ctest_execution_time%2Ctest_errors%2Ctest_failures%2Ctest_success_density%2Ctests%2Cvulnerabilities

The parameters do seem to be long.
Would you know why both pages stopped working ?

Thanks,
Regards

ganncamp (G Ann Campbell) June 25, 2025, 1:06pm 2

Hi,

At a guess:

You’re using an IIS proxy. IIS is notorious for having a (relatively small) length limit on the URLs it will handle. It’s quite likely that IIS is chopping off the end of this URL so that what arrives at SonarQube is indeed 400/invalid.
You’ve installed one or more 3rd-party plugins that add metrics, thus lengthening this list beyond what it would be OOTB.

I would start by talking to your IIS admins.

HTH,
Ann

2 Likes

Morora (Morora) June 26, 2025, 12:32pm 3

Thank you for your answer.
I did have a length issue on IIS side.
I had set the request filtering maxquerystring and maxUrl in IIS but failed to add the http runtime.

After setting these values in the sonarqube iis website web.config, it works better :

<configuration>
  <system.web>
    <httpRuntime maxQueryStringLength="40960" maxUrlLength="81920" />
  </system.web>

  <system.webServer>
    <security>
      <requestFiltering>
        <requestLimits maxQueryString="40960" maxUrl="81920" />
      </requestFiltering>
    </security>
  </system.webServer>
</configuration>

I now need to tune the values so that they’re not as high and we’ll be all set.
Thanks again.

2 Likes

Topic		Replies	Views	Activity
404 on measures tab SonarQube Server / Community Build sonarqube	9	479	April 10, 2025
Sonarqube measures use http get, but parameters too large, and my nginx only close the connectio without any message SonarQube Server / Community Build	4	613	October 22, 2020
After updating to 10.6.0.9.92116 get 404 trying to get Measures SonarQube Server / Community Build	7	129	July 22, 2024
Project Coverage Measures Crashing SonarQube Server / Community Build coverage , sonarqube-cloud	1	46	October 21, 2024
Mesures click Not working after upgrade to V2025.1 SonarQube Server / Community Build sonarqube	6	57	April 7, 2025