- versions used (SonarQube, Scanner, Plugin, and any relevant extension) - 8.9 LTS
- error observed (wrap logs/code around triple quote ``` for proper formatting) - Post Upgrade some of the rules which were under vulnerabilities and now code bug still show under vulnerabilities. The rules updated in SonarQube upgrade did not carry through for vulnerability findings. Vulnerability findings that should be Code Smells are still Vulnerabilities even though clicking on the rule will show a Code Smell.
Welcome to the community!
When we re-examine a rule and update its type, existing issues raised by that rule are not also updated. This was a conscious choice on our part, and an attempt to minimize disruptions to our users.
If you like, you should be able to Bulk Change those issues to match the current rule type.
Thank you Ann ! It’s helpful