We are running sonarqube on some very old code that hasn’t had code analysis before. I am finding that when I touch a java file many old bugs that existed in the code become “new” again, so the quality gate fails for new bugs or vulnerabilities. I can change the status of the issue to not be “open”, but I don’t have a way to test for status in the quality gate. Any suggestions for a work around or new feature. This is for sonarqube 8.1 developer edition.

At the moment I am trying to address most of the issues before we turn the quality gates back on so that the likelihood of a false “new” issue is minimized.

Hi,

Welcome to the community!

The question here is how/why your old issues are marked new again. Since you’re in 8.1 then you’ve got our (to date) best effort on issue backdating.

For one of these old/new issues, could you share screenshots of the issue changelog and the blame data on the issue line? E.G.

Selection_999(022)794×171 74.2 KB

 
Ann