Hi! We recently upgraded our SonarQube from 7.1 to 8.9.1. We noticed that our scan times have gotten significantly longer than before. For example, one scan which used to take just 4-5 seconds, is now showing a scan time of 3 minutes and 52 seconds. Any ideas for how and why this is happening? We are using AWS RDS Postgres 11.10 for our database. Thanks!
You don’t mention your edition, but I believe the taint analysis rules in Developer Edition($) are new since 7.1. They do take extra time because of the nature of that analysis. Additionally, we’ve improved the accuracy of our rules in general for many languages, and that has come at the slight cost of longer analysis times.
And, if you’d like to dig into this further, you can turn on debug logging in your analysis to show exactly where the time is spent and we can look at the details if you still think it’s out of bounds.