Pull Request analysis in SonrQube shows issues for untouched files

Hello Team,

We are using SonarQube 9.9 version integrated with Jenkins and Bitbucket cloud.
We could see the PR analysis was reporting untouched files but i did notice that the modified code files were importing different classes.

Does sonarqube PR also analyze the dependent file either the modified code file calling the dependent file or vice versa?

Please advise.

Thank you!!

Hey there.

With accurate SCM information, SonarQube should only be reporting issues on changed lines of changed files in a Pull Request. In fact, even if a change causes issues to appear that aren’t on a changed line, they won’t appear in the PR (we consider this a limitation).

What do the logs say about detecting changed files/lines? DEBUG level logs may help as well (sonar-scanner -X)

12:41:18.612 INFO: SCM collecting changed files in the branch
12:41:18.853 INFO: SCM collecting changed files in the branch (done) | time=241ms
12:41:18.853 DEBUG: SCM reported 0 files changed in the branch
12:53:30.951 DEBUG: SCM revision ID 'ef59fea67a9a6b4e6ed8a94411fffff7b72e0f3f'
12:53:31.006 INFO: SCM writing changed lines
12:53:31.007 DEBUG: loading config FileBasedConfig[/proj/jenkins/.config/jgit/config]
12:53:31.030 DEBUG: Merge base sha1: d928d2561a496207fff30bcbe888ecaf1a29e2f6
12:53:31.031 DEBUG: SCM reported changed lines for 0 files in the branch
12:53:31.031 INFO: SCM writing changed lines (done) | time=25ms

Any warnings, informational messages, unexpected results?