Quality Gate passing even though security rating is E

We have a project that passed the quality gate even though there are 7 critical security vulnerability found. I checked the quality profile but we are using the default sonar way. Can you guys help me figure out why? here are some screenshots:

Hey there.

The default Sonar Way is set to focus only on New Code, while your E Rating is on Overall Code. Take a look at the documentation on Clean As You Code to understand more.

If you want the Quality Gate to fail in this context, you would need to create a new Quality Gate and add a condition on Overall Code.

this makes sense Colin thank you. I found out the quality gate differences across projects.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.