Security hotspot count is spiking periodically with no apparent reason

sureshkrishna · September 13, 2022, 1:48pm

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
what are you trying to achieve
what have you tried so far to achieve this
Enterprise Edition
Version 8.9.1 (build 44547)
The security hotspot count is spiking periodically with no apparent reason.
Between 3 consecutive scans the count will go from around 130 to around 580, then back to ~130 again. I am pretty sure no one is resolving 450 or so in between scans.

ganncamp · September 13, 2022, 4:33pm

Hi,

Thanks for the report.

This is going to be difficult to diagnose without more details.

The next time it spikes, and you attempt to characterize (by file or rule or language or…) the ephemeral Security Hotspots?

Ann

sureshkrishna · September 13, 2022, 5:12pm

While trying to characterize by the security Hotspots, have seen that spike.

ganncamp · September 13, 2022, 5:31pm

Hi,

When you look at the added Security Hotspots themselves, do you see any patterns?

Ann

sureshkrishna · September 13, 2022, 6:01pm

Hi Ann,

Below listed are the details of security hotspots shown for that project

Regrads,
Suresh

sureshkrishna · September 14, 2022, 1:40pm

Under the security hotspots, we can’t see the previous randomly spiked 574 security hotspots. can you please tell me how to retrieve those data to find the pattern details ?

I can see only the current scan result with 107 security hotspots.

ganncamp · September 14, 2022, 1:50pm

Hi,

I’m afraid we’ll have to wait for the next spike and look then.

Ann