We seem to notice that every week or so security hotspots we’ve previously marked as safe are then listed an unreviewed (and cause our pipeline to fail)
Is this a known issue?
Is there some sort of timeout on marking them as safe or anything else that might cause them to be open for review again?
ALM used: GitLab
CI system used: GitLab
Scanner command used when applicable (private details masked)
I have the impression you might be affected by the same issue as SONAR-15352 (which was fixed in SonarQube, but not SonarCloud) where a bad analysis closes the issue and doesn’t keep the issue state when there’s another good analysis.
Do you see anything funny in the Activity tab of the branch that is affected? For example, seeing the number of issues periodically dip down to nothing?