At some point (not sure when but I didn’t notice it before) SQ started highlighting a chain of causality (I’m not sure what you call it) where the bug involves multiple separated statements, such as null derefencing (java:S2259) and superfluous conditionals (java:S2583, i.e., “Conditionally executed code should be reachable” where it thinks a conditional always evaluates the same way). This is an awesome feature BTW!
But it seems sometimes for the latter rule, the web portal doesn’t show the causality. In the issue list frame, usually the box for the issue looks like this, with the small +n box next to the bug indication:
But sometimes it isn’t there:
And the ones where it doesn’t appear (and the other ways of getting at the chain of statements that cause the issue are similarly not present) seem to be false positives.
So can you explain under what conditions SQ will show the chain of causality and under what conditions it won’t?