We have recently upgraded SonarQube 7.9 to SonarQube 9.9.
Next during testing, we found that a few rules which were not raised in SonarQube 7.9 are raised in SonarQube 9.9 using the same code base.
S3796 is JavaScript rule: So scan report from SonarQube 7.9 is passed but for same code base it failed using SonarQube 9.9. There are few other rules too raised error in SonarQube 9.9.
As SonarQube matures, it gets smarter – existing rule implementations are updated, and new rules are added (and if you’re using the built in quality profile, are automatically applied to your code). Furthermore issues are backdated so they don’t pollute your New Code Period.
So the important question is – is the new issue valid?
Recently we have upgraded our Sonar Server from the “Community Edition Version 7.9.2 (build 30863)” to “Community Edition Version 9.9.1 (build 69595)”.
We had some customized Quality profiles along with default profiles in our server. All these profiles got migrated properly on the upgrade server.
However, while testing the scans on upgraded server, we observed that some of the Rules which are passing on older version are now failing and resulting into bugs on upgraded version.
We are running the scans on same source code and using same profiles on both these servers when we are getting this discrepancy in the scan results.
Couple of examples are:
Rule No
Rule Description in old version
Rule Description in upgraded version
Scan result in old version
Scan result in upgraded version
S3796
Callbacks of array methods should have return statements
Callbacks of array methods should have return statements
Rule is passed
Rule resulted into BLOCKER Bug
S3827
Non-existent variables should not be referenced
Non-existent variables should not be referenced
Rule is passed
Rule resulted into BLOCKER Bug
S930
Function calls should not pass extra arguments
Function calls should not pass extra arguments
Rule is passed
Rule resulted into CRITICAL Bug
Can you please help us understand possible causes for this discrepancy in the scan results on older version vs upgraded version?
Thanks for your response but we need an answer to the question -
The rule is present in Sonar Server “Community Edition Version 7.9.2 (build 30863)” and “Community Edition Version 9.9.1 (build 69595)”.
Then,
Why does Sonar Server “Community Edition Version 9.9.1" raise an error and Sonar Server “Community Edition Version 7.9.2 does not throw any error?
Probably because the rule got smarter. Unless you provide some code, there’s no way to tell you for sure. And, at the end of the day, what matters is if the issue raised is relevant or not.