New code definition for Pull request not working

Template for a good new topic, formatted with Markdown:

• ALM used GitHub
• CI system used Github Actions
• Scanner command used when applicable
  sonar-scanner -Dsonar.projectVersion="${GITHUB_SHA::10}"
• Languages of the repository: JavaScript/TypeScript
• Only if the SonarCloud project is public, the URL
• Error observed

Coverage on new code lists files that are not modified in the current Pull request.

• Steps to reproduce

To demonstrate, we have created a test branch from the main branch, added one comment in one file with only one commit to be part of the pull request. once the analysis is complete, it listed more than 10 files that are not modified part of the current PR

• Potential workaround

No workaround worked. had to reduce coverage to lower levels to avoid blockers on the development pipeline.

Please advise what are possibilities why this could happen

Hey there.

Thanks for reaching out to us on this.

What does your GitHub Actions YAML file look like? Please share it entirely.

Thanks @Colin for response.

Here is redacted Github Actions YAML

name: Mobile App Sonar Analysis
on:
  pull_request:
    branches:
      - development
    types: [opened, synchronize, reopened]
  workflow_dispatch:

jobs:
  SonarAnalysis:
    timeout-minutes: 60
    steps:
      - uses: actions/checkout@v2
      - name: Use Node.js
        uses: actions/setup-node@v1
        with:
          node-version: '14.x'
      - uses: c-hive/gha-yarn-cache@v1
      - name: Set up JDK 11
        uses: actions/setup-java@v1
        with:
          java-version: 1.11
      - name: Install dependencies
        run: yarn --frozen-lockfile --network-timeout 90000
      - name: Run Tests in one chunk
        run: |
          npm run test:ci:pre-process
          npm run lint
          npm run test:ci
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          ENV_DEV: ${{ secrets.ENV_DEV }}

      - name: Collect and Publish Sonar Report
        run: |
          npm run test:ci:post-process -- -Dsonar.projectVersion="${GITHUB_SHA::10}"
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          ENV_DEV: ${{ secrets.ENV_DEV }}

Here is package.json section that’s relevant

...
"scripts": {
"test:ci:pre-process": "node react-native.config.js",
    "test:ci": "NODE_ENV=test jest --coverage --ci --env=jsdom --watchAll=false --testResultsProcessor jest-sonar-reporter --reporters='default'",
    "test:ci:post-process": "sonar-scanner",
    "lint": "tsc --noEmit && eslint --cache --ext .js,.jsx,.ts,.tsx ./",
}
...

Relevant configuration for sonar-project.properties file

...
sonar.exclusions=node_modules/**/*,reports/**/*, **/__mocks__/**/*, android/**/*.java, coverage/**/*, env/**/*, fastlane/**/*, ios/**/*, nswag/**/*, patches/**/*, babel.config.js, declarations.d.ts, jestSetupFile.js, metro.config.js, react-native.config.js, test-report.xml, .github/**/*, .githooks/**/*, src/common/service-proxies/**/*, src/assets/**/*,src/app/data/model/**/*, src/common/enums/**/*, src/app/data/raw/**/*,XXXXXXXXXXXXXXXXXXXX
sonar.host.url=https://sonarcloud.io
sonar.organization=XXXXXXXXXX
sonar.projectKey=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
sonar.sourceEncoding=UTF-8
sonar.sources=.
sonar.test.inclusions=**/__tests__/*.tsx, **/__tests__/*.ts, **/__test__/*.tsx, **/__test__/*.ts, **/__tests__/**/*.tsx, **/__tests__/**/*.ts, **/__test__/**/*.tsx, **/__test__/**/*.ts, **/*.test.ts, **/*.test.tsx
sonar.test.exclusions=node_modules/**/*,reports/**/*, **/__mocks__/**/*, android/**/*.java, coverage/**/*, env/**/*, fastlane/**/*, ios/**/*, nswag/**/*, patches/**/*, babel.config.js, declarations.d.ts, jestSetupFile.js, metro.config.js, react-native.config.js, test-report.xml, .github/**/*, .githooks/**/*, src/common/service-proxies/**/*, src/assets/**/*,src/common/enums/**/*, src/common/constant/**/*, src/common/context/featureFlag/**/*, src/common/generic/**/*, src/common/navigator/**/*, src/common/types/**/*, src/app/data/**/*, src/app/index.tsx, src/redux/store/**/*, XXXXXXXXXXXXXXXXXXXX
sonar.coverage.exclusions=src/common/service-proxies/**/*, src/assets/**/*,src/common/enums/**/*, src/common/constant/**/*, src/common/context/featureFlag/**/*, src/common/generic/**/*, src/common/navigator/**/*, src/common/types/**/*, src/app/data/**/*, src/app/index.tsx, src/redux/store/**/*, .storybook/**/*, src/components/modules/**/index.ts, **/*stories.tsx, XXXXXXXXXXXXXXXXXXXX
sonar.testExecutionReportPaths=test-report.xml
sonar.javascript.lcov.reportPaths=coverage/lcov.info
sonar.qualitygate.wait=true
...

Let me first suggest that you adjust your checkout to disable shallow clones, which can affect the detection of New Code.

    steps:
      - uses: actions/checkout@v2
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis

Since your scan is a bit atypical (orchestrated via NPM), can you also confirm that your PRs are analyzed and fall under the Pull Requests tab of your project?

Noted on shallow clone.

can you also confirm that your PRs are analyzed and fall under the Pull Requests tab of your project?

Yes. it does appear under Pull request tab of project.

Removed fetch-depth attribute and still sonar pull-request coverage behavior is same.

For a test, created a feature branch from development, added one comment in one file, and when sonar analysis was completed and it reports there are 649 new lines to cover