Number of bugs more than doubled between builds

We’re seeing an issue where the number of bugs reported for a branch doubled from one build to the next. The second build in question only contained updates to a ReadMe file, so we know the code itself didn’t change to cause the bugs to appear. The code SonarCloud is flagging as “new code” are mostly files that haven’t been updated in months or years and they all have the tag “cwe”.

It seems most likely that we changed a setting or SonarCloud changed a setting. Is there a way to go about determining what was changed? Is there an audit history of some kind?

ALM: Azure DevOps
CI system: Azure DevOps
Languages of the repository: C#


Welcome to the community!

The C# analysis engine was updated late last week and it’s quite possible a number of rules got smarter. What are the dates of your before and after?

Edit: Just found the announcement:


1 Like


The change happened between the afternoon of Oct. 4 and the morning of Oct. 5. All of the new bugs do relate to null checking, so I think it might be the C# analysis engine changes. Thanks for your help identifying the change!

Since these are pre-existing issues, is there a way to tell SonarCloud to treat them as being found in “Overall Code” instead of “New Code”?