PR analysis does not show issues later full analysis shows

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  • how is SonarQube deployed: zip, Docker, Helm
  • what are you trying to achieve
  • what have you tried so far to achieve this

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

Hello first off:

  • SonarQube version: 9.9.0.65466
  • SonarQube is deployed as docker.
  • We are analyzing the code on each PR/MR (GitLab) and nightly analysis of the whole code base.

We are encountering that PR/MR scans do not pick up bugs or code smells discovered only after the whole code base scan is complete nightly.

We are analyzing .Net and JavaScript/Typescript code .Net seems to not have this issue since the compiler raises the issue and the whole file is picked up as PR/MR change in the analysis. But the issue is for Javascript/Typescript code.

Code example:
Code before PR/MR

switch(a) {
 case "1":
  return "one";
 case "2":
  return "two";
}

PR/MR changes

switch(a) {
 case "1":
  "one";
 case "2":
  "two";
}

As you can see cases were changed so that there are no break or return statements defined this would raise a code smell issue that should stop the PR/MR from being merged. But none of them were raised during the lifetime of the PR/MR. When the whole code analysis was complete 2 code smells would be reported on lines case "1": and case "2": In other words on PR/MR analysis only issues reported on changed lines are reported and others are I guess omitted.

I could not find any documentation for scanner settings or SonarQube project settings where this kind of issues could be detected sooner. I did find this feature request [FR-9] - Jira and https://portal.productboard.com/sonarsource/3-sonarqube/c/295-new-pull-request-issues-on-unchanged-code

Is there anything we could do to report this kind of issues sooner or if this feature request can be bumped up?

Hey there.

You’ve found all the right resources, and I hope we get to New Pull Request issues on unchanged code in the v10.x series. Voting on that portal card and encouraging others to do the same is a great way to build traction for this issue.