Must-share information (formatted with Markdown):
which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
SonarQube Developer Edition - Version 8.0 (build 29455)
Scanner - v4
what are you trying to achieve
I want to verify that all issues reported by SonarQube are resolved in a branch. I want it to do a full rescan, not just show what bugs are new.
what have you tried so far to achieve this
I’ve tried rescanning but that doesn’t give me any new insight on if the existing bugs are no longer an issue.
I appreciate the help!
When you say “all issues reported by SonarQube,” are you looking at a previous analysis of the same branch, or some other branch? If the issues were previously reported on the same branch upon which you’re working to commit fixes, simply analyze it again and the issues should be resolved if they were truly fixed.
A note on our approach to branches: I see you’re running 8.0. We eliminated the distinction between long- and short-lived branches starting in the next release of SonarQube, and in 8.2 made some very nice UX improvements to the display of and contrast between new vs. overall code. If you don’t mind upgrading your SonarQube instance, you could reap these extra benefits. All branches now display both new and overall code and make it quite easy and consistent to tell between analyses whether you’ve resolved existing issues or not.
Hope this helps!
Thanks Jeff! I’ll upgrade to 8.2 today. I created a branch to work on a sonarqube identified bug throughout our code and am not finding it easy to see if those identified bugs have been resolved or not.
This is true, in this use case you won’t truly get confirmation until you merge your code back to the original branch that was analyzed to generate the issue.
SonarLint may help here!
Thanks @Jeff_Zapotoczny, I was thinking about Sonarlint for this issue. So just to verify, 8.2 still won’t give confirmation until merging back to the main branch?
If you’ve already analyzed the branch, in 8.2 you should see the issue had appeared in Overall Code and then disappear from there if successfully fixed.
If you haven’t already analyzed the branch, you’d need to scan it first prior to performing the fix in order to see for sure the issue goes away. Or otherwise you’d just have to compare between branches to confirm that the fix branch does not contain the issue in its Overall Code like the target branch does.