Pull Request Analysis is scanning entire code instead of changed files

I am using the SonarQube developer edition. My code is having more than 500000 LOC.
SonarQube is throwing below error after every pull request analysis.

the last analysis failed because it would have caused your server-wide lines of code total to exceed your 500000 limit.

Please help me to fix this issue on my side

SonarQube Version 8.9.3
My sonar properties are

  - sonar.ProjectVersion=1.0
  - sonar.analysis.mode=publish
  - sonar.host.url=<sonar_URL>
  - sonar.java.binaries=**/src
  - sonar.login=******
  - sonar.projectBaseDir=/devops/jenkins/workspace/workspace/tm_cicd_b2c_dev/git
  - sonar.projectKey=tm_na_b2c
  - sonar.projectName=tm_na_b2c
  - sonar.pullrequest.base=<target_branch>
  - sonar.pullrequest.branch=<source_branch>
  - sonar.pullrequest.github.endpoint=https://api.github.com/
  - sonar.pullrequest.github.repository=<repo_URL>
  - sonar.pullrequest.key=182
  - sonar.pullrequest.provider=GitHub
  - sonar.scanner.app=ScannerCLI
  - sonar.scanner.appVersion=
  - sonar.sourceEncoding=UTF-8


Are these exactly your parameters, verbatim?

I ask because with sonar.pullrequest.key, sonar.pullrequest.branch and sonar.pullrequest.base, you should be getting a PR analysis and it appears that you’re not.

And at the same time, I notice some things in your parameter list that are off-kilter:

  • sonar.ProjectVersion=1.0 - the correct key is sonar.projectVersion. What you’ve provided will be ignored
  • sonar.analysis.mode=publish - this one hasn’t done anything literally for years
  • sonar.java.binaries=**/src - I sincerely hope your binaries aren’t actually located in your src directory
  • sonar.projectBaseDir=/devops/... - you shouldn’t need to specify this. It’s only useful in very special conditions.
  • sonar.pullrequest.github.endpoint=https://api.github.com/ - should be set server-side. Has no effect when set client-side
  • sonar.pullrequest.github.repository=<repo_URL> - ditto
  • sonar.pullrequest.provider=GitHub - ditto
  • sonar.scanner.app=ScannerCLI - I don’t know what this is.
  • sonar.scanner.appVersion= - same


Hi @ganncamp ,

I have changed the properties like below. Still it is scanning Full code base
Note: not created any GitHub App and linked to SonarQube.

  • sonar.host.url=https://sonar.callawaygolf.com/sonar
  • sonar.java.binaries=**/classes
  • sonar.login=******
  • sonar.projectBaseDir=/devops/jenkins/workspace/workspace/tm_cicd_b2c_dev/builds/hybris_repo/git
  • sonar.projectKey=tm_na_b2c_hybris_commerce
  • sonar.projectName=tm_na_b2c_hybris_commerce
  • sonar.projectVersion=1.0
  • sonar.pullrequest.base=dev_tm_na
  • sonar.pullrequest.branch=dev_ci-cd
  • sonar.pullrequest.key=8346
  • sonar.scanner.app=ScannerCLI
  • sonar.scanner.appVersion=
  • sonar.sourceEncoding=UTF-8
  • sonar.sources=hybris/bin/custom

Uday K M.

Hi Uday,

We seem to have two parallel threads on the same topic, this one and this one. Let’s close this one for now.