New bugs appeared on long-lived branch

jenkins
new_code
branches

(Timothée) #1

SonarQube 71 (build 11001)
Build done with GNU make through a Makefile, calling arm-none-eabi-gcc (~200 files to build)
Runs on Windows Server 2012
Run from Jenkins with the command : sonar-scanner -Dsonar.branch.name=${env.BRANCH_NAME}

Hello,

We’re currently running into an issue with SonarQube where 4 bugs have been detected in our long-lived branch but not in the short-lived branch that was adding this code.

Those were the steps:

  1. Long-lived branch (develop) is clean, no bug, no smell.
  2. We create a feature branch (featureA) from develop. Here we have a new C file with 4 bugs (file1.c), but the file is not built (not in the Makefile)
  3. Our CI server runs the SQ analysis on featureA and finds nothing, no error in the execution, no bug detected
  4. We merge featureA into develop
  5. Our CI server runs the SQ analysis on develop and it comes out clean, no bug
  6. We create a new feature branch (featureB) from develop in which we add the file1.c to our Makefile, so now it’s built
  7. Our CI server runs the SQ analysis on featureB and finds nothing, no error in the execution, no bug detected
  8. We merge featureB into develop
  9. Our CI server runs the SQ analysis on develop and finds the 4 bugs in file1

This is a surprise because we expected SQ to find those 4 bugs at step 3 (code added) or 7 (code built).

Is this a SQ bug, a configuration issue ? Is there anything I can do to prevent new bugs to be merged in my long-lived branch (develop) ?