Must-share information (formatted with Markdown):
- which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
- how is SonarQube deployed: zip, Docker, Helm
- what are you trying to achieve
- what have you tried so far to achieve this
Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!
Hello first off:
- SonarQube version: 9.9.0.65466
- SonarQube is deployed as docker.
- We are analyzing the code on each PR/MR (GitLab) and nightly analysis of the whole code base.
We are encountering that PR/MR scans do not pick up bugs or code smells discovered only after the whole code base scan is complete nightly.
We are analyzing .Net and JavaScript/Typescript code .Net seems to not have this issue since the compiler raises the issue and the whole file is picked up as PR/MR change in the analysis. But the issue is for Javascript/Typescript code.
Code example:
Code before PR/MR
switch(a) {
case "1":
return "one";
case "2":
return "two";
}
PR/MR changes
switch(a) {
case "1":
"one";
case "2":
"two";
}
As you can see cases were changed so that there are no break or return statements defined this would raise a code smell issue that should stop the PR/MR from being merged. But none of them were raised during the lifetime of the PR/MR. When the whole code analysis was complete 2 code smells would be reported on lines case "1": and case "2": In other words on PR/MR analysis only issues reported on changed lines are reported and others are I guess omitted.
I could not find any documentation for scanner settings or SonarQube project settings where this kind of issues could be detected sooner. I did find this feature request [FR-9] - Jira and https://portal.productboard.com/sonarsource/3-sonarqube/c/295-new-pull-request-issues-on-unchanged-code
Is there anything we could do to report this kind of issues sooner or if this feature request can be bumped up?