ALM used → GitHub
CI system → Azure DevOps
Scanner setup → SonarCloudPrepare@3 SonarCloudAnalyze@3
Languages of the repository : JS, TS
Steps to reproduce →
A feature branch is created from main branch and a file is modified ( some lines are changed)
The main branch has not been analyzed for several days (e.g., ~5 days)
We run PR analysis using:
SonarCloudPrepare@3
SonarCloudAnalyze@3
Observed behavior
When running the PR analysis in this situation:
Sonar reports issues on lines that were not modified in the feature branch
In some cases, it appears to flag issues across the file, not just on changed code
Expected behavior
Sonar to report issues only on lines that were modified in the feature branch
Potential workaround:
Should we run Sonar analysis on every merge into main to ensure correct PR results?
Or is running analysis on main (e.g., nightly) considered sufficient?
Is the observed behavior the expected one?
More specifically:
Does PR analysis depend on the latest analysis snapshot of the target branch (main) ?
If the main branch has not been analyzed recently, can this lead to inaccurate “new code” detection in PRs?
From a best practices perspective:
Should we run Sonar analysis on every merge into main to ensure correct PR results?
Or is running analysis on main (e.g., nightly) considered sufficient?
We are observing inconsistent PR analysis behavior and would like to clarify the expected behavior and recommended setup.
We want to ensure that:
Rogerr257
March 24, 2026, 12:20pm
2
ALM used → GitHub
CI system → Azure DevOps
Scanner setup → SonarCloudPrepare@3 SonarCloudAnalyze@3
Languages of the repository : JS, TS
Steps to reproduce →
A feature branch is created from main branch and a file is modified ( some lines are changed)
The main branch has not been analyzed for several days (e.g., ~5 days)
We run PR analysis using:
SonarCloudPrepare@3
SonarCloudAnalyze@3
Observed behavior
When running the PR analysis in this situation:
Sonar reports issues on lines that were not modified in the feature branch
In some cases, it appears to flag issues across the file, not just on changed code
Expected behavior
Sonar to report issues only on lines that were modified in the feature branch
Potential workaround:
Should we run Sonar analysis on every merge into main to ensure correct PR results?
Or is running analysis on main (e.g., nightly) considered sufficient?
Question Is the observed behavior the expected one?
More specifically:
Does PR analysis depend on the latest analysis snapshot of the target branch (main) ?
If the main branch has not been analyzed recently, can this lead to inaccurate “new code” detection in PRs?
From a best practices perspective:
Should we run Sonar analysis on every merge into main to ensure correct PR results?
Or is running analysis on main (e.g., nightly) considered sufficient?
We are observing inconsistent PR analysis behavior and would like to clarify the expected behavior and recommended setup.
Goal We want to ensure that:
ganncamp
March 25, 2026, 12:25pm
3
Hi,
Welcome to the community, all both of you.
I’ve merged your two identical posts with different usernames. Hopefully this was done in error.
Yes.
You should run analysis on every merge to main as a best practice, and because there are sometimes issues that PR analysis (with its limited scope) can’t find.
Yes.
Thank you a lot for the response. For we will run sonarqube on the main branches every 3 hours to make sure we are up to date