Scan failing only on run triggered by Merging a PR

Details:

• ALM used: Azure DevOps
• CI system used: Azure DevOps
• Languages of the repository: C#
• Error observed:
  
  

  image723×92 7.73 KB

Hello,
We have had some issues with Sonarcloud in one of our repos. The scan identifies a critical bug when running the pipeline after a Pull Request merge, but it does not when running the scan against the Pull Request branch; also worth noting that the bug identified by the scan is not in a file changed by the Pull Request.
The bug itself is also a bit strange: a csharpsquid:S2259 error is triggering on a line that has null coalescing setup and on a value that it is assumed not to be null in code before that line.
We are unsure why the scan is only failing on the run triggered by the merge and why it is picking up that line as a bug.

Please let me know if you need any other details,
Cosmin

Hey there.

This might just be some weird timing with deployment of some fixes to null detection on C# at the end of last week.

And, if you believe the issue doesn’t make sense, I recommend adding full details following the guidelines in this post:

Out of curiosity, on the main branch, does this issue pollute the New Code period (or is it on very old code and sits only in the Overall Code?)