Must-share information (formatted with Markdown):
- which versions are you using Sonarqube 10.7
- how is SonarQube deployed: Virtual instance
- Analyze a release branch
The branch has been created from master with new code set to master and multiple Sonarqube analysis have been done. Some of the findings already present on master shows up on the feature branch, but only a minor fraction of them. The findings that are duplicated come from the same commit. In some cases the line numbers are the same, while in other they differ a little.
Why do these findings show up again on the release branch? The findings are spread over several fairly simple rules:
- Unmodified variable “currentAzimuth” of type “float” should be const-qualified.
- Refactor this function to reduce its Cognitive Complexity from Xto the Y allowed
- Use “std::make_shared” to construct “std::shared_ptr”.
- Replace the use of “new” with an operation that automatically manages the memory.
- Add curly braces around the nested statement(s) in this “if” block.
- Member variables should not be “protected”.
- Assign this magic number X to a well-named variable, and use the variable instead.
- Replace this use of “insert” with “try_emplace”.
I wonder why these show up again on the branch. We are doing a full analysis on the branch since we do not create MRs for these. We have a lot of other existing findings that do not show up on our release branch so I fail to see the difference between the two groups.
Any ideas or answers here?
Kristian